Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' into go-ngolo-1229
Browse files Browse the repository at this point in the history
DavidKorczynski authored Jan 2, 2025

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
2 parents 9bdd8f4 + 2e0e917 commit a1bc9da
Showing 22 changed files with 308 additions and 70 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/project_tests.yml
Original file line number Diff line number Diff line change
@@ -68,7 +68,7 @@ jobs:
sudo swapoff -a
sudo rm -f /swapfile
sudo apt clean
docker rmi $(docker images -a -q)
docker rmi $(docker images -a -q) || true
df -h
echo "Remove large unused folders, inspired by https://github.com/apache/flink/blame/master/tools/azure-pipelines/free_disk_space.sh"
sudo bash -c '(ionice -c 3 nice -n 19 rm -rf /usr/share/dotnet/ /usr/local/graalvm/ /usr/local/.ghcup/ /usr/local/share/powershell /usr/local/share/chromium /usr/local/lib/android /usr/local/lib/node_modules)&'
4 changes: 1 addition & 3 deletions docs/Gemfile.lock
Original file line number Diff line number Diff line change
@@ -222,8 +222,7 @@ GEM
rb-fsevent (0.11.1)
rb-inotify (0.10.1)
ffi (~> 1.0)
rexml (3.3.6)
strscan
rexml (3.3.9)
rouge (3.26.0)
ruby2_keywords (0.0.5)
rubyzip (2.3.2)
@@ -238,7 +237,6 @@ GEM
faraday (>= 0.17.3, < 3)
simpleidn (0.2.1)
unf (~> 0.1.4)
strscan (3.1.0)
terminal-table (1.8.0)
unicode-display_width (~> 1.1, >= 1.1.1)
typhoeus (1.4.0)
2 changes: 1 addition & 1 deletion infra/base-images/base-builder-jvm/Dockerfile
Original file line number Diff line number Diff line change
@@ -36,7 +36,7 @@ WORKDIR $SRC

RUN git clone https://github.com/CodeIntelligenceTesting/jazzer && \
cd jazzer && \
git checkout aa376ca3c0255b9cf04e1fc79fcf1fe5c63b2376
git checkout 11b42852df4344737df54a380c2f522025bb4e84

WORKDIR $SRC/jazzer

36 changes: 9 additions & 27 deletions infra/build/functions/build_lib.py
Original file line number Diff line number Diff line change
@@ -417,7 +417,6 @@ def get_docker_build_step(image_names,
'name': DOCKER_TOOL_IMAGE,
'args': args,
'dir': directory,
'id': f'build-{architecture}',
}
# Handle buildkit args
# Note that we mutate "args" after making it a value in step.
@@ -463,11 +462,10 @@ def get_project_image_steps( # pylint: disable=too-many-arguments
steps.extend(get_pull_test_images_steps(config.test_image_suffix))
src_root = 'oss-fuzz' if not experiment else '.'

docker_build_step = get_docker_build_step(
[image, _get_unsafe_name(name)],
os.path.join('projects', name),
src_root=src_root,
cache_image=cache_image)
docker_build_step = get_docker_build_step([image],
os.path.join('projects', name),
src_root=src_root,
cache_image=cache_image)
steps.append(docker_build_step)
if srcmap:
srcmap_step_id = get_srcmap_step_id()
@@ -479,7 +477,7 @@ def get_project_image_steps( # pylint: disable=too-many-arguments
],
'env': [
'OSSFUZZ_REVISION=$REVISION_ID',
f'FUZZING_LANGUAGE={language}',
'FUZZING_LANGUAGE=%s' % language,
],
'id': srcmap_step_id
}])
@@ -500,31 +498,15 @@ def get_project_image_steps( # pylint: disable=too-many-arguments
'args': ['buildx', 'use', builder_name]
},
])
docker_build_arm_step = get_docker_build_step(
[image, _get_unsafe_name(name)],
os.path.join('projects', name),
architecture=_ARM64)
docker_build_arm_step = get_docker_build_step([image],
os.path.join(
'projects', name),
architecture=_ARM64)
steps.append(docker_build_arm_step)

