Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make centipede a default fuzzer #9300

Merged
merged 16 commits into from
Feb 8, 2023
4 changes: 4 additions & 0 deletions projects/cfengine/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@ language: c++
primary_contact: "[email protected]"
auto_ccs:
- "[email protected]"
fuzzing_engines:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it OK to skip these?
I thought we will need to support Centipede eventually...

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Another question:
I noticed that you disabled some projects, even though they build successfully in my PR (I highlighted them in the sheet, 537db38f is my build ID and 9b99ff13 is yours.)
I also tested curl on your branch locally, and found it can build and pass the bad_build_test.
Would you mind reminding me why they are disabled? Thanks!

Copy link
Contributor Author

@jonathanmetzman jonathanmetzman Feb 8, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it OK to skip these? I thought we will need to support Centipede eventually...

We don't need it now and we don't want build breakages now.

I noticed that you disabled some projects

Because they don't work without -lc++. I think we should consider adding that change at a later time.
There's about 10 projects that don't work without this, they are not doing what oss-fuzz asks and I'm not sure it's worth making a hack to support them. It might be better to force them to meet "our API" which requires using CXX to link.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it's probably going to be a long time before projects won't be able to use oss-fuzz unless they support centipede.

- afl
- honggfuzz
- libfuzzer
sanitizers:
- address
- undefined
Expand Down
4 changes: 4 additions & 0 deletions projects/cpython3/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,10 @@ main_repo: "https://github.com/python/cpython"
auto_ccs:
- "[email protected]"
- "[email protected]"
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
sanitizers:
- address
- memory
Expand Down
4 changes: 4 additions & 0 deletions projects/cras/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -19,5 +19,9 @@ sanitizers:
- address
- memory
- undefined
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
builds_per_day: 4
main_repo: 'https://chromium.googlesource.com/chromiumos/third_party/adhd'
4 changes: 4 additions & 0 deletions projects/curl/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,10 @@ sanitizers:
- address
- undefined
- memory
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
architectures:
- x86_64
- i386
Expand Down
4 changes: 4 additions & 0 deletions projects/cyclonedds/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,10 @@ language: c
auto_ccs:
- "[email protected]"
primary_contact: "[email protected]"
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
sanitizers:
- address
- undefined
Expand Down
6 changes: 5 additions & 1 deletion projects/ecc-diff-fuzzer/project.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,11 @@
homepage: "https://github.com/catenacyber/elliptic-curve-differential-fuzzer"
language: c++
primary_contact: "[email protected]"

fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
main_repo: https://github.com/catenacyber/elliptic-curve-differential-fuzzer
architectures:
- x86_64
- i386
4 changes: 4 additions & 0 deletions projects/ffmpeg/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,5 +12,9 @@ auto_ccs:
- "[email protected]"
- "[email protected]"
- "[email protected]"
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
selective_unpack: true
main_repo: 'https://git.ffmpeg.org/ffmpeg.git'
4 changes: 4 additions & 0 deletions projects/fluent-bit/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,7 @@ auto_ccs:
- "[email protected]"
- "[email protected]"
main_repo: 'https://github.com/fluent/fluent-bit/'
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
2 changes: 1 addition & 1 deletion projects/gdbm/build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ make -j$(nproc) all
# Build fuzzer
cd fuzz
$CC $CFLAGS -c -I.. -I../src -I../tools -ogdbm_fuzzer.o gdbm_fuzzer.c
$CXX $CFLAGS -ogdbm_fuzzer gdbm_fuzzer.o ../tools/libgdbmapp.a ../src/.libs/libgdbm.a $LIB_FUZZING_ENGINE
$CXX $CXXFLAGS -ogdbm_fuzzer gdbm_fuzzer.o ../tools/libgdbmapp.a ../src/.libs/libgdbm.a $LIB_FUZZING_ENGINE

