From c2f8e598b9e3ffff32a496c7c5820f8d4cc57caf Mon Sep 17 00:00:00 2001 From: Mohammed Al Sahaf Date: Fri, 23 Aug 2019 16:36:12 +0300 Subject: [PATCH 1/5] fuzz: lay down the foundation for continuous fuzzing --- fuzz/README.md | 3 ++ fuzz/admin_fuzz.go | 36 ++++++++++++++++++++ fuzz/go.mod | 10 ++++++ fuzz/go.sum | 71 +++++++++++++++++++++++++++++++++++++++ fuzz/parseAddress_fuzz.go | 37 ++++++++++++++++++++ fuzz/parse_fuzz.go | 42 +++++++++++++++++++++++ fuzz/replacer_fuzz.go | 31 +++++++++++++++++ fuzz/templates_fuzz.go | 65 +++++++++++++++++++++++++++++++++++ 8 files changed, 295 insertions(+) create mode 100644 fuzz/README.md create mode 100644 fuzz/admin_fuzz.go create mode 100644 fuzz/go.mod create mode 100644 fuzz/go.sum create mode 100644 fuzz/parseAddress_fuzz.go create mode 100644 fuzz/parse_fuzz.go create mode 100644 fuzz/replacer_fuzz.go create mode 100644 fuzz/templates_fuzz.go diff --git a/fuzz/README.md b/fuzz/README.md new file mode 100644 index 00000000000..8ea5dc88a9f --- /dev/null +++ b/fuzz/README.md @@ -0,0 +1,3 @@ +# Fuzz Submodule + +At the time of writing, [go-fuzz isn't compatible with Go modules](https://github.com/dvyukov/go-fuzz/issues/195). This workaround is adapted from [mvdan's](https://github.com/mvdan) work as described in [this comment](https://github.com/dvyukov/go-fuzz/issues/195#issuecomment-523526736) and implemented [here](https://github.com/mvdan/sh/commit/6c13161a56af5dece4e33497e909ee4cbe3ee6bf). diff --git a/fuzz/admin_fuzz.go b/fuzz/admin_fuzz.go new file mode 100644 index 00000000000..005d1e5e8f2 --- /dev/null +++ b/fuzz/admin_fuzz.go @@ -0,0 +1,36 @@ +// Copyright 2015 Matthew Holt and The Caddy Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build gofuzz +// +build gofuzz_libfuzzer + +package fuzz + +import ( + "bytes" + + "github.com/caddyserver/caddy/v2" + + // This package is required for go-fuzz-build, so pin it here for + // 'go mod vendor' to include it. + _ "github.com/dvyukov/go-fuzz/go-fuzz-dep" +) + +func FuzzAdmin(data []byte) (score int) { + err := caddy.Load(bytes.NewReader(data)) + if err != nil { + return 0 + } + return 1 +} diff --git a/fuzz/go.mod b/fuzz/go.mod new file mode 100644 index 00000000000..505bf55586e --- /dev/null +++ b/fuzz/go.mod @@ -0,0 +1,10 @@ +module local.tld/fuzz + +go 1.12 + +replace github.com/caddyserver/caddy/v2 => ./.. + +require ( + github.com/caddyserver/caddy/v2 v2.0.0-00010101000000-000000000000 + github.com/dvyukov/go-fuzz v0.0.0-20190819180756-98cec4f75045 +) diff --git a/fuzz/go.sum b/fuzz/go.sum new file mode 100644 index 00000000000..7dd5c61193a --- /dev/null +++ b/fuzz/go.sum @@ -0,0 +1,71 @@ +github.com/DataDog/zstd v1.4.1/go.mod h1:1jcaCB/ufaK+sKp1NBhlGmpz41jOoPQ35bpF36t7BBo= +github.com/Masterminds/goutils v1.1.0 h1:zukEsf/1JZwCMgHiK3GZftabmxiCw4apj3a28RPBiVg= +github.com/Masterminds/goutils v1.1.0/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= +github.com/Masterminds/semver v1.4.2 h1:WBLTQ37jOCzSLtXNdoo8bNM8876KhNqOKvrlGITgsTc= +github.com/Masterminds/semver v1.4.2/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= +github.com/Masterminds/sprig v2.20.0+incompatible h1:dJTKKuUkYW3RMFdQFXPU/s6hg10RgctmTjRcbZ98Ap8= +github.com/Masterminds/sprig v2.20.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o= +github.com/andybalholm/brotli v0.0.0-20190704151324-71eb68cc467c/go.mod h1:+lx6/Aqd1kLJ1GQfkvOnaZ1WGmLpMpbprPuIOOZX30U= +github.com/cenkalti/backoff v2.1.1+incompatible h1:tKJnvO2kl0zmb/jA5UKAt4VoEVw1qxKWjE/Bpp46npY= +github.com/cenkalti/backoff v2.1.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= +github.com/dvyukov/go-fuzz v0.0.0-20190819180756-98cec4f75045 h1:ik3KETxXrXa3cGhagpheF8MGbPYPnh/sZ4lWwYc4IUw= +github.com/dvyukov/go-fuzz v0.0.0-20190819180756-98cec4f75045/go.mod h1:11Gm+ccJnvAhCNLlf5+cS9KjtbaD5I5zaZpFMsTHWTw= +github.com/go-acme/lego v2.5.0+incompatible/go.mod h1:yzMNe9CasVUhkquNvti5nAtPmG94USbYxYrZfTkIn0M= +github.com/go-acme/lego v2.6.0+incompatible h1:KxcEWOF5hKtgou4xIqPaXSRF9DoO4OJ90ndwdK6YH/k= +github.com/go-acme/lego v2.6.0+incompatible/go.mod h1:yzMNe9CasVUhkquNvti5nAtPmG94USbYxYrZfTkIn0M= +github.com/golang/gddo v0.0.0-20190419222130-af0f2af80721/go.mod h1:xEhNfoBDX1hzLm2Nf80qUvZ2sVwoMZ8d6IE2SrsQfh4= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/huandu/xstrings v1.2.0 h1:yPeWdRnmynF7p+lLYz0H2tthW9lqhMJrQV/U7yy4wX0= +github.com/huandu/xstrings v1.2.0/go.mod h1:DvyZB1rfVYsBIigL8HwpZgxHwXozlTgGqn63UyNX5k4= +github.com/imdario/mergo v0.3.7 h1:Y+UAYTZ7gDEuOfhxKWy+dvb5dRQ6rJjFSdX2HZY1/gI= +github.com/imdario/mergo v0.3.7/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/klauspost/compress v1.7.1-0.20190613161414-0b31f265a57b/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= +github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= +github.com/klauspost/cpuid v1.2.1 h1:vJi+O/nMdFt0vqm8NZBI6wzALWdA2X+egi0ogNyrC/w= +github.com/klauspost/cpuid v1.2.1/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/mholt/certmagic v0.6.2 h1:yy9cKm3rtxdh12SW4E51lzG3Eo6N59LEOfBQ0CTnMms= +github.com/mholt/certmagic v0.6.2/go.mod h1:g4cOPxcjV0oFq3qwpjSA30LReKD8AoIfwAY9VvG35NY= +github.com/miekg/dns v1.1.3 h1:1g0r1IvskvgL8rR+AcHzUA+oFmGcQlaIm4IqakufeMM= +github.com/miekg/dns v1.1.3/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= +github.com/mitchellh/go-ps v0.0.0-20170309133038-4fdf99ab2936/go.mod h1:r1VsdOzOPt1ZSrGZWFoNhsAedKnEd6r9Np1+5blZCWk= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/rs/cors v1.6.0 h1:G9tHG9lebljV9mfp9SNPDL36nCDxmo3zTlAf1YgvzmI= +github.com/rs/cors v1.6.0/go.mod h1:gFx+x8UowdsKA9AchylcLynDq+nNFfI8FkUZdN/jGCU= +github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q= +github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo= +github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= +github.com/starlight-go/starlight