summaryrefslogtreecommitdiff
path: root/.github/workflows
diff options
context:
space:
mode:
authorMohammed Al Sahaf <msaa1990@gmail.com>2020-03-27 03:20:34 +0300
committerGitHub <noreply@github.com>2020-03-26 18:20:34 -0600
commit8da9eaee3414759d2665e274e8066a243c1171ed (patch)
treea863a26afd55ad1ec67493fb40398227bf0f6fad /.github/workflows
parentea3688e1c057a042bbae97175f42eb4ec3029667 (diff)
ci: fuzz: switch engine from libfuzzer to native go-fuzz (#3194)
Diffstat (limited to '.github/workflows')
-rw-r--r--.github/workflows/fuzzing.yml26
1 files changed, 15 insertions, 11 deletions
diff --git a/.github/workflows/fuzzing.yml b/.github/workflows/fuzzing.yml
index b8a1320..6f2a2f1 100644
--- a/.github/workflows/fuzzing.yml
+++ b/.github/workflows/fuzzing.yml
@@ -36,10 +36,6 @@ jobs:
# If we decide we need to prevent this from running on forks, we can use this line:
# if: github.repository == 'caddyserver/caddy'
run: |
- # Install Clang-7.0 because other versions seem to be missing the file libclang_rt.fuzzer-x86_64.a
- sudo add-apt-repository "deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-7 main"
- wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add -
- sudo apt update && sudo apt install -y clang-7 lldb-7 lld-7
go get -v github.com/dvyukov/go-fuzz/go-fuzz github.com/dvyukov/go-fuzz/go-fuzz-build
wget -q -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/download/v2.4.77/fuzzit_Linux_x86_64
@@ -51,7 +47,13 @@ jobs:
continue-on-error: true
env:
FUZZIT_API_KEY: ${{ secrets.FUZZIT_API_KEY }}
+ SYSTEM_PULLREQUEST_SOURCEBRANCH: ${{ github.ref }}
+ BUILD_SOURCEVERSION: ${{ github.sha }}
run: |
+ # debug
+ echo "PR Source Branch: $SYSTEM_PULLREQUEST_SOURCEBRANCH"
+ echo "Source version: $BUILD_SOURCEVERSION"
+
declare -A fuzzers_funcs=(\
["./caddyconfig/httpcaddyfile/addresses_fuzz.go"]="FuzzParseAddress" \
["./caddyconfig/caddyfile/parse_fuzz.go"]="FuzzParseCaddyfile" \
@@ -67,18 +69,20 @@ jobs:
)
fuzz_type="local-regression"
- if [[ ${{ github.event_name }} == "schedule" ]]; then
+ if [[ "${{ github.event_name }}" == "schedule" ]]; then
fuzz_type="fuzzing"
fi
- echo "Github event: ${{ github.event_name }}"
+
echo "Fuzzing type: $fuzz_type"
for f in $(find . -name \*_fuzz.go); do
- FUZZER_DIRECTORY=$(dirname $f)
+ FUZZER_DIRECTORY=$(dirname "$f")
+
echo "go-fuzz-build func ${fuzzers_funcs[$f]} residing in $f"
- go-fuzz-build -func "${fuzzers_funcs[$f]}" -libfuzzer -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.a" $FUZZER_DIRECTORY
- echo "Generating fuzzer binary of func ${fuzzers_funcs[$f]} which resides in $f"
- clang-7 -fsanitize=fuzzer "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.a" -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}"
- fuzzit create job caddyserver/${fuzzers_targets[$f]} $FUZZER_DIRECTORY/${fuzzers_targets[$f]} --api-key ${FUZZIT_API_KEY} --type "${fuzz_type}" --branch "${SYSTEM_PULLREQUEST_SOURCEBRANCH}" --revision "${BUILD_SOURCEVERSION}"
+
+ go-fuzz-build -func "${fuzzers_funcs[$f]}" -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.zip" "$FUZZER_DIRECTORY"
+
+ fuzzit create job --engine go-fuzz caddyserver/"${fuzzers_targets[$f]}" "$FUZZER_DIRECTORY"/"${fuzzers_targets[$f]}.zip" --api-key "${FUZZIT_API_KEY}" --type "${fuzz_type}" --branch "${SYSTEM_PULLREQUEST_SOURCEBRANCH}" --revision "${BUILD_SOURCEVERSION}"
+
echo "Completed $f"
done