if (not experiment and not config.testing and
config.build_type == 'fuzzing' and language in ('c', 'c++')):
# Push so that historical bugs are reproducible.
push_step = {
'name': 'gcr.io/cloud-builders/docker',
'args': ['push', _get_unsafe_name(name)],
'id': 'push-image',
'waitFor': [docker_build_step['id']],
'allowFailure': True
}
steps.append(push_step)

return steps


def _get_unsafe_name(name):
return f'us-central1-docker.pkg.dev/oss-fuzz/unsafe/{name}'


def get_logs_url(build_id):
"""Returns url that displays the build logs."""
return (
11 changes: 6 additions & 5 deletions infra/build/functions/build_project.py
Original file line number Diff line number Diff line change
@@ -19,6 +19,8 @@
Usage: build_project.py <project_dir>
"""

from __future__ import print_function

import argparse
from dataclasses import dataclass
import datetime
@@ -75,7 +77,6 @@ class Config:
experiment: bool = False
# TODO(ochang): This should be different per engine+sanitizer combination.
upload_build_logs: str = None
build_type: str = None


WORKDIR_REGEX = re.compile(r'\s*WORKDIR\s*([^\s]+)')
@@ -475,6 +476,7 @@ def get_build_steps_for_project(project,
upload_steps = get_upload_steps(project, build, timestamp,
config.testing)
build_steps.extend(upload_steps)

return build_steps


@@ -627,16 +629,15 @@ def get_args(description):
return parser.parse_args()


def create_config(args, build_type):
def create_config_from_commandline(args):
"""Create a Config object from parsed command line |args|."""
upload = not args.experiment
return Config(testing=args.testing,
test_image_suffix=args.test_image_suffix,
branch=args.branch,
parallel=args.parallel,
upload=upload,
experiment=args.experiment,
build_type=build_type)
experiment=args.experiment)


def build_script_main(script_description, get_build_steps_func, build_type):
@@ -649,7 +650,7 @@ def build_script_main(script_description, get_build_steps_func, build_type):

credentials = oauth2client.client.GoogleCredentials.get_application_default()
error = False
config = create_config(args, build_type)
config = create_config_from_commandline(args)
for project_name in args.projects:
logging.info('Getting steps for: "%s".', project_name)
try:
10 changes: 2 additions & 8 deletions infra/build/functions/test_data/expected_build_steps.json
Original file line number Diff line number Diff line change
@@ -14,12 +14,9 @@
"build",
"--tag",
"gcr.io/oss-fuzz/test-project",
"--tag",
"us-central1-docker.pkg.dev/oss-fuzz/unsafe/test-project",
"."
],
"dir": "oss-fuzz/projects/test-project",
"id": "build-x86_64"
"dir": "oss-fuzz/projects/test-project"
},
{
"name": "gcr.io/oss-fuzz/test-project",
@@ -71,12 +68,9 @@
"--load",
"--tag",
"gcr.io/oss-fuzz/test-project-aarch64",
"--tag",
"us-central1-docker.pkg.dev/oss-fuzz/unsafe/test-project-aarch64",
"."
],
"dir": "oss-fuzz/projects/test-project",
"id": "build-aarch64"
"dir": "oss-fuzz/projects/test-project"
},
{
"name": "gcr.io/cloud-builders/docker",
Original file line number Diff line number Diff line change
@@ -13,13 +13,10 @@
"args": [
"build",
"--tag",
"gcr.io/oss-fuzz/test-project",
"--tag",
"us-central1-docker.pkg.dev/oss-fuzz/unsafe/test-project",
"gcr.io/oss-fuzz/test-project",
"."
],
"dir": "oss-fuzz/projects/test-project",
"id": "build-x86_64"
"dir": "oss-fuzz/projects/test-project"
},
{
"name": "gcr.io/oss-fuzz/test-project",
Original file line number Diff line number Diff line change
@@ -14,12 +14,9 @@
"build",
"--tag",
"gcr.io/oss-fuzz/test-project",
"--tag",
"us-central1-docker.pkg.dev/oss-fuzz/unsafe/test-project",
"."
],
"dir": "oss-fuzz/projects/test-project",
"id": "build-x86_64"
"dir": "oss-fuzz/projects/test-project"
},
{
"name": "gcr.io/oss-fuzz/test-project",
Original file line number Diff line number Diff line change
@@ -167,12 +167,9 @@
"build",
"--tag",
"gcr.io/oss-fuzz/skcms",
"--tag",
"us-central1-docker.pkg.dev/oss-fuzz/unsafe/skcms",
"."
],
"dir": "oss-fuzz/projects/skcms",
"id": "build-x86_64"
"dir": "oss-fuzz/projects/skcms"
},
{
"name": "gcr.io/oss-fuzz/skcms",
2 changes: 1 addition & 1 deletion infra/presubmit.py
Original file line number Diff line number Diff line change
@@ -262,7 +262,7 @@ def _check_one_apt_update(path):
if 'RUN apt install' in dockerfile or 'RUN apt-get install' in dockerfile:
print('Please add an "apt-get update" before "apt-get install". '
'Otherwise, a cached and outdated RUN layer may lead to install '
'failures.')
'failures in file %s.' % str(path))
return False

