diff --git a/.clusterfuzzlite/Dockerfile b/.clusterfuzzlite/Dockerfile new file mode 100644 index 0000000000..ade9186821 --- /dev/null +++ b/.clusterfuzzlite/Dockerfile @@ -0,0 +1,7 @@ +FROM gcr.io/oss-fuzz-base/base-builder-rust:v1 +RUN rustup install nightly-2024-09-24 && rustup default nightly-2024-09-24 +RUN rustup component add rust-src --toolchain nightly-2024-09-24 +ENV RUSTUP_TOOLCHAIN=nightly-2024-09-24 +COPY . $SRC/fuel-vm +WORKDIR fuel-vm +COPY .clusterfuzzlite/build.sh $SRC/ diff --git a/.clusterfuzzlite/README.md b/.clusterfuzzlite/README.md new file mode 100644 index 0000000000..e9deaebf2e --- /dev/null +++ b/.clusterfuzzlite/README.md @@ -0,0 +1,5 @@ +# ClusterFuzzLite + +This directory contains the configuration for [ClusterFuzzLite](https://google.github.io/clusterfuzzlite/). CFL is used in the GitHub Actions CI in several workflows. + +The corpus and more documentation can be found in [FuelLabs/fuel-fuzzing-corpus](https://github.com/FuelLabs/fuel-fuzzing-corpus). diff --git a/.clusterfuzzlite/build.sh b/.clusterfuzzlite/build.sh new file mode 100755 index 0000000000..736377ebea --- /dev/null +++ b/.clusterfuzzlite/build.sh @@ -0,0 +1,9 @@ +#!/bin/bash -eu + +cd $SRC/fuel-vm + +cd fuel-vm + +cargo fuzz build -O --sanitizer none + +cp fuzz/target/x86_64-unknown-linux-gnu/release/grammar_aware_advanced $OUT/ diff --git a/.clusterfuzzlite/project.yaml b/.clusterfuzzlite/project.yaml new file mode 100644 index 0000000000..22761ba7ee --- /dev/null +++ b/.clusterfuzzlite/project.yaml @@ -0,0 +1 @@ +language: rust diff --git a/.github/workflows/cflite_batch.yml b/.github/workflows/cflite_batch.yml new file mode 100644 index 0000000000..6e201cc1c2 --- /dev/null +++ b/.github/workflows/cflite_batch.yml @@ -0,0 +1,33 @@ +name: ClusterFuzzLite batch fuzzing +on: + workflow_dispatch: + schedule: + - cron: '0 0/24 * * *' # Every 24th hour +permissions: read-all +jobs: + BatchFuzzing: + runs-on: ubuntu-latest + steps: + - name: Get fuzzer auth token + uses: actions/create-github-app-token@v1 + id: fuzzer-token + with: + owner: ${{ github.repository_owner }} + app-id: ${{ vars.FUEL_FUZZING_CORPUS_APP_ID }} + private-key: ${{ secrets.FUEL_FUZZING_CORPUS_APP_KEY }} + - name: Build Fuzzers (${{ matrix.sanitizer }}) + id: build + uses: google/clusterfuzzlite/actions/build_fuzzers@v1 + with: + language: rust + - name: Run Fuzzers (${{ matrix.sanitizer }}) + id: run + uses: google/clusterfuzzlite/actions/run_fuzzers@v1 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + fuzz-seconds: 3600 + mode: 'batch' + output-sarif: true + storage-repo: https://oauth2:${{ steps.fuzzer-token.outputs.token }}@github.com/FuelLabs/fuel-fuzzing-corpus.git + storage-repo-branch: main + storage-repo-branch-coverage: gh-pages diff --git a/.github/workflows/cflite_cron.yml b/.github/workflows/cflite_cron.yml new file mode 100644 index 0000000000..8ba151fed2 --- /dev/null +++ b/.github/workflows/cflite_cron.yml @@ -0,0 +1,60 @@ +name: ClusterFuzzLite cron tasks +on: + workflow_dispatch: + schedule: + - cron: '0 0/72 * * *' +permissions: read-all +jobs: + Pruning: + runs-on: ubuntu-latest + steps: + - name: Get fuzzer auth token + uses: actions/create-github-app-token@v1 + id: fuzzer-token + with: + owner: ${{ github.repository_owner }} + app-id: ${{ vars.FUEL_FUZZING_CORPUS_APP_ID }} + private-key: ${{ secrets.FUEL_FUZZING_CORPUS_APP_KEY }} + - name: Build Fuzzers + id: build + uses: google/clusterfuzzlite/actions/build_fuzzers@v1 + with: + language: rust + - name: Run Fuzzers + id: run + uses: google/clusterfuzzlite/actions/run_fuzzers@v1 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + fuzz-seconds: 600 + mode: 'prune' + output-sarif: true + storage-repo: https://oauth2:${{ steps.fuzzer-token.outputs.token }}@github.com/FuelLabs/fuel-fuzzing-corpus.git + storage-repo-branch: main + storage-repo-branch-coverage: gh-pages + Coverage: + runs-on: ubuntu-latest + steps: + - name: Get fuzzer auth token + uses: actions/create-github-app-token@v1 + id: fuzzer-token + with: + owner: ${{ github.repository_owner }} + app-id: ${{ vars.FUEL_FUZZING_CORPUS_APP_ID }} + private-key: ${{ secrets.FUEL_FUZZING_CORPUS_APP_KEY }} + - name: Build Fuzzers + id: build + uses: google/clusterfuzzlite/actions/build_fuzzers@v1 + with: + language: rust + sanitizer: coverage + - name: Run Fuzzers + id: run + uses: google/clusterfuzzlite/actions/run_fuzzers@v1 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + fuzz-seconds: 600 + mode: 'coverage' + sanitizer: 'coverage' + storage-repo: https://oauth2:${{ steps.fuzzer-token.outputs.token }}@github.com/FuelLabs/fuel-fuzzing-corpus.git + storage-repo-branch: main + storage-repo-branch-coverage: gh-pages diff --git a/.github/workflows/cflite_pr.yml b/.github/workflows/cflite_pr.yml new file mode 100644 index 0000000000..b161e805d8 --- /dev/null +++ b/.github/workflows/cflite_pr.yml @@ -0,0 +1,38 @@ +name: ClusterFuzzLite PR fuzzing + +on: + pull_request: + workflow_dispatch: + +permissions: read-all +jobs: + PR: + runs-on: ubuntu-latest + steps: + - name: Get fuzzer auth token + uses: actions/create-github-app-token@v1 + id: fuzzer-token + with: + owner: ${{ github.repository_owner }} + app-id: ${{ vars.FUEL_FUZZING_CORPUS_APP_ID }} + private-key: ${{ secrets.FUEL_FUZZING_CORPUS_APP_KEY }} + - name: Build Fuzzers + id: build + uses: google/clusterfuzzlite/actions/build_fuzzers@v1 + with: + language: rust + github-token: ${{ secrets.GITHUB_TOKEN }} + storage-repo: https://oauth2:${{ steps.fuzzer-token.outputs.token }}@github.com/FuelLabs/fuel-fuzzing-corpus.git + storage-repo-branch: main + storage-repo-branch-coverage: gh-pages + - name: Run Fuzzers + id: run + uses: google/clusterfuzzlite/actions/run_fuzzers@v1 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + fuzz-seconds: 600 + mode: 'code-change' + output-sarif: true + storage-repo: https://oauth2:${{ steps.fuzzer-token.outputs.token }}@github.com/FuelLabs/fuel-fuzzing-corpus.git + storage-repo-branch: main + storage-repo-branch-coverage: gh-pages diff --git a/CHANGELOG.md b/CHANGELOG.md index 6294315c6f..677da65d3d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/). ### Added - [#838](https://github.com/FuelLabs/fuel-vm/pull/838): Implemented `AsRef<[u8]>` and `TryFrom<&[u8]>` for DA compression types: ScriptCode, PredicateCode, RegistryKey. +- [#820](https://github.com/FuelLabs/fuel-vm/pull/820): Add fuzzing in CI with ClusterFuzzLite. ### Removed