ci: run the fuzz target on PRs (#4378)

* ci: run the fuzz target on PRs using https://google.github.io/oss-fuzz/getting-started/continuous-integration/ It downloads the corpus OSS-Fuzz has accumulated so far (including the test cases that triggered issues in the past) and runs the fuzz target with it. It should help to catch most regressions when PRs are opened. Prompted by https://github.com/secdev/scapy/pull/4373. * dcerpc: turn print into log_runtime.warning to make it possible to turn it off with logging.disable(). (it should help to make the fuzz target less chatty among other things because it seems to be the only dissector (covered by the fuzz target) printing messages like that directly)
2024-07-01 21:28:11 +03:00 · 2024-07-01 21:28:11 +03:00 · 37d941267e
parent 8ed8647688
commit 37d941267e
2 changed files with 40 additions and 1 deletions
--- a/.github/workflows/cifuzz.yml
+++ b/.github/workflows/cifuzz.yml
@ -0,0 +1,39 @@
+name: CIFuzz
+
+on:
+  pull_request:
+    branches: [master]
+
+permissions:
+  contents: read
+
+jobs:
+  Fuzzing:
+    runs-on: ubuntu-latest
+    if: github.repository == 'secdev/scapy'
+    concurrency:
+      group: ${{ github.workflow }}-${{ github.ref }}
+      cancel-in-progress: true
+
+    steps:
+      - name: Build Fuzzers
+        id: build
+        uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
+        with:
+          oss-fuzz-project-name: 'scapy'
+          language: python
+          dry-run: false
+          allowed-broken-targets-percentage: 0
+      - name: Run Fuzzers
+        uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
+        with:
+          oss-fuzz-project-name: 'scapy'
+          language: python
+          dry-run: false
+          fuzz-seconds: 300
+      - name: Upload Crash
+        uses: actions/upload-artifact@v4
+        if: failure() && steps.build.outcome == 'success'
+        with:
+          name: artifacts
+          path: ./out/artifacts
--- a/scapy/layers/dcerpc.py
+++ b/scapy/layers/dcerpc.py
@ -3000,7 +3000,7 @@ class DceRpc4Payload(Packet):
        for klass in cls._payload_class:
            if hasattr(klass, "can_handle") and klass.can_handle(_pkt, _underlayer):
                return klass
-        print("DCE/RPC payload class not found or undefined (using Raw)")
+        log_runtime.warning("DCE/RPC payload class not found or undefined (using Raw)")
        return Raw

    @classmethod