From 9aa596d8c213f450e78805692a114a0c74236038 Mon Sep 17 00:00:00 2001 From: Jonathan Metzman Date: Mon, 30 Jan 2023 16:46:33 -0500 Subject: [PATCH 1/6] upgrade python --- infra/base-images/base-builder/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infra/base-images/base-builder/Dockerfile b/infra/base-images/base-builder/Dockerfile index ce8dad1cc8db..e99adebbe78a 100644 --- a/infra/base-images/base-builder/Dockerfile +++ b/infra/base-images/base-builder/Dockerfile @@ -19,8 +19,8 @@ FROM gcr.io/oss-fuzz-base/base-clang COPY install_deps.sh / RUN /install_deps.sh && rm /install_deps.sh -# Build and install latest Python 3 (3.8.3). -ENV PYTHON_VERSION 3.8.3 +# Build and install latest Python 3 (3.10.8). +ENV PYTHON_VERSION 3.10.8 RUN export PYTHON_DEPS="\ zlib1g-dev \ libncurses5-dev \ From 7aa61e15908821b904d415bccfb28b38d8393b5c Mon Sep 17 00:00:00 2001 From: Jonathan Metzman Date: Tue, 31 Jan 2023 11:41:17 -0500 Subject: [PATCH 2/6] fix airflow --- projects/airflow/build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/projects/airflow/build.sh b/projects/airflow/build.sh index 64444b3fbb75..73ec9cb30406 100644 --- a/projects/airflow/build.sh +++ b/projects/airflow/build.sh @@ -22,4 +22,4 @@ pip3 install . # Build fuzzers in $OUT. cd $SRC -compile_python_fuzzer dag_fuzz.py --add-data airflow:airflow --add-data airflow/airflow:airflow --add-data /usr/local/lib/python3.8/site-packages/cron_descriptor:cron_descriptor +compile_python_fuzzer dag_fuzz.py --add-data airflow:airflow --add-data airflow/airflow:airflow --add-data /usr/local/lib/python3.10/site-packages/cron_descriptor:cron_descriptor From 356599b4d38aea80cd4ed23d9296e562f5eec549 Mon Sep 17 00:00:00 2001 From: Jonathan Metzman Date: Tue, 31 Jan 2023 12:16:22 -0500 Subject: [PATCH 3/6] try --- projects/http-pattern-matcher/Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/projects/http-pattern-matcher/Dockerfile b/projects/http-pattern-matcher/Dockerfile index ab029ccf33e8..93b76a6fa835 100644 --- a/projects/http-pattern-matcher/Dockerfile +++ b/projects/http-pattern-matcher/Dockerfile @@ -17,7 +17,6 @@ FROM gcr.io/oss-fuzz-base/base-builder MAINTAINER nareddyt@google.com -RUN apt-get update && apt-get install python -y RUN git clone https://github.com/google/http_pattern_matcher.git WORKDIR $SRC/http_pattern_matcher/ COPY build.sh $SRC/ From 9009bfa70fa3569f9272f50ff25c59b1b491e491 Mon Sep 17 00:00:00 2001 From: Jonathan Metzman Date: Mon, 6 Feb 2023 19:42:15 -0500 Subject: [PATCH 4/6] hold back --- projects/wheel/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/projects/wheel/Dockerfile b/projects/wheel/Dockerfile index 95b85fb4fbee..23d7cd5f77c7 100644 --- a/projects/wheel/Dockerfile +++ b/projects/wheel/Dockerfile @@ -12,7 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -FROM gcr.io/oss-fuzz-base/base-builder-python -RUN git clone https://github.com/pypa/wheel wheel +FROM gcr.io/oss-fuzz-base/base-builder-python@sha256:254ba32c9e5a630865d0a4121fbe53ff7ba8c8394901005674ffa3de17efcd18 +RUN git clone https://github.com/pypa/wheel COPY *.sh *py $SRC/ WORKDIR $SRC/wheel From 28dff4911108f62cb1b1420e0ba7bfe5a6724ac1 Mon Sep 17 00:00:00 2001 From: Jonathan Metzman Date: Mon, 6 Feb 2023 19:45:34 -0500 Subject: [PATCH 5/6] Hold projects back --- projects/cel-cpp/Dockerfile | 2 +- projects/proto-plus-python/Dockerfile | 4 ++-- projects/pycrypto/Dockerfile | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/projects/cel-cpp/Dockerfile b/projects/cel-cpp/Dockerfile index 48f76f906f22..6690cfa245be 100644 --- a/projects/cel-cpp/Dockerfile +++ b/projects/cel-cpp/Dockerfile @@ -16,7 +16,7 @@ FROM gcr.io/oss-fuzz-base/base-builder -RUN apt-get update && apt-get install python openjdk-11-jdk -y +RUN apt-get update && apt-get install python python3 openjdk-11-jdk -y RUN git clone --depth 1 https://github.com/google/cel-cpp/ COPY build.sh $SRC/ RUN mkdir $SRC/cel-cpp/fuzz/ diff --git a/projects/proto-plus-python/Dockerfile b/projects/proto-plus-python/Dockerfile index 3d915b35ff2b..7f7704f45ce7 100644 --- a/projects/proto-plus-python/Dockerfile +++ b/projects/proto-plus-python/Dockerfile @@ -11,8 +11,8 @@ # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and -# limitations under the License. -FROM gcr.io/oss-fuzz-base/base-builder-python +# limitations under the License +gcr.io/oss-fuzz-base/base-builder-python@sha256:254ba32c9e5a630865d0a4121fbe53ff7ba8c8394901005674ffa3de17efcd18 RUN git clone https://github.com/googleapis/proto-plus-python proto-plus-python COPY *.sh *py $SRC/ WORKDIR $SRC/proto-plus-python diff --git a/projects/pycrypto/Dockerfile b/projects/pycrypto/Dockerfile index 3ea6ad6f716d..2001b54cc442 100644 --- a/projects/pycrypto/Dockerfile +++ b/projects/pycrypto/Dockerfile @@ -14,7 +14,7 @@ # ################################################################################ -FROM gcr.io/oss-fuzz-base/base-builder-python +FROM gcr.io/oss-fuzz-base/base-builder-python@sha256:254ba32c9e5a630865d0a4121fbe53ff7ba8c8394901005674ffa3de17efcd18 RUN git clone https://github.com/pycrypto/pycrypto COPY build.sh *.py $SRC/ WORKDIR pycrypto From a333b023d9d611975581d9df7b6363ec31913531 Mon Sep 17 00:00:00 2001 From: Jonathan Metzman Date: Mon, 6 Feb 2023 21:56:16 -0500 Subject: [PATCH 6/6] fix --- projects/http-pattern-matcher/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/projects/http-pattern-matcher/Dockerfile b/projects/http-pattern-matcher/Dockerfile index 93b76a6fa835..e5d39f0034fb 100644 --- a/projects/http-pattern-matcher/Dockerfile +++ b/projects/http-pattern-matcher/Dockerfile @@ -17,6 +17,7 @@ FROM gcr.io/oss-fuzz-base/base-builder MAINTAINER nareddyt@google.com +RUN apt-get update && apt-get install python python3 -y RUN git clone https://github.com/google/http_pattern_matcher.git WORKDIR $SRC/http_pattern_matcher/ COPY build.sh $SRC/