-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update NSS project to use the build.sh and fuzzers provided by NSS #316
Conversation
Thanks for your pull request. It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please visit https://cla.developers.google.com/ to sign. Once you've signed, please reply here (e.g.
|
The current fuzzers have been removed and are now covered by the new QuickDER target.
CLAs look good, thanks! |
BTW, Here's our in-tree build script: https://hg.mozilla.org/projects/nss/file/tip/automation/ossfuzz/build.sh |
The change looks great. Just a quick check: did you test it in the OSS-Fuzz's docker environment? |
Yeah, both fuzzers that we currently have build and run just fine. crossing fingers |
Excellent! |
That's the plan ;) Thank you! |
a question: are you using libFuzzer provided by OSS-Fuzz, or your own build of libFuzzer? |
We're using -lFuzzingEngine as stated in your documentation. |
Perfect! |
What is -I$SRC/libfuzzer" for? |
I also see "#include "FuzzerInternal.h" |
Right... we probably don't need to include FuzzerInternal.h but rather FuzzerInterface.h. We need FuzzerRandom.h for custom mutators. How does OSS-Fuzz deal with targets that want/use custom mutators then? |
OSS-Fuzz does not know about custom mutators. It's ok to include FuzzerInterface.h (but not any other header), but remember that custom mutators And, FuzzerInterface.h is still experimental to some extent, be prepared for some changes in future. |
I see, okay. It's fine to not have custom mutators with AFL, and we can react to API changes quickly. So we should probably not user fuzzer::Random() but feed the seed into |
Yes, that's the idea. |
Makes sense. We'll fix and land this tomorrow. I'll let you know! |
Currently the build is marked as unstable, i.e. the built binaries don't run.
this is clearly a bug in our infra which calls the fuzzer binaries w.o a path, We need to fix it, of course. |
.. and fixed now |
The major bug right now is fuzzer is continuously crashing on this error. https://clusterfuzz-external.appspot.com/v2/testcase-detail/4744595573309440 will take a while to open since it has this error all over. hash: ../../fuzz/shared.h:21: NSSDatabase::NSSDatabase(): Assertion `NSS_NoDB_Init(nullptr) == SECSuccess failed.
|
During development it's convenient to being able to adjust this, for example when focus during development is on aspects of OSS-Fuzz-gen that is unrelated to code fixing it's convenient to decrease this to speed up evaluation.
The current fuzzers have been removed and are now covered by the new QuickDER target.