v0.0.0-20181207205707-b06f321544f3 h1:/fBh1Ot84ILt/ociFHO98wJ9LxIMA3UG8B0unUJPFpY= +github.com/starlight-go/starlight v0.0.0-20181207205707-b06f321544f3/go.mod h1:pxOc2ZuBV+CNlQgzq/HJ9Z9G/eoEMHFeuGohOvva4Co= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +go.starlark.net v0.0.0-20190604130855-6ddc71c0ba77 h1:KPzANX1mXqnSWenqVWkSTsQWiaUSpTY5GyGZKI6lStw= +go.starlark.net v0.0.0-20190604130855-6ddc71c0ba77/go.mod h1:c1/X6cHgvdXj6pUlmWKMkuqRnW4K8x2vwt6JAaaircg= +golang.org/x/crypto v0.0.0-20190123085648-057139ce5d2b/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190603091049-60506f45cf65 h1:+rhAzEzT3f4JtomfC371qB+0Ola2caSKcY69NUBZrRQ= +golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20190124100055-b90733256f2e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190422165155-953cdadca894 h1:Cz4ceDQGXuKRnVBDTS23GTn/pU5OE2C0WrNTOYK1Uuc= +golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/square/go-jose.v2 v2.2.2 h1:orlkJ3myw8CN1nVQHBFfloD+L3egixIa4FvUP6RosSA= +gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/fuzz/parseAddress_fuzz.go b/fuzz/parseAddress_fuzz.go new file mode 100644 index 00000000000..05efcd4ffca --- /dev/null +++ b/fuzz/parseAddress_fuzz.go @@ -0,0 +1,37 @@ +// Copyright 2015 Matthew Holt and The Caddy Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build gofuzz +// +build gofuzz_libfuzzer + +package fuzz + +import ( + "github.com/caddyserver/caddy/v2/caddyconfig/httpcaddyfile" + + // This package is required for go-fuzz-build, so pin it here for + // 'go mod vendor' to include it. + _ "github.com/dvyukov/go-fuzz/go-fuzz-dep" +) + +func FuzzParseAddress(data []byte) int { + addr, err := httpcaddyfile.ParseAddress(string(data)) + if err != nil { + if addr == (httpcaddyfile.Address{}) { + return 1 + } + return 0 + } + return 1 +} diff --git a/fuzz/parse_fuzz.go b/fuzz/parse_fuzz.go new file mode 100644 index 00000000000..0f58ea6a911 --- /dev/null +++ b/fuzz/parse_fuzz.go @@ -0,0 +1,42 @@ +// Copyright 2015 Matthew Holt and The Caddy Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build gofuzz +// +build gofuzz_libfuzzer + +package fuzz + +import ( + "bytes" + + "github.com/caddyserver/caddy/v2/caddyconfig/caddyfile" + + // This package is required for go-fuzz-build, so pin it here for + // 'go mod vendor' to include it. + _ "github.com/dvyukov/go-fuzz/go-fuzz-dep" +) + +func FuzzParse(data []byte) (score int) { + sb, err := caddyfile.Parse("Caddyfile", bytes.NewReader(data)) + if err != nil { + // if both an error is received and some ServerBlocks, + // then the parse was able to parse partially. Mark this + // result as interesting to push the fuzzer further through the parser. + if sb != nil && len(sb) > 0 { + return 1 + } + return 0 + } + return 1 +} diff --git a/fuzz/replacer_fuzz.go b/fuzz/replacer_fuzz.go new file mode 100644 index 00000000000..dde1a4f56c4 --- /dev/null +++ b/fuzz/replacer_fuzz.go @@ -0,0 +1,31 @@ +// Copyright 2015 Matthew Holt and The Caddy Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build gofuzz +// +build gofuzz_libfuzzer + +package fuzz + +import ( + "github.com/caddyserver/caddy/v2" + + // This package is required for go-fuzz-build, so pin it here for + // 'go mod vendor' to include it. + _ "github.com/dvyukov/go-fuzz/go-fuzz-dep" +) + +func FuzzReplacer(data []byte) (score int) { + caddy.NewReplacer().ReplaceAll(string(data), "") + return 0 +} diff --git a/fuzz/templates_fuzz.go b/fuzz/templates_fuzz.go new file mode 100644 index 00000000000..eef837d7336 --- /dev/null +++ b/fuzz/templates_fuzz.go @@ -0,0 +1,65 @@ +// Copyright 2015 Matthew Holt and The Caddy Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build gofuzz +// +build gofuzz_libfuzzer + +package fuzz + +import ( + "bufio" + "bytes" + "net/http" + + "github.com/caddyserver/caddy/v2/modules/caddyhttp" + "github.com/caddyserver/caddy/v2/modules/caddyhttp/templates" + // This package is required for go-fuzz-build, so pin it here for + // 'go mod vendor' to include it. + _ "github.com/dvyukov/go-fuzz/go-fuzz-dep" +) + +func FuzzTemplates(data []byte) int { + req, err := http.ReadRequest(bufio.NewReader(bytes.NewReader(data))) + if err != nil { + return 0 + } + t := &templates.Templates{} + if err := t.ServeHTTP( + &dummyWriter{header: make(http.Header)}, + req, + caddyhttp.HandlerFunc(func(http.ResponseWriter, *http.Request) error { + return nil + }), + ); err != nil { + return 0 + } + return 1 +} + +type dummyWriter struct { + header http.Header + code int +} + +func (w *dummyWriter) Header() http.Header { + return w.header +} + +func (w *dummyWriter) Write(data []byte) (int, error) { + return len(data), nil +} + +func (w *dummyWriter) WriteHeader(code int) { + w.code = code +} From ac4bebd7a613dc05acdd80417a2a261d4b72e396 Mon Sep 17 00:00:00 2001 From: Mohammed Al Sahaf Date: Sat, 31 Aug 2019 23:43:27 +0300 Subject: [PATCH 2/5] improve the fuzzers and add some --- fuzz/caddyfileAdapter_fuzz.go | 54 +++++++++++++++++++ fuzz/go.mod | 2 +- fuzz/go.sum | 2 + .../{parse_fuzz.go => parseCaddyfile_fuzz.go} | 2 +- ...plates_fuzz.go => parseListenAddr_fuzz.go} | 37 ++----------- fuzz/replacer_fuzz.go | 1 + 6 files changed, 62 insertions(+), 36 deletions(-) create mode 100644 fuzz/caddyfileAdapter_fuzz.go rename fuzz/{parse_fuzz.go => parseCaddyfile_fuzz.go} (96%) rename fuzz/{templates_fuzz.go => parseListenAddr_fuzz.go} (53%) diff --git a/fuzz/caddyfileAdapter_fuzz.go b/fuzz/caddyfileAdapter_fuzz.go new file mode 100644 index 00000000000..6468f7894c4 --- /dev/null +++ b/fuzz/caddyfileAdapter_fuzz.go @@ -0,0 +1,54 @@ +// Copyright 2015 Matthew Holt and The Caddy Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build gofuzz +// +build gofuzz_libfuzzer + +package fuzz + +import ( + "bytes" + + "github.com/caddyserver/caddy/v2" + "github.com/caddyserver/caddy/v2/caddyconfig/caddyfile" + "github.com/caddyserver/caddy/v2/caddyconfig/httpcaddyfile" + + // This package is required for go-fuzz-build, so pin it here for + // 'go mod vendor' to include it. + _ "github.com/dvyukov/go-fuzz/go-fuzz-dep" +) + +func FuzzCaddyfileAdapter(data []byte) int { + adapter := caddyfile.Adapter{ + ServerType: httpcaddyfile.ServerType{}, + } + b, warns, err := adapter.Adapt(data, nil) + // Adapt func calls the Setup() func of the ServerType, + // thus it's going across multiple layers, each can + // return warnings or errors. Marking the presence of + // errors or warnings as interesting in this case + // could push the fuzzer towards a path where we only + // catch errors. Let's push the fuzzer to where it passes + // but breaks. + if (err != nil) || (warns != nil && len(warns) > 0) { + return 0 + } + + // adapted Caddyfile should be parseable by the configuration loader in admin.go + err = caddy.Load(bytes.NewReader(b)) + if err != nil { + return 0 + } + return 1 +} diff --git a/fuzz/go.mod b/fuzz/go.mod index 505bf55586e..21e16d9f252 100644 --- a/fuzz/go.mod +++ b/fuzz/go.mod @@ -6,5 +6,5 @@ replace github.com/caddyserver/caddy/v2 => ./.. require ( github.com/caddyserver/caddy/v2 v2.0.0-00010101000000-000000000000 - github.com/dvyukov/go-fuzz v0.0.0-20190819180756-98cec4f75045 + github.com/dvyukov/go-fuzz v0.0.0-20190824151841-1123d3b1be96 ) diff --git a/fuzz/go.sum b/fuzz/go.sum index 7dd5c61193a..70d02ae7eb6 100644 --- a/fuzz/go.sum +++ b/fuzz/go.sum @@ -6,6 +6,7 @@ github.com/Masterminds/semver v1.4.2/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF0 github.com/Masterminds/sprig v2.20.0+incompatible h1:dJTKKuUkYW3RMFdQFXPU/s6hg10RgctmTjRcbZ98Ap8= github.com/Masterminds/sprig v2.20.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o= github.com/andybalholm/brotli v0.0.0-20190704151324-71eb68cc467c/go.mod h1:+lx6/Aqd1kLJ1GQfkvOnaZ1WGmLpMpbprPuIOOZX30U= +github.com/caddyserver/caddy v1.0.3 h1:i9gRhBgvc5ifchwWtSe7pDpsdS9+Q0Rw9oYQmYUTw1w= github.com/cenkalti/backoff v2.1.1+incompatible h1:tKJnvO2kl0zmb/jA5UKAt4VoEVw1qxKWjE/Bpp46npY= github.com/cenkalti/backoff v2.1.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -13,6 +14,7 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/dvyukov/go-fuzz v0.0.0-20190819180756-98cec4f75045 h1:ik3KETxXrXa3cGhagpheF8MGbPYPnh/sZ4lWwYc4IUw= github.com/dvyukov/go-fuzz v0.0.0-20190819180756-98cec4f75045/go.mod h1:11Gm+ccJnvAhCNLlf5+cS9KjtbaD5I5zaZpFMsTHWTw= +github.com/dvyukov/go-fuzz v0.0.0-20190824151841-1123d3b1be96/go.mod h1:11Gm+ccJnvAhCNLlf5+cS9KjtbaD5I5zaZpFMsTHWTw= github.com/go-acme/lego v2.5.0+incompatible/go.mod h1:yzMNe9CasVUhkquNvti5nAtPmG94USbYxYrZfTkIn0M= github.com/go-acme/lego v2.6.0+incompatible h1:KxcEWOF5hKtgou4xIqPaXSRF9DoO4OJ90ndwdK6YH/k= github.com/go-acme/lego v2.6.0+incompatible/go.mod h1:yzMNe9CasVUhkquNvti5nAtPmG94USbYxYrZfTkIn0M= diff --git a/fuzz/parse_fuzz.go b/fuzz/parseCaddyfile_fuzz.go similarity index 96% rename from fuzz/parse_fuzz.go rename to fuzz/parseCaddyfile_fuzz.go index 0f58ea6a911..178cbea6ebc 100644 --- a/fuzz/parse_fuzz.go +++ b/fuzz/parseCaddyfile_fuzz.go @@ -27,7 +27,7 @@ import ( _ "github.com/dvyukov/go-fuzz/go-fuzz-dep" ) -func FuzzParse(data []byte) (score int) { +func FuzzParseCaddyfile(data []byte) (score int) { sb, err := caddyfile.Parse("Caddyfile", bytes.NewReader(data)) if err != nil { // if both an error is received and some ServerBlocks, diff --git a/fuzz/templates_fuzz.go b/fuzz/parseListenAddr_fuzz.go similarity index 53% rename from fuzz/templates_fuzz.go rename to fuzz/parseListenAddr_fuzz.go index eef837d7336..6fafe003fba 100644 --- a/fuzz/templates_fuzz.go +++ b/fuzz/parseListenAddr_fuzz.go @@ -18,48 +18,17 @@ package fuzz import ( - "bufio" - "bytes" - "net/http" + "github.com/caddyserver/caddy/v2" - "github.com/caddyserver/caddy/v2/modules/caddyhttp" - "github.com/caddyserver/caddy/v2/modules/caddyhttp/templates" // This package is required for go-fuzz-build, so pin it here for // 'go mod vendor' to include it. _ "github.com/dvyukov/go-fuzz/go-fuzz-dep" ) -func FuzzTemplates(data []byte) int { - req, err := http.ReadRequest(bufio.NewReader(bytes.NewReader(data))) +func FuzzParseListenAddr(data []byte) int { + _, _, err := caddy.ParseListenAddr(string(data)) if err != nil { return 0 } - t := &templates.Templates{} - if err := t.ServeHTTP( - &dummyWriter{header: make(http.Header)}, - req, - caddyhttp.HandlerFunc(func(http.ResponseWriter, *http.Request) error { - return nil - }), - ); err != nil { - return 0 - } return 1 } - -type dummyWriter struct { - header http.Header - code int -} - -func (w *dummyWriter) Header() http.Header { - return w.header -} - -func (w *dummyWriter) Write(data []byte) (int, error) { - return len(data), nil -} - -func (w *dummyWriter) WriteHeader(code int) { - w.code = code -} diff --git a/fuzz/replacer_fuzz.go b/fuzz/replacer_fuzz.go index dde1a4f56c4..c2cc0964014 100644 --- a/fuzz/replacer_fuzz.go +++ b/fuzz/replacer_fuzz.go @@ -27,5 +27,6 @@ import ( func FuzzReplacer(data []byte) (score int) { caddy.NewReplacer().ReplaceAll(string(data), "") + caddy.NewReplacer().ReplaceAll(string(data[:len(data)/2]), string(data[len(data)/2:])) return 0 } From 2781d2fe3d32ef102dfb6982dbba88e033c1011b Mon Sep 17 00:00:00 2001 From: Mohammed Al Sahaf Date: Tue, 3 Sep 2019 20:43:56 +0300 Subject: [PATCH 3/5] fuzz: add Fuzzit badge to README & enable fuzzers submission in CI --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 84b79e822c3..f0994781984 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,7 @@ Caddy 2 Development Branch =========================== [![Build