mirror of
https://gitlab.com/cryptsetup/cryptsetup.git
synced 2025-12-06 00:10:04 +01:00
CI: Add fuzzer jobs.
This commit is contained in:
daniel.zatovic
@@ -19,3 +19,4 @@ include:
|
|||||||
- local: .gitlab/ci/compilation-clang.gitlab-ci.yml
|
- local: .gitlab/ci/compilation-clang.gitlab-ci.yml
|
||||||
- local: .gitlab/ci/alpinelinux.yml
|
- local: .gitlab/ci/alpinelinux.yml
|
||||||
- local: .gitlab/ci/ubuntu-32bit.yml
|
- local: .gitlab/ci/ubuntu-32bit.yml
|
||||||
|
- local: .gitlab/ci/cifuzz.yml
|
||||||
|
|||||||
46
.gitlab/ci/cifuzz.yml
Normal file
46
.gitlab/ci/cifuzz.yml
Normal file
@@ -0,0 +1,46 @@
|
|||||||
|
cifuzz:
|
||||||
|
variables:
|
||||||
|
OSS_FUZZ_PROJECT_NAME: cryptsetup
|
||||||
|
CFL_PLATFORM: gitlab
|
||||||
|
CIFUZZ_DEBUG: "True"
|
||||||
|
FUZZ_SECONDS: 300 # 5 minutes per fuzzer
|
||||||
|
ARCHITECTURE: "x86_64"
|
||||||
|
DRY_RUN: "False"
|
||||||
|
LOW_DISK_SPACE: "True"
|
||||||
|
BAD_BUILD_CHECK: "True"
|
||||||
|
LANGUAGE: "c"
|
||||||
|
DOCKER_HOST: "tcp://docker:2375"
|
||||||
|
DOCKER_IN_DOCKER: "true"
|
||||||
|
DOCKER_DRIVER: overlay2
|
||||||
|
DOCKER_TLS_CERTDIR: ""
|
||||||
|
image:
|
||||||
|
name: gcr.io/oss-fuzz-base/cifuzz-base
|
||||||
|
entrypoint: [""]
|
||||||
|
services:
|
||||||
|
- docker:dind
|
||||||
|
|
||||||
|
stage: test
|
||||||
|
parallel:
|
||||||
|
matrix:
|
||||||
|
- SANITIZER: [address, undefined, memory]
|
||||||
|
rules:
|
||||||
|
# Default code change.
|
||||||
|
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
|
||||||
|
variables:
|
||||||
|
MODE: "code-change"
|
||||||
|
- if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup"
|
||||||
|
when: never
|
||||||
|
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /v2\..\.x$/
|
||||||
|
before_script:
|
||||||
|
# Get gitlab's container id.
|
||||||
|
- export CFL_CONTAINER_ID=`cut -c9- < /proc/1/cpuset`
|
||||||
|
script:
|
||||||
|
# Will build and run the fuzzers.
|
||||||
|
# We use a hack to override CI_JOB_ID, because otherwise a bad path is used
|
||||||
|
# in GitLab CI environment
|
||||||
|
- CI_JOB_ID="$CI_PROJECT_NAMESPACE/$CI_PROJECT_TITLE" python3 "/opt/oss-fuzz/infra/cifuzz/cifuzz_combined_entrypoint.py"
|
||||||
|
artifacts:
|
||||||
|
# Upload artifacts when a crash makes the job fail.
|
||||||
|
when: always
|
||||||
|
paths:
|
||||||
|
- artifacts/
|
||||||
@@ -27,9 +27,9 @@ flags="-O1 -fno-omit-frame-pointer -gline-tables-only -DFUZZING_BUILD_MODE_UNSAF
|
|||||||
|
|
||||||
export CFLAGS="${CFLAGS:-$flags} -I$DEPS_PATH/include"
|
export CFLAGS="${CFLAGS:-$flags} -I$DEPS_PATH/include"
|
||||||
export CXXFLAGS="${CXXFLAGS:-$flags} -I$DEPS_PATH/include"
|
export CXXFLAGS="${CXXFLAGS:-$flags} -I$DEPS_PATH/include"
|
||||||
export LDFLAGS="$LDFLAGS -L$DEPS_PATH/lib"
|
export LDFLAGS="${LDFLAGS-} -L$DEPS_PATH/lib"
|
||||||
|
|
||||||
ENABLED_FUZZERS="crypt2_load_fuzz crypt2_load_proto_plain_json_fuzz"
|
ENABLED_FUZZERS=${ENABLED_FUZZERS:-crypt2_load_fuzz crypt2_load_proto_plain_json_fuzz}
|
||||||
|
|
||||||
mkdir -p $SRC
|
mkdir -p $SRC
|
||||||
mkdir -p $OUT
|
mkdir -p $OUT
|
||||||
|
|||||||
Reference in New Issue
Block a user