Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump actions/cache from 3.2.4 to 3.3.0 #20

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions .github/workflows/build-and-test-all.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:
echo "stamp=$(/bin/date +%s)" >> "$GITHUB_OUTPUT"
shell: bash
- name: let GitHub cache our ccache data
uses: actions/cache@v3.2.4
uses: actions/cache@v3.3.0
with:
path: ~/.ccache
key: auth-ccache-${{ steps.get-stamp.outputs.stamp }}
Expand Down Expand Up @@ -80,7 +80,7 @@ jobs:
echo "stamp=$(/bin/date +%s)" >> "$GITHUB_OUTPUT"
shell: bash
- name: let GitHub cache our ccache data
uses: actions/cache@v3.2.4
uses: actions/cache@v3.3.0
with:
path: ~/.ccache
key: recursor-${{ matrix.sanitizers }}-ccache-${{ steps.get-stamp.outputs.stamp }}
Expand Down Expand Up @@ -132,7 +132,7 @@ jobs:
echo "stamp=$(/bin/date +%s)" >> "$GITHUB_OUTPUT"
shell: bash
- name: let GitHub cache our ccache data
uses: actions/cache@v3.2.4
uses: actions/cache@v3.3.0
with:
path: ~/.ccache
key: dnsdist-${{ matrix.features }}-${{ matrix.sanitizers }}-ccache-${{ steps.get-stamp.outputs.stamp }}
Expand Down
55 changes: 55 additions & 0 deletions .github/workflows/fuzz_target_dnsdistcache-mayhem.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
name: Mayhem
on:
push:
pull_request:
workflow_dispatch:
workflow_call:
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build:
name: ${{ matrix.os }} shared=${{ matrix.shared }} ${{ matrix.build_type }}
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest]
shared: [false]
build_type: [Release]
include:
- os: ubuntu-latest
triplet: x64-linux
steps:
- uses: actions/checkout@v2
with:
submodules: recursive
- name: Log in to the Container registry
uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name: Build and push Docker image
uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
with:
context: .
file: mayhem/Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Start analysis
uses: forallsecure/mcode-action@v1
with:
mayhem-token: ${{ secrets.MAYHEM_TOKEN }}
args: --image ${{ steps.meta.outputs.tags }} --cmd /out/fuzz_target_dnsdistcache
--target fuzz_target_dnsdistcache --file mayhem/fuzz_target_dnsdistcache.mayhemfile
sarif-output: sarif
- name: Upload SARIF file(s)
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: sarif
36 changes: 36 additions & 0 deletions mayhem/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
# Copyright 2018 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
################################################################################

# base image with clang toolchain
FROM gcr.io/oss-fuzz-base/base-builder

# maintainer for this file

# install required packages to build your project
RUN apt-get update && apt-get install -y autoconf automake bison dh-autoreconf flex boost1.71-all-dev libluajit-5.1-dev libedit-dev libprotobuf-dev libssl-dev libtool make pkg-config protobuf-compiler ragel

# checkout all sources needed to build your project
COPY . pdns
RUN rm -rf pdns/mayhem

# current directory for build script
WORKDIR pdns

# copy build script and other fuzzer files in src dir
COPY mayhem/build.sh $SRC/

ENV FUZZING_LANGUAGE=c++ SANITIZER=address
RUN compile
Empty file added mayhem/Dockerfile.dockerignore
Empty file.
64 changes: 64 additions & 0 deletions mayhem/build.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
#!/bin/bash -eu
# Copyright 2018 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
################################################################################

# remove dependencies on boost's program_options, we don't need it
# and it won't link because oss-fuzz adds -stdlib=libc++ to the flags,
# which would require rebuilding boost
sed -i 's/BOOST_PROGRAM_OPTIONS(\[mt\])//' configure.ac
sed -i 's/AC_MSG_ERROR(\[Boost Program Options library not found\])/AC_MSG_NOTICE(\[Boost Program Options library not found\])/' configure.ac
# we also need to disable building as PIE because libFuzzingEngine.a
# does not appear to be compiled as PIC
sed -i 's/AC_CC_PIE//' configure.ac

# build fuzzing targets
autoreconf -vi
./configure \
--without-dynmodules \
--with-modules='' \
--disable-lua-records \
--disable-ixfrdist \
--enable-fuzz-targets \
--disable-dependency-tracking \
--disable-silent-rules || /bin/bash
cd pdns
make -j$(nproc) fuzz_targets

# copy the fuzzing target binaries
cp fuzz_target_* "${OUT}/"

# copy the zones used in the regression tests to the "zones" corpus
cp ../regression-tests/zones/* ../fuzzing/corpus/zones/

# generate the corpus files
if [ -d ../fuzzing/corpus/raw-dns-packets/ ]; then
zip -j "${OUT}/fuzz_target_dnsdistcache_seed_corpus.zip" ../fuzzing/corpus/raw-dns-packets/*
fi
if [ -d ../fuzzing/corpus/txt-records/ ]; then
zip -j "${OUT}/fuzz_target_dnslabeltext_parseRFC1035CharString_seed_corpus.zip" ../fuzzing/corpus/txt-records/*
fi
if [ -d ../fuzzing/corpus/raw-dns-packets/ ]; then
zip -j "${OUT}/fuzz_target_moadnsparser_seed_corpus.zip" ../fuzzing/corpus/raw-dns-packets/*
fi
if [ -d ../fuzzing/corpus/raw-dns-packets/ ]; then
zip -j "${OUT}/fuzz_target_packetcache_seed_corpus.zip" ../fuzzing/corpus/raw-dns-packets/*
fi
if [ -d ../fuzzing/corpus/proxy-protocol-raw-packets/ ]; then
zip -j "${OUT}/fuzz_target_proxyprotocol_seed_corpus.zip" ../fuzzing/corpus/proxy-protocol-raw-packets/*
fi
if [ -d ../fuzzing/corpus/zones/ ]; then
zip -j "${OUT}/fuzz_target_zoneparsertng_seed_corpus.zip" ../fuzzing/corpus/zones/*
fi
4 changes: 4 additions & 0 deletions mayhem/fuzz_target_dnsdistcache.mayhemfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
project: PROJECT
target: fuzz_target_dnsdistcache
cmds:
- cmd: /out/fuzz_target_dnsdistcache