Status](https://dev.azure.com/mholt-dev/Caddy/_apis/build/status/Multiplatform%20Tests?branchName=v2)](https://dev.azure.com/mholt-dev/Caddy/_build/latest?definitionId=5&branchName=v2) +[![fuzzit](https://app.fuzzit.dev/badge?org_id=caddyserver)](https://app.fuzzit.dev/orgs/caddyserver/dashboard) This is the development branch for Caddy 2. This code (version 2) is not yet feature-complete or production-ready, but is already being used in production, and we encourage you to deploy it today on sites that are not very visible or important so that it can obtain crucial experience in the field. From 9808d8c9e7231c97c7e53f06c51f9e4388c247d4 Mon Sep 17 00:00:00 2001 From: Mohammed Al Sahaf Date: Fri, 25 Oct 2019 22:33:26 +0300 Subject: [PATCH 4/5] v2-fuzz: do away with the submodule approach for fuzzers --- fuzz/admin_fuzz.go => admin_fuzz.go | 10 +- azure-pipelines.yml | 365 +++++++++++------- .../httpcaddyfile/adapter_fuzz.go | 11 +- .../httpcaddyfile/addresses_fuzz.go | 17 +- fuzz/README.md | 3 - fuzz/go.mod | 10 - fuzz/go.sum | 73 ---- fuzz/parseCaddyfile_fuzz.go | 42 -- go.mod | 1 + go.sum | 2 + .../parseAddress_fuzz.go => listeners_fuzz.go | 17 +- fuzz/replacer_fuzz.go => replacer_fuzz.go | 16 +- 12 files changed, 254 insertions(+), 313 deletions(-) rename fuzz/admin_fuzz.go => admin_fuzz.go (76%) rename fuzz/caddyfileAdapter_fuzz.go => caddyconfig/httpcaddyfile/adapter_fuzz.go (82%) rename fuzz/parseListenAddr_fuzz.go => caddyconfig/httpcaddyfile/addresses_fuzz.go (69%) delete mode 100644 fuzz/README.md delete mode 100644 fuzz/go.mod delete mode 100644 fuzz/go.sum delete mode 100644 fuzz/parseCaddyfile_fuzz.go rename fuzz/parseAddress_fuzz.go => listeners_fuzz.go (64%) rename fuzz/replacer_fuzz.go => replacer_fuzz.go (67%) diff --git a/fuzz/admin_fuzz.go b/admin_fuzz.go similarity index 76% rename from fuzz/admin_fuzz.go rename to admin_fuzz.go index 005d1e5e8f2..6d8095d6e1c 100644 --- a/fuzz/admin_fuzz.go +++ b/admin_fuzz.go @@ -15,20 +15,14 @@ // +build gofuzz // +build gofuzz_libfuzzer -package fuzz +package caddy import ( "bytes" - - "github.com/caddyserver/caddy/v2" - - // This package is required for go-fuzz-build, so pin it here for - // 'go mod vendor' to include it. - _ "github.com/dvyukov/go-fuzz/go-fuzz-dep" ) func FuzzAdmin(data []byte) (score int) { - err := caddy.Load(bytes.NewReader(data)) + err := Load(bytes.NewReader(data)) if err != nil { return 0 } diff --git a/azure-pipelines.yml b/azure-pipelines.yml index e0418541e5d..0580e0cbef3 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -2,21 +2,15 @@ # https://docs.microsoft.com/azure/devops/pipelines/languages/go trigger: -- v2 - -strategy: - matrix: - linux: - imageName: ubuntu-16.04 - gorootDir: /usr/local - mac: - imageName: macos-10.13 - gorootDir: /usr/local - windows: - imageName: windows-2019 - gorootDir: C:\ -pool: - vmImage: $(imageName) + - v2 + +schedules: +- cron: "0 0 * * *" + displayName: Daily midnight tests & fuzzing + branches: + include: + - v2 + always: true variables: GOROOT: $(gorootDir)/go @@ -26,121 +20,226 @@ variables: # TODO: Remove once it's enabled by default GO111MODULE: on -steps: -- bash: | - latestGo=$(curl "https://golang.org/VERSION?m=text") - echo "##vso[task.setvariable variable=LATEST_GO]$latestGo" - echo "Latest Go version: $latestGo" - displayName: "Get latest Go version" - -- bash: | - sudo rm -f $(which go) - echo '##vso[task.prependpath]$(GOBIN)' - echo '##vso[task.prependpath]$(GOROOT)/bin' - mkdir -p '$(modulePath)' - shopt -s extglob - shopt -s dotglob - mv !(gopath) '$(modulePath)' - displayName: Remove old Go, set GOBIN/GOROOT, and move project into GOPATH - -# Install Go (this varies by platform) -- bash: | - wget "https://dl.google.com/go/$(LATEST_GO).linux-amd64.tar.gz" - sudo tar -C $(gorootDir) -xzf "$(LATEST_GO).linux-amd64.tar.gz" - condition: eq( variables['Agent.OS'], 'Linux' ) - displayName: Install Go on Linux - -- bash: | - wget "https://dl.google.com/go/$(LATEST_GO).darwin-amd64.tar.gz" - sudo tar -C $(gorootDir) -xzf "$(LATEST_GO).darwin-amd64.tar.gz" - condition: eq( variables['Agent.OS'], 'Darwin' ) - displayName: Install Go on macOS - -# The low performance is partly due to PowerShell's attempt to update the progress bar. Disabling it speeds up the process. -# Reference: https://github.com/PowerShell/PowerShell/issues/2138 -- powershell: | - $ProgressPreference = 'SilentlyContinue' - Write-Host "Downloading Go..." - (New-Object System.Net.WebClient).DownloadFile("https://dl.google.com/go/$(LATEST_GO).windows-amd64.zip", "$(LATEST_GO).windows-amd64.zip") - Write-Host "Extracting Go... (I'm slow too)" - 7z x "$(LATEST_GO).windows-amd64.zip" -o"$(gorootDir)" - condition: eq( variables['Agent.OS'], 'Windows_NT' ) - displayName: Install Go on Windows - -- bash: curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.19.1 - displayName: Install golangci-lint - -- script: | - go get github.com/axw/gocov/gocov - go get github.com/AlekSi/gocov-xml - go get -u github.com/jstemmer/go-junit-report - displayName: Install test and coverage analysis tools - -- bash: | - printf "Using go at: $(which go)\n" - printf "Go version: $(go version)\n" - printf "\n\nGo environment:\n\n" - go env - printf "\n\nSystem environment:\n\n" - env - displayName: Print Go version and environment - -- script: | - go get -v -t -d ./... - mkdir test-results - workingDirectory: '$(modulePath)' - displayName: Get dependencies - -# its behavior is governed by .golangci.yml -- script: | - (golangci-lint run --out-format junit-xml) > test-results/lint-result.xml - exit 0 - workingDirectory: '$(modulePath)' - continueOnError: true - displayName: Run lint check - -- script: | - (go test -v -coverprofile=cover-profile.out -race ./... 