From 8d04e18419ecffa70ad3c2b4c881061529095030 Mon Sep 17 00:00:00 2001 From: Alex Date: Sat, 25 Nov 2023 11:42:44 +0100 Subject: [PATCH] Add CIFuzz & re-enable CI fuzzing regressions (#1243) Co-authored-by: seladb --- .cirrus.yml | 43 -------------------- .github/workflows/build_and_test.yml | 60 ++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+), 43 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index aae6c5de7b..fd4ccb213c 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -68,49 +68,6 @@ task: - chmod +x codecov - ./codecov -v -f coverage.xml -F zstd -F macos-ventura -F unittest || true -task: - name: Regression Tests Linux (Address Sanitizer) - container: - image: gcr.io/oss-fuzz-base/base-clang - configure_script: - - apt-get update && apt-get install -y cmake git libpcap-dev - - cmake -S . -B $BUILD_DIR -DPCAPPP_USE_SANITIZER=AddressSanitizer -DPCAPPP_BUILD_FUZZERS=ON -DPCAPPP_BUILD_EXAMPLES=OFF - build_script: - - cmake --build $BUILD_DIR -j 2 - test_script: - - export BINARY="$BUILD_DIR/Tests/Fuzzers/FuzzTarget" - - export SAMPLES="Tests/Fuzzers/RegressionTests/regression_samples" - - Tests/Fuzzers/RegressionTests/run_tests.sh - -# Compilation failed due too issue w/ MemPlumber -# task: -# name: Regression Tests Linux (Memory Sanitizer) -# container: -# image: gcr.io/oss-fuzz-base/base-clang -# configure_script: -# - apt-get update && apt-get install -y cmake git libpcap-dev -# - cmake -S . -B $BUILD_DIR -DPCAPPP_USE_SANITIZER=MemorySanitizer -DPCAPPP_BUILD_FUZZERS=ON -DPCAPPP_BUILD_EXAMPLES=OFF -# build_script: -# - cmake --build $BUILD_DIR -j 2 -# test_script: -# - export BINARY="$BUILD_DIR/Tests/Fuzzers/FuzzTarget" -# - export SAMPLES="Tests/Fuzzers/RegressionTests/regression_samples" -# - Tests/Fuzzers/RegressionTests/run_tests.sh - -task: - name: Regression Tests Linux (Undefined Behavior Sanitizer) - container: - image: gcr.io/oss-fuzz-base/base-clang - configure_script: - - apt-get update && apt-get install -y cmake git libpcap-dev - - cmake -S . -B $BUILD_DIR -DPCAPPP_USE_SANITIZER=UndefinedBehaviorSanitizer -DPCAPPP_BUILD_FUZZERS=ON -DPCAPPP_BUILD_EXAMPLES=OFF - build_script: - - cmake --build $BUILD_DIR -j 2 - test_script: - - export BINARY="$BUILD_DIR/Tests/Fuzzers/FuzzTarget" - - export SAMPLES="Tests/Fuzzers/RegressionTests/regression_samples" - - Tests/Fuzzers/RegressionTests/run_tests.sh - task: name: Build Doxygen Documentation container: diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml index 91c26ee0e0..be5ca22137 100644 --- a/.github/workflows/build_and_test.yml +++ b/.github/workflows/build_and_test.yml @@ -568,3 +568,63 @@ jobs: flags: xdp,unittest fail_ci_if_error: false verbose: true + + test_regressions: + name: Run ${{ matrix.engine }}-${{ matrix.sanitizer }} fuzzer for regressions + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + sanitizer: [address, undefined, memory] + engine: [libfuzzer] + container: + image: gcr.io/oss-fuzz-base/base-builder + steps: + - uses: actions/checkout@v4 + - name: Install prerequisites + run: | + apt-get update && apt-get install -y cmake autoconf flex bison + cd .. + cp -r PcapPlusPlus/ $SRC/PcapPlusPlus + git clone --depth=1 https://github.com/the-tcpdump-group/libpcap.git $SRC/libpcap + cd $SRC/PcapPlusPlus/ + - name: Compile fuzzer + run: | + export FUZZING_LANGUAGE=c + export ARCHITECTURE=x86_64 + export FUZZING_ENGINE=${{ matrix.engine }} + export SANITIZER=${{ matrix.sanitizer }} + $SRC/PcapPlusPlus/Tests/Fuzzers/ossfuzz.sh + - name: Check for regressions + run: | + export BINARY="$OUT/FuzzTarget" + export SAMPLES="Tests/Fuzzers/RegressionTests/regression_samples" + Tests/Fuzzers/RegressionTests/run_tests.sh + + Fuzzing: + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + sanitizer: [address, undefined, memory] + steps: + - name: Build Fuzzers + id: build + uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master + with: + oss-fuzz-project-name: 'pcapplusplus' + dry-run: false + sanitizer: ${{ matrix.sanitizer }} + - name: Run Fuzzers + uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master + with: + oss-fuzz-project-name: 'pcapplusplus' + fuzz-seconds: 600 + dry-run: false + sanitizer: ${{ matrix.sanitizer }} + - name: Upload Crash + uses: actions/upload-artifact@v1 + if: failure() && steps.build.outcome == 'success' + with: + name: artifacts + path: ./out/artifacts