cp gdbm_fuzzer $OUT
cp gdbm_fuzzer.rc $OUT
Expand Down
6 changes: 4 additions & 2 deletions projects/karchive/build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -60,8 +60,10 @@ make install -j$(nproc)
cd $SRC
cd qtbase
# add the flags to Qt build too
sed -i -e "s/QMAKE_CXXFLAGS += -stdlib=libc++/QMAKE_CXXFLAGS += -stdlib=libc++ $CXXFLAGS\nQMAKE_CFLAGS += $CFLAGS/g" mkspecs/linux-clang-libc++/qmake.conf
sed -i -e "s/QMAKE_LFLAGS += -stdlib=libc++/QMAKE_LFLAGS += -stdlib=libc++ -lpthread $CXXFLAGS/g" mkspecs/linux-clang-libc++/qmake.conf
# Use ~ as sed delimiters instead of the usual "/" because C(XX)FLAGS may
# contain paths with slashes.
sed -i -e "s~QMAKE_CXXFLAGS += -stdlib=libc++~QMAKE_CXXFLAGS += -stdlib=libc++ $CXXFLAGS\nQMAKE_CFLAGS += $CFLAGS~g" mkspecs/linux-clang-libc++/qmake.conf
sed -i -e "s~QMAKE_LFLAGS += -stdlib=libc++~QMAKE_LFLAGS += -stdlib=libc++ -lpthread $CXXFLAGS~g" mkspecs/linux-clang-libc++/qmake.conf
# make qmake compile faster
sed -i -e "s/MAKE\")/MAKE\" -j$(nproc))/g" configure
# add QT_NO_WARNING_OUTPUT to make the output a bit cleaner by not containing lots of QBuffer::seek: Invalid pos
Expand Down
6 changes: 5 additions & 1 deletion projects/karchive/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,8 @@ sanitizers:
# Disabled MSAN because of https://github.com/google/oss-fuzz/issues/6294
# - memory
- undefined
main_repo: 'https://invent.kde.org/frameworks/karchive.git'
main_repo: 'https://invent.kde.org/frameworks/karchive.git'
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
6 changes: 4 additions & 2 deletions projects/kcodecs/build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -37,8 +37,10 @@ make install
cd $SRC
cd qtbase
# add the flags to Qt build too
sed -i -e "s/QMAKE_CXXFLAGS += -stdlib=libc++/QMAKE_CXXFLAGS += -stdlib=libc++ $CXXFLAGS\nQMAKE_CFLAGS += $CFLAGS/g" mkspecs/linux-clang-libc++/qmake.conf
sed -i -e "s/QMAKE_LFLAGS += -stdlib=libc++/QMAKE_LFLAGS += -stdlib=libc++ -lpthread $CXXFLAGS/g" mkspecs/linux-clang-libc++/qmake.conf
# Use ~ as sed delimiters instead of the usual "/" because C(XX)FLAGS may
# contain paths with slashes.
sed -i -e "s~QMAKE_CXXFLAGS += -stdlib=libc++~QMAKE_CXXFLAGS += -stdlib=libc++ $CXXFLAGS\nQMAKE_CFLAGS += $CFLAGS~g" mkspecs/linux-clang-libc++/qmake.conf
sed -i -e "s~QMAKE_LFLAGS += -stdlib=libc++~QMAKE_LFLAGS += -stdlib=libc++ -lpthread $CXXFLAGS~g" mkspecs/linux-clang-libc++/qmake.conf
# make qmake compile faster
sed -i -e "s/MAKE\")/MAKE\" -j$(nproc))/g" configure
./configure --zlib=qt --glib=no --libpng=qt -opensource -confirm-license -static -no-opengl -no-icu -platform linux-clang-libc++ -v
Expand Down
6 changes: 5 additions & 1 deletion projects/kcodecs/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,8 @@ sanitizers:
# Disabled MSAN because of https://github.com/google/oss-fuzz/issues/6294
# - memory
- undefined