2>&1) > test-results/test-result.out - workingDirectory: '$(modulePath)' - continueOnError: true - displayName: Run tests - -- script: | - mkdir coverage - gocov convert cover-profile.out > coverage/coverage.json - # Because Windows doesn't work with input redirection like *nix, but output redirection works. - (cat ./coverage/coverage.json | gocov-xml) > coverage/coverage.xml - workingDirectory: '$(modulePath)' - displayName: Prepare coverage reports - -- script: | - (cat ./test-results/test-result.out | go-junit-report) > test-results/test-result.xml - workingDirectory: '$(modulePath)' - displayName: Prepare test report - -- task: PublishCodeCoverageResults@1 - displayName: Publish test coverage report - inputs: - codeCoverageTool: Cobertura - summaryFileLocation: $(modulePath)/coverage/coverage.xml - -- task: PublishTestResults@2 - displayName: Publish unit test - inputs: - testResultsFormat: 'JUnit' - testResultsFiles: $(modulePath)/test-results/test-result.xml - testRunTitle: $(agent.OS) Unit Test - mergeTestResults: false - -- task: PublishTestResults@2 - displayName: Publish lint results - inputs: - testResultsFormat: 'JUnit' - testResultsFiles: $(modulePath)/test-results/lint-result.xml - testRunTitle: $(agent.OS) Lint - mergeTestResults: false - -- bash: | - exit 1 - condition: eq(variables['Agent.JobStatus'], 'SucceededWithIssues') - displayName: Coerce correct build result \ No newline at end of file +jobs: +- job: crossPlatformTest + displayName: "Cross-Platform Tests" + strategy: + matrix: + linux: + imageName: ubuntu-16.04 + gorootDir: /usr/local + mac: + imageName: macos-10.13 + gorootDir: /usr/local + windows: + imageName: windows-2019 + gorootDir: C:\ + pool: + vmImage: $(imageName) + + steps: + - bash: | + latestGo=$(curl "https://golang.org/VERSION?m=text") + echo "##vso[task.setvariable variable=LATEST_GO]$latestGo" + echo "Latest Go version: $latestGo" + displayName: "Get latest Go version" + + - bash: | + sudo rm -f $(which go) + echo '##vso[task.prependpath]$(GOBIN)' + echo '##vso[task.prependpath]$(GOROOT)/bin' + mkdir -p '$(modulePath)' + shopt -s extglob + shopt -s dotglob + mv !(gopath) '$(modulePath)' + displayName: Remove old Go, set GOBIN/GOROOT, and move project into GOPATH + + # Install Go (this varies by platform) + - bash: | + wget "https://dl.google.com/go/$(LATEST_GO).linux-amd64.tar.gz" + sudo tar -C $(gorootDir) -xzf "$(LATEST_GO).linux-amd64.tar.gz" + condition: eq( variables['Agent.OS'], 'Linux' ) + displayName: Install Go on Linux + + - bash: | + wget "https://dl.google.com/go/$(LATEST_GO).darwin-amd64.tar.gz" + sudo tar -C $(gorootDir) -xzf "$(LATEST_GO).darwin-amd64.tar.gz" + condition: eq( variables['Agent.OS'], 'Darwin' ) + displayName: Install Go on macOS + + # The low performance is partly due to PowerShell's attempt to update the progress bar. Disabling it speeds up the process. + # Reference: https://github.com/PowerShell/PowerShell/issues/2138 + - powershell: | + $ProgressPreference = 'SilentlyContinue' + Write-Host "Downloading Go..." + (New-Object System.Net.WebClient).DownloadFile("https://dl.google.com/go/$(LATEST_GO).windows-amd64.zip", "$(LATEST_GO).windows-amd64.zip") + Write-Host "Extracting Go... (I'm slow too)" + 7z x "$(LATEST_GO).windows-amd64.zip" -o"$(gorootDir)" + condition: eq( variables['Agent.OS'], 'Windows_NT' ) + displayName: Install Go on Windows + + - bash: curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.19.1 + displayName: Install golangci-lint + + - script: | + go get github.com/axw/gocov/gocov + go get github.com/AlekSi/gocov-xml + go get -u github.com/jstemmer/go-junit-report + displayName: Install test and coverage analysis tools + + - bash: | + printf "Using go at: $(which go)\n" + printf "Go version: $(go version)\n" + printf "\n\nGo environment:\n\n" + go env + printf "\n\nSystem environment:\n\n" + env + displayName: Print Go version and environment + + - script: | + go get -v -t -d ./... + mkdir test-results + workingDirectory: '$(modulePath)' + displayName: Get dependencies + + # its behavior is governed by .golangci.yml + - script: | + (golangci-lint run --out-format junit-xml) > test-results/lint-result.xml + exit 0 + workingDirectory: '$(modulePath)' + continueOnError: true + displayName: Run lint check + + - script: | + (go test -v -coverprofile=cover-profile.out -race ./... 2>&1) > test-results/test-result.out + workingDirectory: '$(modulePath)' + continueOnError: true + displayName: Run tests + + - script: | + mkdir coverage + gocov convert cover-profile.out > coverage/coverage.json + # Because Windows doesn't work with input redirection like *nix, but output redirection works. + (cat ./coverage/coverage.json | gocov-xml) > coverage/coverage.xml + workingDirectory: '$(modulePath)' + displayName: Prepare coverage reports + + - script: | + (cat ./test-results/test-result.out | go-junit-report) > test-results/test-result.xml + workingDirectory: '$(modulePath)' + displayName: Prepare test report + + - task: PublishCodeCoverageResults@1 + displayName: Publish test coverage report + inputs: + codeCoverageTool: Cobertura + summaryFileLocation: $(modulePath)/coverage/coverage.xml + + - task: PublishTestResults@2 + displayName: Publish unit test + inputs: + testResultsFormat: 'JUnit' + testResultsFiles: $(modulePath)/test-results/test-result.xml + testRunTitle: $(agent.OS) Unit Test + mergeTestResults: false + + - task: PublishTestResults@2 + displayName: Publish lint results + inputs: + testResultsFormat: 'JUnit' + testResultsFiles: $(modulePath)/test-results/lint-result.xml + testRunTitle: $(agent.OS) Lint + mergeTestResults: false + + - bash: | + exit 1 + condition: eq(variables['Agent.JobStatus'], 'SucceededWithIssues') + displayName: Coerce correct build result + +- job: fuzzing + displayName: 'Scheduled Fuzzing' + # Only run this job on schedules, not PRs. + condition: eq(variables['Build.Reason'], 'Schedule') + strategy: + matrix: + linux: + imageName: ubuntu-16.04 + gorootDir: /usr/local + pool: + vmImage: $(imageName) + + steps: + - bash: | + latestGo=$(curl "https://golang.org/VERSION?m=text") + echo "##vso[task.setvariable variable=LATEST_GO]$latestGo" + echo "Latest Go version: $latestGo" + displayName: "Get latest Go version" + + - bash: | + sudo rm -f $(which go) + echo '##vso[task.prependpath]$(GOBIN)' + echo '##vso[task.prependpath]$(GOROOT)/bin' + mkdir -p '$(modulePath)' + shopt -s extglob + shopt -s dotglob + mv !