From bec0ea2d91478a2207119ea424829617b75589e9 Mon Sep 17 00:00:00 2001 From: Evgeny Vereshchagin Date: Mon, 6 Dec 2021 19:30:54 +0000 Subject: [PATCH] ci: turn on ClusterFuzzLite --- .clusterfuzzlite/Dockerfile | 9 +++++++++ .clusterfuzzlite/project.yaml | 1 + .github/workflows/cflite_build.yml | 24 +++++++++++++++++++++++ .github/workflows/cflite_pr.yml | 31 ++++++++++++++++++++++++++++++ 4 files changed, 65 insertions(+) create mode 100644 .clusterfuzzlite/Dockerfile create mode 100644 .clusterfuzzlite/project.yaml create mode 100644 .github/workflows/cflite_build.yml create mode 100644 .github/workflows/cflite_pr.yml diff --git a/.clusterfuzzlite/Dockerfile b/.clusterfuzzlite/Dockerfile new file mode 100644 index 00000000..cd8143ce --- /dev/null +++ b/.clusterfuzzlite/Dockerfile @@ -0,0 +1,9 @@ +FROM gcr.io/oss-fuzz-base/base-builder:v1 +RUN apt-get update && \ + apt-get install -y pkg-config make autoconf autopoint zlib1g-dev flex bison gawk +COPY . $SRC/elfutils +RUN git clone --depth 1 https://github.com/google/oss-fuzz && \ + cp oss-fuzz/projects/elfutils/build.sh $SRC/ && \ + cp oss-fuzz/projects/elfutils/fuzz-dwfl-core.c $SRC/ && \ + cp oss-fuzz/projects/elfutils/fuzz-dwfl-core_seed_corpus.zip $SRC/ +WORKDIR elfutils diff --git a/.clusterfuzzlite/project.yaml b/.clusterfuzzlite/project.yaml new file mode 100644 index 00000000..b455aa39 --- /dev/null +++ b/.clusterfuzzlite/project.yaml @@ -0,0 +1 @@ +language: c diff --git a/.github/workflows/cflite_build.yml b/.github/workflows/cflite_build.yml new file mode 100644 index 00000000..c2e07d81 --- /dev/null +++ b/.github/workflows/cflite_build.yml @@ -0,0 +1,24 @@ +name: ClusterFuzzLite continuous builds +on: + push: + branches: [main] + +permissions: read-all + +jobs: + Build: + runs-on: ubuntu-latest + concurrency: + group: ${{ github.workflow }}-${{ matrix.sanitizer }}-${{ github.ref }} + cancel-in-progress: true + strategy: + fail-fast: false + matrix: + sanitizer: [address, undefined, memory] + steps: + - name: Build Fuzzers (${{ matrix.sanitizer }}) + id: build + uses: google/clusterfuzzlite/actions/build_fuzzers@v1 + with: + sanitizer: ${{ matrix.sanitizer }} + upload-build: true diff --git a/.github/workflows/cflite_pr.yml b/.github/workflows/cflite_pr.yml new file mode 100644 index 00000000..f6014574 --- /dev/null +++ b/.github/workflows/cflite_pr.yml @@ -0,0 +1,31 @@ +name: ClusterFuzzLite PR fuzzing +on: + pull_request: + branches: [main] + +permissions: read-all + +jobs: + PR: + runs-on: ubuntu-latest + concurrency: + group: ${{ github.workflow }}-${{ matrix.sanitizer }}-${{ github.ref }} + cancel-in-progress: true + strategy: + fail-fast: false + matrix: + sanitizer: [address, undefined, memory] + steps: + - name: Build Fuzzers (${{ matrix.sanitizer }}) + id: build + uses: google/clusterfuzzlite/actions/build_fuzzers@v1 + with: + sanitizer: ${{ matrix.sanitizer }} + - name: Run Fuzzers (${{ matrix.sanitizer }}) + id: run + uses: google/clusterfuzzlite/actions/run_fuzzers@v1 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + fuzz-seconds: 180 + mode: 'code-change' + sanitizer: ${{ matrix.sanitizer }}