main_repo: 'https://invent.kde.org/frameworks/kcodecs.git'
main_repo: 'https://invent.kde.org/frameworks/kcodecs.git'
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
8 changes: 5 additions & 3 deletions projects/kimageformats/build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ CFLAGS="$CFLAGS -fno-sanitize=function,vptr"
CXXFLAGS="$CXXFLAGS -fno-sanitize=function,vptr"
autoreconf --install
./configure --disable-examples
make -j$(nproc)
make -j$(nproc)
make install -j$(nproc)
CFLAGS=$TMP_CFLAGS
CXXFLAGS=$TMP_CXXFLAGS
Expand All @@ -46,8 +46,10 @@ make install -j$(nproc)
cd $SRC
cd qtbase
# add the flags to Qt build too
sed -i -e "s/QMAKE_CXXFLAGS += -stdlib=libc++/QMAKE_CXXFLAGS += -stdlib=libc++ $CXXFLAGS\nQMAKE_CFLAGS += $CFLAGS/g" mkspecs/linux-clang-libc++/qmake.conf
sed -i -e "s/QMAKE_LFLAGS += -stdlib=libc++/QMAKE_LFLAGS += -stdlib=libc++ -lpthread $CXXFLAGS/g" mkspecs/linux-clang-libc++/qmake.conf
# Use ~ as sed delimiters instead of the usual "/" because C(XX)FLAGS may
# contain paths with slashes.
sed -i -e "s~QMAKE_CXXFLAGS += -stdlib=libc++~QMAKE_CXXFLAGS += -stdlib=libc++ $CXXFLAGS\nQMAKE_CFLAGS += $CFLAGS~g" mkspecs/linux-clang-libc++/qmake.conf
sed -i -e "s~QMAKE_LFLAGS += -stdlib=libc++~QMAKE_LFLAGS += -stdlib=libc++ -lpthread $CXXFLAGS~g" mkspecs/linux-clang-libc++/qmake.conf
# disable sanitize=vptr for harfbuzz since it compiles without rtti
sed -i -e "s/TARGET = qtharfbuzz/TARGET = qtharfbuzz\nQMAKE_CXXFLAGS += -fno-sanitize=vptr/g" src/3rdparty/harfbuzz-ng/harfbuzz-ng.pro
# make qmake compile faster
Expand Down
4 changes: 4 additions & 0 deletions projects/kimageformats/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,7 @@ sanitizers:
main_repo: 'https://invent.kde.org/frameworks/kimageformats.git'
auto_ccs:
- [email protected]
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
4 changes: 4 additions & 0 deletions projects/libpsl/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,7 @@ primary_contact: "[email protected]"
auto_ccs:
- "[email protected]"
main_repo: 'https://github.com/rockdaboot/libpsl.git'
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
4 changes: 4 additions & 0 deletions projects/libtorrent/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,7 @@ auto_ccs:
- "[email protected]"
- "[email protected]"
main_repo: 'https://github.com/arvidn/libtorrent.git'
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
4 changes: 4 additions & 0 deletions projects/libvnc/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,7 @@ auto_ccs:
- "[email protected]"
- "[email protected]"
main_repo: 'https://github.com/LibVNC/libvncserver.git'
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
6 changes: 4 additions & 2 deletions projects/lua/build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,10 @@
#
################################################################################