(gopath) '$(modulePath)' + displayName: Remove old Go, set GOBIN/GOROOT, and move project into GOPATH + + # Install Go (this varies by platform) + - bash: | + wget "https://dl.google.com/go/$(LATEST_GO).linux-amd64.tar.gz" + sudo tar -C $(gorootDir) -xzf "$(LATEST_GO).linux-amd64.tar.gz" + condition: eq( variables['Agent.OS'], 'Linux' ) + displayName: Install Go on Linux + + - bash: | + # Install Clang + sudo add-apt-repository "deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial main" + wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add - + sudo apt update && sudo apt install -y clang lldb lld + + go get -v github.com/dvyukov/go-fuzz/go-fuzz github.com/dvyukov/go-fuzz/go-fuzz-build + wget -q -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/download/v2.4.24/fuzzit_Linux_x86_64 + chmod a+x fuzzit + mv fuzzit $(GOBIN) + displayName: Download go-fuzz tools and the Fuzzit CLI, and move Fuzzit CLI to GOBIN + condition: and(eq(variables['System.PullRequest.IsFork'], 'False') , eq( variables['Agent.OS'], 'Linux' )) + + - script: fuzzit auth ${FUZZIT_API_KEY} + condition: and(eq(variables['System.PullRequest.IsFork'], 'False') , eq( variables['Agent.OS'], 'Linux' )) + displayName: Authenticate with Fuzzit + env: + FUZZIT_API_KEY: $(FUZZIT_API_KEY) + + - bash: | + declare -A fuzzers_funcs=(\ + ["./admin_fuzz.go"]="FuzzAdmin" \ + ["./caddyconfig/httpcaddyfile/adapter_fuzz.go"]="FuzzHTTPCaddyfileAdapter" \ + ["./caddyconfig/httpcaddyfile/addresses_fuzz.go"]="FuzzParseAddress" \ + ["./caddyconfig/caddyfile/parse_fuzz.go"]="FuzzParseCaddyfile" \ + ["./listeners_fuzz.go"]="FuzzParseNetworkAddress" \ + ["./replacer_fuzz.go"]="FuzzReplacer" \ + ) + + declare -A fuzzers_targets=(\ + ["./admin_fuzz.go"]="admin" \ + ["./caddyconfig/httpcaddyfile/adapter_fuzz.go"]="caddyfile-adapter" \ + ["./caddyconfig/httpcaddyfile/addresses_fuzz.go"]="parse-address" \ + ["./caddyconfig/caddyfile/parse_fuzz.go"]="parse-caddyfile" \ + ["./listeners_fuzz.go"]="parse-listen-addr" \ + ["./replacer_fuzz.go"]="replacer" \ + ) + fuzz_type="fuzzing" + + for f in $(find . -name \*_fuzz.go); do + FUZZER_DIRECTORY=$(dirname $f) + echo "go-fuzz-build func ${fuzzers_funcs[$f]} residing in $f" + go-fuzz-build -func "${fuzzers_funcs[$f]}" -libfuzzer -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.a" $FUZZER_DIRECTORY + echo "Generating fuzzer binary of func ${fuzzers_funcs[$f]} which resides in $f" + clang -fsanitize=fuzzer "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.a" -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.fuzzer" + #fuzzit create job --type "${fuzz_type}" --branch "${SYSTEM_PULLREQUEST_SOURCEBRANCH}" --revision "${BUILD_SOURCEVERSION}" caddyserver/${fuzzers_targets[$FUZZ_FILENAME]} $FUZZER_DIRECTORY/${fuzzers_targets[$FUZZ_FILENAME]}.fuzzer + echo "Completed $f" + done + workingDirectory: '$(modulePath)' + condition: and(eq(variables['System.PullRequest.IsFork'], 'False') , eq( variables['Agent.OS'], 'Linux' )) + displayName: Generate fuzzers & submit them to Fuzzit diff --git a/fuzz/caddyfileAdapter_fuzz.go b/caddyconfig/httpcaddyfile/adapter_fuzz.go similarity index 82% rename from fuzz/caddyfileAdapter_fuzz.go rename to caddyconfig/httpcaddyfile/adapter_fuzz.go index 6468f7894c4..1748b668e8c 100644 --- a/fuzz/caddyfileAdapter_fuzz.go +++ b/caddyconfig/httpcaddyfile/adapter_fuzz.go @@ -15,23 +15,18 @@ // +build gofuzz // +build gofuzz_libfuzzer -package fuzz +package httpcaddyfile import ( "bytes" "github.com/caddyserver/caddy/v2" "github.com/caddyserver/caddy/v2/caddyconfig/caddyfile" - "github.com/caddyserver/caddy/v2/caddyconfig/httpcaddyfile" - - // This package is required for go-fuzz-build, so pin it here for - // 'go mod vendor' to include it. - _ "github.com/dvyukov/go-fuzz/go-fuzz-dep" ) -func FuzzCaddyfileAdapter(data []byte) int { +func FuzzHTTPCaddyfileAdapter(data []byte) int { adapter := caddyfile.Adapter{ - ServerType: httpcaddyfile.ServerType{}, + ServerType: ServerType{}, } b, warns, err := adapter.Adapt(data, nil) // Adapt func calls the Setup() func of the ServerType, diff --git a/fuzz/parseListenAddr_fuzz.go b/caddyconfig/httpcaddyfile/addresses_fuzz.go similarity index 69% rename from fuzz/parseListenAddr_fuzz.go rename to caddyconfig/httpcaddyfile/addresses_fuzz.go index 6fafe003fba..26f36963339 100644 --- a/fuzz/parseListenAddr_fuzz.go +++ b/caddyconfig/httpcaddyfile/addresses_fuzz.go @@ -15,19 +15,14 @@ // +build gofuzz // +build gofuzz_libfuzzer -package fuzz +package httpcaddyfile -import ( - "github.com/caddyserver/caddy/v2" - - // This package is required for go-fuzz-build, so pin it here for - // 'go mod vendor' to include it. - _ "github.com/dvyukov/go-fuzz/go-fuzz-dep" -) - -func FuzzParseListenAddr(data []byte) int { - _, _, err := caddy.ParseListenAddr(string(data)) +func FuzzParseAddress(data []byte) int { + addr, err := ParseAddress(string(data)) if err != nil { + if addr == (Address{}) { + return 1 + } return 0 } return 1 diff --git a/fuzz/README.md b/fuzz/README.md deleted file mode 100644 index 8ea5dc88a9f..00000000000 --- a/fuzz/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# Fuzz Submodule - -At the time of writing, [go-fuzz isn't compatible with Go modules](https://github.com/dvyukov/go-fuzz/issues/195). This workaround is