diff options
author | DavidKorczynski <david@adalogics.com> | 2022-04-04 02:35:58 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-04-04 11:35:58 +1000 |
commit | 4ff34a956e820753b94379baa6c29518f357f534 (patch) | |
tree | d5d6e96858ba801ab704702b36c0d3f6226334bb | |
parent | 10fdf2878d527401ec249a53c7027f29bc7c33fe (diff) |
infra: fuzz-introspector updates and bump (#7497)
* infra: remove use of git_repo_url to fuzz-introspector
* libarchive,fluent-bit: add fuzz-introspector exclusion config
* fuzz-introspector: bump
Co-authored-by: Oliver Chang <oliverchang@users.noreply.github.com>
-rwxr-xr-x | infra/base-images/base-builder/compile | 2 | ||||
-rw-r--r-- | infra/base-images/base-clang/Dockerfile | 2 | ||||
-rwxr-xr-x | infra/helper.py | 1 | ||||
-rwxr-xr-x | projects/fluent-bit/build.sh | 8 | ||||
-rwxr-xr-x | projects/libarchive/build.sh | 8 |
5 files changed, 18 insertions, 3 deletions
diff --git a/infra/base-images/base-builder/compile b/infra/base-images/base-builder/compile index 372e89a8..9a205cf4 100755 --- a/infra/base-images/base-builder/compile +++ b/infra/base-images/base-builder/compile @@ -217,7 +217,7 @@ if [ "$SANITIZER" = "introspector" ]; then cd $SRC/inspector python3 /fuzz-introspector/post-processing/main.py correlate --binaries_dir=$OUT/ - python3 /fuzz-introspector/post-processing/main.py report --target_dir=$SRC/inspector --git_repo_url=$GIT_REPO --coverage_url=$COVERAGE_URL --correlation_file=exe_to_fuzz_introspector_logs.yaml + python3 /fuzz-introspector/post-processing/main.py report --target_dir=$SRC/inspector --coverage_url=$COVERAGE_URL --correlation_file=exe_to_fuzz_introspector_logs.yaml cp -rf $SRC/inspector $OUT/inspector fi diff --git a/infra/base-images/base-clang/Dockerfile b/infra/base-images/base-clang/Dockerfile index 7c653037..70978fc3 100644 --- a/infra/base-images/base-clang/Dockerfile +++ b/infra/base-images/base-clang/Dockerfile @@ -36,7 +36,7 @@ RUN apt-get update && apt-get install -y wget sudo && \ RUN apt-get update && apt-get install -y git && \ git clone https://github.com/ossf/fuzz-introspector.git fuzz-introspector && \ cd fuzz-introspector && \ - git checkout 43402fa9e2eb752d16f8edc276fb7698c4ca8147 && \ + git checkout a5b53ca79684f206832fe3388164f66611405bfc && \ apt-get remove --purge -y git COPY checkout_build_install_llvm.sh /root/ diff --git a/infra/helper.py b/infra/helper.py index b948c9f0..2478048a 100755 --- a/infra/helper.py +++ b/infra/helper.py @@ -641,7 +641,6 @@ def build_fuzzers_impl( # pylint: disable=too-many-arguments,too-many-locals,to 'FUZZING_ENGINE=' + engine, 'SANITIZER=' + sanitizer, 'ARCHITECTURE=' + architecture, - 'GIT_REPO=', # TODO(navidem): load from main_repo in project.yaml. ] _add_oss_fuzz_ci_if_needed(env) diff --git a/projects/fluent-bit/build.sh b/projects/fluent-bit/build.sh index 454fc93e..90056e23 100755 --- a/projects/fluent-bit/build.sh +++ b/projects/fluent-bit/build.sh @@ -14,6 +14,14 @@ # limitations under the License. # ################################################################################ + +# For fuzz-introspector, cxclude all functions in the fluent-bit/lib/ directory +export FUZZ_INTROSPECTOR_CONFIG=$SRC/fuzz_introspector_exclusion.config +cat > $FUZZ_INTROSPECTOR_CONFIG <<EOF +FILES_TO_AVOID +fluent-bit/lib +EOF + cd fluent-bit sed -i 's/malloc(/fuzz_malloc(/g' ./lib/msgpack-c/src/zone.c sed -i 's/struct msgpack_zone_chunk {/void *fuzz_malloc(size_t size) {if (size > 0xa00000) return NULL;\nreturn malloc(size);}\nstruct msgpack_zone_chunk {/g' ./lib/msgpack-c/src/zone.c diff --git a/projects/libarchive/build.sh b/projects/libarchive/build.sh index 6d55967f..187796cc 100755 --- a/projects/libarchive/build.sh +++ b/projects/libarchive/build.sh @@ -15,6 +15,14 @@ # ################################################################################ +# For fuzz-introspector. This is to exclude all libxml2 code from the +# fuzz-introspector reports. +export FUZZ_INTROSPECTOR_CONFIG=$SRC/fuzz_introspector_exclusion.config +cat > $FUZZ_INTROSPECTOR_CONFIG <<EOF +FILES_TO_AVOID +libxml2 +EOF + # compile libxml2 from source so we can statically link DEPS=/deps mkdir ${DEPS} |