sed "s/CFLAGS=/CFLAGS+=/g" -i $SRC/lua/makefile
sed "s/MYLDFLAGS=/MYLDFLAGS=${CFLAGS} /g" -i $SRC/lua/makefile
# Use ~ as sed delimiters instead of the usual "/" because C(XX)FLAGS may
# contain paths with slashes.
sed "s~CFLAGS=~CFLAGS+=~g" -i $SRC/lua/makefile
sed "s~MYLDFLAGS=~MYLDFLAGS=${CFLAGS} ~g" -i $SRC/lua/makefile
sed "s|CC= gcc|CC= ${CC}|g" -i $SRC/lua/makefile

cd $SRC/lua
Expand Down
4 changes: 4 additions & 0 deletions projects/lua/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,7 @@ auto_ccs:
- "[email protected]"
- "[email protected]"
main_repo: 'https://github.com/lua/lua'
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
7 changes: 7 additions & 0 deletions projects/lxc/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,3 +10,10 @@ auto_ccs:
- [email protected]
- [email protected]
main_repo: "https://github.com/lxc/lxc"
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
# - centipede
# Don't use centipede because it can't handle fuzz targets with "config" in
# the name.
4 changes: 4 additions & 0 deletions projects/net-snmp/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,3 +8,7 @@ auto_ccs:
- "[email protected]"
- "[email protected]"
main_repo: 'git://git.code.sf.net/p/net-snmp/code'
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
4 changes: 4 additions & 0 deletions projects/netcdf/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,7 @@ sanitizers:
- address
- undefined
main_repo: 'https://github.com/Unidata/netcdf-c'
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
4 changes: 4 additions & 0 deletions projects/opensc/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,3 +10,7 @@ auto_ccs:
- "[email protected]"
- "[email protected]"
main_repo: 'https://github.com/OpenSC/OpenSC'
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
4 changes: 4 additions & 0 deletions projects/opensips/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,3 +8,7 @@ auto_ccs:
- "[email protected]"
- "[email protected]"
- "[email protected]"
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
4 changes: 4 additions & 0 deletions projects/php/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,10 @@ auto_ccs:
- "[email protected]"
- "[email protected]"
- "[email protected]"
fuzzing_engines:
- "afl"
- "honggfuzz"
- "libfuzzer"
sanitizers:
- address
- undefined
Expand Down
4 changes: 4 additions & 0 deletions projects/pigweed/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,3 +16,7 @@ auto_ccs:
sanitizers:
- address
main_repo: 'https://pigweed.googlesource.com/pigweed/pigweed'
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
4 changes: 4 additions & 0 deletions projects/poppler/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,10 @@ sanitizers:
- address
- memory
- undefined
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
auto_ccs:
- [email protected]
- [email protected]
Expand Down
4 changes: 4 additions & 0 deletions projects/proftpd/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,3 +7,7 @@ auto_ccs:
sanitizers:
- address
- undefined
fuzzing_engines:
- "afl"
- "honggfuzz"
- "libfuzzer"
2 changes: 2 additions & 0 deletions projects/skia/build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,8 @@ elif [ $SANITIZER == "coverage" ]; then
CMAKE_SANITIZER="SWIFTSHADER_EMIT_COVERAGE"
elif [ $SANITIZER == "thread" ]; then
CMAKE_SANITIZER="SWIFTSHADER_UBSAN_DISABLED"
elif [ $SANITIZER == "none" ]; then
CMAKE_SANITIZER="SWIFTSHADER_UBSAN_DISABLED"
else
exit 1
fi
Expand Down
4 changes: 4 additions & 0 deletions projects/sound-open-firmware/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,4 +8,8 @@ auto_ccs:
- "[email protected]"
- "[email protected]"
- "[email protected]"
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
main_repo: "https://github.com/thesofproject/sof"
2 changes: 1 addition & 1 deletion projects/spdk/build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -29,4 +29,4 @@ $CXX $CXXFLAGS -I/src/spdk -I/src/spdk/include \
$CXX $CXXFLAGS $LIB_FUZZING_ENGINE \
parse_json_fuzzer.o -o $OUT/parse_json_fuzzer \
/src/spdk/build/lib/libspdk_env_dpdk.a \
/src/spdk/build/lib/libspdk_json.a
/src/spdk/build/lib/libspdk_json.a
4 changes: 4 additions & 0 deletions projects/spdk/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,7 @@ sanitizers:
- address
- undefined
- memory
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
4 changes: 4 additions & 0 deletions projects/suricata/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,4 +8,8 @@ sanitizers:
- address
- memory
- undefined
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
main_repo: 'https://github.com/OISF/suricata.git'
6 changes: 5 additions & 1 deletion projects/tpm2-tss/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,13 @@ primary_contact: "[email protected]"
auto_ccs:
- "[email protected]"
- "[email protected]"
fuzzing_engines:
- "afl"
- "honggfuzz"
- "libfuzzer"
sanitizers:
- address
# Disabled MSAN because of https://github.com/google/oss-fuzz/issues/6294
# - memory
- undefined
main_repo: 'https://github.com/tstruk/tpm2-tss.git'
main_repo: 'https://github.com/tstruk/tpm2-tss.git'
7 changes: 5 additions & 2 deletions projects/utf8proc/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@ auto_ccs:
sanitizers:
- address
- memory
- undefined
- undefined
main_repo: 'https://github.com/JuliaStrings/utf8proc'

fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
4 changes: 4 additions & 0 deletions projects/varnish/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,7 @@ auto_ccs:
- "[email protected]"
- "[email protected]"
main_repo: 'https://github.com/varnishcache/varnish-cache'
fuzzing_engines:
- "afl"
- "honggfuzz"
- "libfuzzer"
4 changes: 4 additions & 0 deletions projects/vlc/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,3 +8,7 @@ sanitizers:
- address
- undefined
main_repo: 'https://github.com/videolan/vlc'
fuzzing_engines:
- afl
- honggfuzz
- libfuzzer
4 changes: 4 additions & 0 deletions projects/wget/project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,8 @@ auto_ccs:
- "[email protected]"
- "[email protected]"
- "[email protected]"
fuzzing_engines:
- "afl"
- "honggfuzz"
- "libfuzzer"
main_repo: 'https://git.savannah.gnu.org/git/wget.git'