return True
20 changes: 11 additions & 9 deletions projects/apache-poi/Dockerfile
Original file line number Diff line number Diff line change
@@ -23,17 +23,19 @@ rm -rf maven.zip
ENV MVN $SRC/maven-3.6.3/apache-maven-3.6.3/bin/mvn
ENV TARGET_PACKAGE_PREFIX org.apache.poi.*:org.apache.xmlbeans.*

RUN curl -L https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u382-b05/OpenJDK8U-jdk_x64_linux_hotspot_8u382b05.tar.gz -o OpenJDK8U-jdk_x64_linux_hotspot_8u382b05.tar.gz && \
tar xvf OpenJDK8U-jdk_x64_linux_hotspot_8u382b05.tar.gz && \
rm -rf OpenJDK8U-jdk_x64_linux_hotspot_8u382b05.tar.gz
# Newer JDK releases are listed at https://github.com/adoptium/temurin8-binaries/releases/
RUN curl -L https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u432-b06/OpenJDK8U-jdk_x64_linux_hotspot_8u432b06.tar.gz -o OpenJDK8U-jdk_x64_linux_hotspot_8u432b06.tar.gz && \
tar xvf OpenJDK8U-jdk_x64_linux_hotspot_8u432b06.tar.gz && \
rm -rf OpenJDK8U-jdk_x64_linux_hotspot_8u432b06.tar.gz

ENV JAVA_HOME_8 $SRC/jdk8u382-b05
ENV JAVA_HOME_8 $SRC/jdk8u432-b06

RUN curl -L https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.20%2B8/OpenJDK11U-jdk_x64_linux_hotspot_11.0.20_8.tar.gz -o OpenJDK11U-jdk_x64_linux_hotspot_11.0.20_8.tar.gz && \
tar xvf OpenJDK11U-jdk_x64_linux_hotspot_11.0.20_8.tar.gz && \
rm -rf OpenJDK11U-jdk_x64_linux_hotspot_11.0.20_8.tar.gz
# Newer JDK releases are listed at https://github.com/adoptium/temurin11-binaries/releases/
RUN curl -L https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.25%2B9/OpenJDK11U-jdk_x64_linux_hotspot_11.0.25_9.tar.gz -o OpenJDK11U-jdk_x64_linux_hotspot_11.0.25_9.tar.gz && \
tar xvf OpenJDK11U-jdk_x64_linux_hotspot_11.0.25_9.tar.gz && \
rm -rf OpenJDK11U-jdk_x64_linux_hotspot_11.0.25_9.tar.gz

