github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Run fuzzing tests with go test -fuzz

Browse Source 
In addition to oss-fuzz's CIFuzz (see #7052), this commit adds a small
shell script that run all fuzzing tests with go test -fuzz.

While running for 30 seconds would be too short to acutally find issues,
we want to make sure that these fuzzing tests are not fundamentally
broken.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
This commit is contained in:
Kazuyoshi Kato 2022-06-15 15:26:55 +00:00
parent a1eb2d8a67
commit 82adbc849a
2 changed files with 46 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
.github/workflows/cifuzz.yml → .github/workflows/fuzz.yml vendored
View File

@ -1,7 +1,10 @@
name: CI Fuzz
name: Fuzzing
on: [pull_request]
jobs:
Fuzzing:
# Run all fuzzing tests. Some of them use Go 1.18's testing.F.
# Others use https://github.com/AdaLogics/go-fuzz-headers.
ci_fuzz:
name: CI Fuzz
runs-on: ubuntu-latest
steps:
- name: Build Fuzzers
@ -24,3 +27,15 @@ jobs:
with:
name: artifacts
path: ./out/artifacts
# Make sure all fuzzing tests which use Go 1.18's testing.F are
# runnable with go test -fuzz.
go_test_fuzz:
name : go test -fuzz
runs-on: ubuntu-latest
steps:
- uses: actions/setup-go@v2
with:
go-version: 1.18
- uses: actions/checkout@v2
- run: script/go-test-fuzz.sh

29
script/go-test-fuzz.sh Executable file
View File

@ -0,0 +1,29 @@
#!/usr/bin/env bash
# Copyright The containerd Authors.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Running Go 1.18's fuzzing for 30 seconds each. While this would be too
# short to acutally find issues, we want to make sure that these fuzzing
# tests are not fundamentally broken.
set -euo pipefail
fuzztime=30s
pkgs=$(git grep 'func Fuzz.*testing\.F' | grep -o '.*\/' | sort | uniq)
for pkg in $pkgs
do
go test -fuzz=. ./$pkg -fuzztime=$fuzztime
done