From 8da9eaee3414759d2665e274e8066a243c1171ed Mon Sep 17 00:00:00 2001 From: Mohammed Al Sahaf Date: Fri, 27 Mar 2020 03:20:34 +0300 Subject: [PATCH] ci: fuzz: switch engine from libfuzzer to native go-fuzz (#3194) --- .github/workflows/fuzzing.yml | 26 ++++++++++++--------- caddyconfig/caddyfile/parse_fuzz.go | 1 - caddyconfig/httpcaddyfile/addresses_fuzz.go | 1 - listeners_fuzz.go | 1 - replacer_fuzz.go | 1 - 5 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/fuzzing.yml b/.github/workflows/fuzzing.yml index b8a1320c..6f2a2f1e 100644 --- a/.github/workflows/fuzzing.yml +++ b/.github/workflows/fuzzing.yml @@ -36,10 +36,6 @@ jobs: # If we decide we need to prevent this from running on forks, we can use this line: # if: github.repository == 'caddyserver/caddy' run: | - # Install Clang-7.0 because other versions seem to be missing the file libclang_rt.fuzzer-x86_64.a - sudo add-apt-repository "deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-7 main" - wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add - - sudo apt update && sudo apt install -y clang-7 lldb-7 lld-7 go get -v github.com/dvyukov/go-fuzz/go-fuzz github.com/dvyukov/go-fuzz/go-fuzz-build wget -q -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/download/v2.4.77/fuzzit_Linux_x86_64 @@ -51,7 +47,13 @@ jobs: continue-on-error: true env: FUZZIT_API_KEY: ${{ secrets.FUZZIT_API_KEY }} + SYSTEM_PULLREQUEST_SOURCEBRANCH: ${{ github.ref }} + BUILD_SOURCEVERSION: ${{ github.sha }} run: | + # debug + echo "PR Source Branch: $SYSTEM_PULLREQUEST_SOURCEBRANCH" + echo "Source version: $BUILD_SOURCEVERSION" + declare -A fuzzers_funcs=(\ ["./caddyconfig/httpcaddyfile/addresses_fuzz.go"]="FuzzParseAddress" \ ["./caddyconfig/caddyfile/parse_fuzz.go"]="FuzzParseCaddyfile" \ @@ -67,18 +69,20 @@ jobs: ) fuzz_type="local-regression" - if [[ ${{ github.event_name }} == "schedule" ]]; then + if [[ "${{ github.event_name }}" == "schedule" ]]; then fuzz_type="fuzzing" fi - echo "Github event: ${{ github.event_name }}" + echo "Fuzzing type: $fuzz_type" for f in $(find . -name \*_fuzz.go); do - FUZZER_DIRECTORY=$(dirname $f) + FUZZER_DIRECTORY=$(dirname "$f") + echo "go-fuzz-build func ${fuzzers_funcs[$f]} residing in $f" - go-fuzz-build -func "${fuzzers_funcs[$f]}" -libfuzzer -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.a" $FUZZER_DIRECTORY - echo "Generating fuzzer binary of func ${fuzzers_funcs[$f]} which resides in $f" - clang-7 -fsanitize=fuzzer "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.a" -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}" - fuzzit create job caddyserver/${fuzzers_targets[$f]} $FUZZER_DIRECTORY/${fuzzers_targets[$f]} --api-key ${FUZZIT_API_KEY} --type "${fuzz_type}" --branch "${SYSTEM_PULLREQUEST_SOURCEBRANCH}" --revision "${BUILD_SOURCEVERSION}" + + go-fuzz-build -func "${fuzzers_funcs[$f]}" -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.zip" "$FUZZER_DIRECTORY" + + fuzzit create job --engine go-fuzz caddyserver/"${fuzzers_targets[$f]}" "$FUZZER_DIRECTORY"/"${fuzzers_targets[$f]}.zip" --api-key "${FUZZIT_API_KEY}" --type "${fuzz_type}" --branch "${SYSTEM_PULLREQUEST_SOURCEBRANCH}" --revision "${BUILD_SOURCEVERSION}" + echo "Completed $f" done diff --git a/caddyconfig/caddyfile/parse_fuzz.go b/caddyconfig/caddyfile/parse_fuzz.go index a6a698fa..3214e1dd 100644 --- a/caddyconfig/caddyfile/parse_fuzz.go +++ b/caddyconfig/caddyfile/parse_fuzz.go @@ -13,7 +13,6 @@ // limitations under the License. // +build gofuzz -// +build gofuzz_libfuzzer package caddyfile diff --git a/caddyconfig/httpcaddyfile/addresses_fuzz.go b/caddyconfig/httpcaddyfile/addresses_fuzz.go index 26f36963..4ab62984 100644 --- a/caddyconfig/httpcaddyfile/addresses_fuzz.go +++ b/caddyconfig/httpcaddyfile/addresses_fuzz.go @@ -13,7 +13,6 @@ // limitations under the License. // +build gofuzz -// +build gofuzz_libfuzzer package httpcaddyfile diff --git a/listeners_fuzz.go b/listeners_fuzz.go index 826c57e8..823d0beb 100644 --- a/listeners_fuzz.go +++ b/listeners_fuzz.go @@ -13,7 +13,6 @@ // limitations under the License. // +build gofuzz -// +build gofuzz_libfuzzer package caddy diff --git a/replacer_fuzz.go b/replacer_fuzz.go index 6d40cf73..2c27f01a 100644 --- a/replacer_fuzz.go +++ b/replacer_fuzz.go @@ -13,7 +13,6 @@ // limitations under the License. // +build gofuzz -// +build gofuzz_libfuzzer package caddy