ENV JAVA_HOME_11 $SRC/jdk-11.0.20+8
ENV JAVA_HOME_11 $SRC/jdk-11.0.25+9

WORKDIR ${SRC}
#
@@ -42,7 +44,7 @@ WORKDIR ${SRC}
RUN git clone --depth 1 https://github.com/apache/poi.git

# install packages required for font-handling and other code in java.awt.*
RUN apt-get install -y libxext6 libx11-6 libxrender1 libxtst6 libxi6 libxcb1 libxau6 libxdmcp6 \
RUN apt-get update && apt-get install -y libxext6 libx11-6 libxrender1 libxtst6 libxi6 libxcb1 libxau6 libxdmcp6 \
&& apt-get clean autoclean \
&& apt-get autoremove --yes \
&& rm -rf /var/lib/{apt,dpkg,cache,log}/
47 changes: 46 additions & 1 deletion projects/apache-poi/pom.xml
Original file line number Diff line number Diff line change
@@ -16,6 +16,18 @@
</properties>

<!-- This repositories list is copy pasted from the projects' main BOM -->
<repositories>
<repository>
<id>central</id>
<name>Maven Central</name>
<url>https://repo.maven.apache.org/maven2/</url>
</repository>
<repository>
<id>apache-staging</id>
<name>Apache Staging</name>
<url>https://repository.apache.org/content/repositories/staging</url>
</repository>
</repositories>

<dependencies>
<!--
@@ -38,26 +50,59 @@
<groupId>org.apache.poi</groupId>
<artifactId>poi</artifactId>
<version>${fuzzedLibaryVersion}</version>
<!-- these exclusions can be removed again when XmlBeans 5.3.0 is released with fixed bom-dependency
See https://lists.apache.org/thread/tn9j8h94vtftr1r4xg28c43r8okp4hoj -->
<exclusions>
<exclusion>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-bom</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi-ooxml</artifactId>
<version>${fuzzedLibaryVersion}</version>
<exclusions>
<exclusion>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-bom</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi-scratchpad</artifactId>
<version>${fuzzedLibaryVersion}</version>
<exclusions>
<exclusion>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-bom</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi-examples</artifactId>
<version>${fuzzedLibaryVersion}</version>
<exclusions>
<exclusion>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-bom</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>2.24.1</version>
<version>2.24.2</version>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-bom</artifactId>
<version>2.24.2</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>

7 changes: 6 additions & 1 deletion projects/kubernetes/Dockerfile
Original file line number Diff line number Diff line change
@@ -22,6 +22,11 @@ RUN git clone --depth 1 https://github.com/dvyukov/go-fuzz-corpus
RUN git clone --depth 1 https://github.com/kubernetes/kops
RUN git clone --depth 1 https://github.com/cncf/cncf-fuzzing
RUN git clone --depth 1 https://github.com/AdamKorcz/instrumentation
RUN git clone --depth 1 https://github.com/AdamKorcz/go-118-fuzz-build --branch=november-backup
RUN wget https://go.dev/dl/go1.23.4.linux-amd64.tar.gz \
&& mkdir temp-go \
&& rm -rf /root/.go/* \
&& tar -C temp-go/ -xzf go1.23.4.linux-amd64.tar.gz \
&& mv temp-go/go/* /root/.go/
WORKDIR $SRC/

COPY build.sh $SRC/
22 changes: 22 additions & 0 deletions projects/pulldown-cmark/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# Copyright 2024 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
################################################################################

FROM gcr.io/oss-fuzz-base/base-builder-rust

RUN git clone --depth 1 https://github.com/pulldown-cmark/pulldown-cmark pulldown-cmark
WORKDIR $SRC

COPY build.sh $SRC/
Loading

0 comments on commit a1bc9da

Please sign in to comment.