adapted from [mvdan's](https://github.com/mvdan) work as described in [this comment](https://github.com/dvyukov/go-fuzz/issues/195#issuecomment-523526736) and implemented [here](https://github.com/mvdan/sh/commit/6c13161a56af5dece4e33497e909ee4cbe3ee6bf). diff --git a/fuzz/go.mod b/fuzz/go.mod deleted file mode 100644 index 21e16d9f252..00000000000 --- a/fuzz/go.mod +++ /dev/null @@ -1,10 +0,0 @@ -module local.tld/fuzz - -go 1.12 - -replace github.com/caddyserver/caddy/v2 => ./.. - -require ( - github.com/caddyserver/caddy/v2 v2.0.0-00010101000000-000000000000 - github.com/dvyukov/go-fuzz v0.0.0-20190824151841-1123d3b1be96 -) diff --git a/fuzz/go.sum b/fuzz/go.sum deleted file mode 100644 index 70d02ae7eb6..00000000000 --- a/fuzz/go.sum +++ /dev/null @@ -1,73 +0,0 @@ -github.com/DataDog/zstd v1.4.1/go.mod h1:1jcaCB/ufaK+sKp1NBhlGmpz41jOoPQ35bpF36t7BBo= -github.com/Masterminds/goutils v1.1.0 h1:zukEsf/1JZwCMgHiK3GZftabmxiCw4apj3a28RPBiVg= -github.com/Masterminds/goutils v1.1.0/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= -github.com/Masterminds/semver v1.4.2 h1:WBLTQ37jOCzSLtXNdoo8bNM8876KhNqOKvrlGITgsTc= -github.com/Masterminds/semver v1.4.2/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= -github.com/Masterminds/sprig v2.20.0+incompatible h1:dJTKKuUkYW3RMFdQFXPU/s6hg10RgctmTjRcbZ98Ap8= -github.com/Masterminds/sprig v2.20.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o= -github.com/andybalholm/brotli v0.0.0-20190704151324-71eb68cc467c/go.mod h1:+lx6/Aqd1kLJ1GQfkvOnaZ1WGmLpMpbprPuIOOZX30U= -github.com/caddyserver/caddy v1.0.3 h1:i9gRhBgvc5ifchwWtSe7pDpsdS9+Q0Rw9oYQmYUTw1w= -github.com/cenkalti/backoff v2.1.1+incompatible h1:tKJnvO2kl0zmb/jA5UKAt4VoEVw1qxKWjE/Bpp46npY= -github.com/cenkalti/backoff v2.1.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/dvyukov/go-fuzz v0.0.0-20190819180756-98cec4f75045 h1:ik3KETxXrXa3cGhagpheF8MGbPYPnh/sZ4lWwYc4IUw= -github.com/dvyukov/go-fuzz v0.0.0-20190819180756-98cec4f75045/go.mod h1:11Gm+ccJnvAhCNLlf5+cS9KjtbaD5I5zaZpFMsTHWTw= -github.com/dvyukov/go-fuzz v0.0.0-20190824151841-1123d3b1be96/go.mod h1:11Gm+ccJnvAhCNLlf5+cS9KjtbaD5I5zaZpFMsTHWTw= -github.com/go-acme/lego v2.5.0+incompatible/go.mod h1:yzMNe9CasVUhkquNvti5nAtPmG94USbYxYrZfTkIn0M= -github.com/go-acme/lego v2.6.0+incompatible h1:KxcEWOF5hKtgou4xIqPaXSRF9DoO4OJ90ndwdK6YH/k= -github.com/go-acme/lego v2.6.0+incompatible/go.mod h1:yzMNe9CasVUhkquNvti5nAtPmG94USbYxYrZfTkIn0M= -github.com/golang/gddo v0.0.0-20190419222130-af0f2af80721/go.mod h1:xEhNfoBDX1hzLm2Nf80qUvZ2sVwoMZ8d6IE2SrsQfh4= -github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/huandu/xstrings v1.2.0 h1:yPeWdRnmynF7p+lLYz0H2tthW9lqhMJrQV/U7yy4wX0= -github.com/huandu/xstrings v1.2.0/go.mod h1:DvyZB1rfVYsBIigL8HwpZgxHwXozlTgGqn63UyNX5k4= -github.com/imdario/mergo v0.3.7 h1:Y+UAYTZ7gDEuOfhxKWy+dvb5dRQ6rJjFSdX2HZY1/gI= -github.com/imdario/mergo v0.3.7/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/klauspost/compress v1.7.1-0.20190613161414-0b31f265a57b/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= -github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= -github.com/klauspost/cpuid v1.2.1 h1:vJi+O/nMdFt0vqm8NZBI6wzALWdA2X+egi0ogNyrC/w= -github.com/klauspost/cpuid v1.2.1/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/mholt/certmagic v0.6.2 h1:yy9cKm3rtxdh12SW4E51lzG3Eo6N59LEOfBQ0CTnMms= -github.com/mholt/certmagic v0.6.2/go.mod h1:g4cOPxcjV0oFq3qwpjSA30LReKD8AoIfwAY9VvG35NY= -github.com/miekg/dns v1.1.3 h1:1g0r1IvskvgL8rR+AcHzUA+oFmGcQlaIm4IqakufeMM= -github.com/miekg/dns v1.1.3/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= -github.com/mitchellh/go-ps v0.0.0-20170309133038-4fdf99ab2936/go.mod h1:r1VsdOzOPt1ZSrGZWFoNhsAedKnEd6r9Np1+5blZCWk= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rs/cors v1.6.0 h1:G9tHG9lebljV9mfp9SNPDL36nCDxmo3zTlAf1YgvzmI= -github.com/rs/cors v1.6.0/go.mod h1:gFx+x8UowdsKA9AchylcLynDq+nNFfI8FkUZdN/jGCU= -github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q= -github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo= -github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/starlight-go/starlight v0.0.0-20181207205707-b06f321544f3 h1:/fBh1Ot84ILt/ociFHO98wJ9LxIMA3UG8B0unUJPFpY= -github.com/starlight-go/starlight v0.0.0-20181207205707-b06f321544f3/go.mod h1:pxOc2ZuBV+CNlQgzq/HJ9Z9G/eoEMHFeuGohOvva4Co= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -go.starlark.net v0.0.0-20190604130855-6ddc71c0ba77 h1:KPzANX1mXqnSWenqVWkSTsQWiaUSpTY5GyGZKI6lStw= -go.starlark.net v0.0.0-20190604130855-6ddc71c0ba77/go.mod h1:c1/X6cHgvdXj6pUlmWKMkuqRnW4K8x2vwt6JAaaircg= -golang.org/x/crypto v0.0.0-20190123085648-057139ce5d2b/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65 h1:+rhAzEzT3f4JtomfC371qB+0Ola2caSKcY69NUBZrRQ= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190124100055-b90733256f2e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190422165155-953cdadca894 h1:Cz4ceDQGXuKRnVBDTS23GTn/pU5OE2C0WrNTOYK1Uuc= -golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/square/go-jose.v2 v2.2.2 h1:orlkJ3myw8CN1nVQHBFfloD+L3egixIa4FvUP6RosSA= -gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/fuzz/parseCaddyfile_fuzz.go b/fuzz/parseCaddyfile_fuzz.go deleted file mode 100644 index 178cbea6ebc..00000000000 --- a/fuzz/parseCaddyfile_fuzz.go +++ /dev/null @@ -1,42 +0,0 @@ -// Copyright 2015 Matthew Holt and The Caddy Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +build gofuzz -// +build gofuzz_libfuzzer - -package fuzz - -import ( - "bytes" - - "github.com/caddyserver/caddy/v2/caddyconfig/caddyfile" - - // This package is required for go-fuzz-build, so pin it here for - // 'go mod vendor' to include it. - _ "github.com/dvyukov/go-fuzz/go-fuzz-dep" -) - -func FuzzParseCaddyfile(data []byte) (score int) { - sb, err := caddyfile.Parse("Caddyfile", bytes.NewReader(data)) - if err != nil { - // if both an error is received and some ServerBlocks, - // then the parse was able to parse partially. Mark this - // result as interesting to push the fuzzer further through the parser. - if sb != nil && len(sb) > 0 { - return 1 - } - return 0 - } - return 1 -} diff --git a/go.mod b/go.mod index be5f485ddc9..0ab0c8b83ef 100644 --- a/go.mod +++ b/go.mod @@ -6,6 +6,7 @@ require ( github.com/Masterminds/sprig/v3 v3.0.0 github.com/andybalholm/brotli v0.0.0-20190821151343-b60f0d972eeb github.com/dustin/go-humanize v1.0.0 + github.com/dvyukov/go-fuzz v0.0.0-20191022152526-8cb203812681 // indirect github.com/go-acme/lego/v3 v3.1.0 github.com/golang/groupcache v0.0.0-20191002201903-404acd9df4cc github.com/ilibs/json5 v1.0.1 diff --git a/go.sum b/go.sum index 4ecf4835e81..8023c8d92e1 100644 --- a/go.sum +++ b/go.sum @@ -59,6 +59,8 @@ github.com/dnaeon/go-vcr v0.0.0-20180814043457-aafff18a5cc2/go.mod h1:aBB1+wY4s9 github.com/dnsimple/dnsimple-go v0.30.0/go.mod h1:O5TJ0/U6r7AfT8niYNlmohpLbCSG+c71tQlGr9SeGrg= github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= +github.com/dvyukov/go-fuzz v0.0.0-20191022152526-8cb203812681 h1:3WV5aRRj1ELP3RcLlBp/v0WJTuy47OQMkL9GIQq8QEE= +github.com/dvyukov/go-fuzz v0.0.0-20191022152526-8cb203812681/go.mod h1:11Gm+ccJnvAhCNLlf5+cS9KjtbaD5I5zaZpFMsTHWTw= github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs= github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU= github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I= diff --git a/fuzz/parseAddress_fuzz.go b/listeners_fuzz.go similarity index 64% rename from fuzz/parseAddress_fuzz.go rename to listeners_fuzz.go index 05efcd4ffca..98465fd2d7e 100644 --- a/fuzz/parseAddress_fuzz.go +++ b/listeners_fuzz.go @@ -15,22 +15,11 @@ // +build gofuzz // +build gofuzz_libfuzzer -package fuzz +package caddy -import ( - "github.com/caddyserver/caddy/v2/caddyconfig/httpcaddyfile" - - // This package is required for go-fuzz-build, so pin it here for - // 'go mod vendor' to include it. - _ "github.com/dvyukov/go-fuzz/go-fuzz-dep" -) - -func FuzzParseAddress(data []byte) int { - addr, err := httpcaddyfile.ParseAddress(string(data)) +func FuzzParseNetworkAddress(data []byte) int { + _, _, err := ParseNetworkAddress(string(data)) if err != nil { - if addr == (httpcaddyfile.Address{}) { - return 1 - } return 0 } return 1 diff --git a/fuzz/replacer_fuzz.go b/replacer_fuzz.go similarity index 67% rename from fuzz/replacer_fuzz.go rename to replacer_fuzz.go index c2cc0964014..6d40cf73dc2 100644 --- a/fuzz/replacer_fuzz.go +++ b/replacer_fuzz.go @@ -15,18 +15,12 @@ // +build gofuzz // +build gofuzz_libfuzzer -package fuzz - -import ( - "github.com/caddyserver/caddy/v2" - - // This package is required for go-fuzz-build, so pin it here for - // 'go mod vendor' to include it. - _ "github.com/dvyukov/go-fuzz/go-fuzz-dep" -) +package caddy func FuzzReplacer(data []byte) (score int) { - caddy.NewReplacer().ReplaceAll(string(data), "") - caddy.NewReplacer().ReplaceAll(string(data[:len(data)/2]), string(data[len(data)/2:])) + NewReplacer().ReplaceAll(string(data), "") + NewReplacer().ReplaceAll(NewReplacer().ReplaceAll(string(data), ""), "") + NewReplacer().ReplaceAll(NewReplacer().ReplaceAll(string(data), ""), NewReplacer().ReplaceAll(string(data), "")) + NewReplacer().ReplaceAll(string(data[:len(data)/2]), string(data[len(data)/2:])) return 0 } From 4ce8932aea9af115849a8fd9ce6ac2d9599f0982 Mon Sep 17 00:00:00 2001 From: Mohammed Al Sahaf Date: Sat, 26 Oct 2019 01:25:58 +0300 Subject: [PATCH 5/5] fuzz: enable fuzzit --- azure-pipelines.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 0580e0cbef3..58ce4f0d124 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -6,7 +6,7 @@ trigger: schedules: - cron: "0 0 * * *" - displayName: Daily midnight tests & fuzzing + displayName: Daily midnight fuzzing branches: include: - v2 @@ -185,7 +185,6 @@ jobs: mv !(gopath) '$(modulePath)' displayName: Remove old Go, set GOBIN/GOROOT, and move project into GOPATH - # Install Go (this varies by platform) - bash: | wget "https://dl.google.com/go/$(LATEST_GO).linux-amd64.tar.gz" sudo tar -C $(gorootDir) -xzf "$(LATEST_GO).linux-amd64.tar.gz" @@ -199,7 +198,7 @@ jobs: sudo apt update && sudo apt install -y clang lldb lld go get -v github.com/dvyukov/go-fuzz/go-fuzz github.com/dvyukov/go-fuzz/go-fuzz-build - wget -q -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/download/v2.4.24/fuzzit_Linux_x86_64 + wget -q -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/download/v2.4.74/fuzzit_Linux_x86_64 chmod a+x fuzzit mv fuzzit $(GOBIN) displayName: Download go-fuzz tools and the Fuzzit CLI, and move Fuzzit CLI to GOBIN @@ -237,9 +236,8 @@ jobs: go-fuzz-build -func "${fuzzers_funcs[$f]}" -libfuzzer -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.a" $FUZZER_DIRECTORY echo "Generating fuzzer binary of func ${fuzzers_funcs[$f]} which resides in $f" clang -fsanitize=fuzzer "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.a" -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.fuzzer" - #fuzzit create job --type "${fuzz_type}" --branch "${SYSTEM_PULLREQUEST_SOURCEBRANCH}" --revision "${BUILD_SOURCEVERSION}" caddyserver/${fuzzers_targets[$FUZZ_FILENAME]} $FUZZER_DIRECTORY/${fuzzers_targets[$FUZZ_FILENAME]}.fuzzer + fuzzit create job --type "${fuzz_type}" --branch "${SYSTEM_PULLREQUEST_SOURCEBRANCH}" --revision "${BUILD_SOURCEVERSION}" caddyserver/${fuzzers_targets[$f]} $FUZZER_DIRECTORY/${fuzzers_targets[$f]}.fuzzer echo "Completed $f" done workingDirectory: '$(modulePath)' - condition: and(eq(variables['System.PullRequest.IsFork'], 'False') , eq( variables['Agent.OS'], 'Linux' )) displayName: Generate fuzzers & submit them to Fuzzit