From 8d14d811967884d0b175900afda9a2a965358e62 Mon Sep 17 00:00:00 2001 From: Raj Shah Date: Fri, 18 Nov 2022 22:27:34 +0000 Subject: [PATCH] Update Mayhem integration structure --- .github/workflows/mayhem.yml | 44 +++++++++++++++++++----------------- Dockerfile.mayhem | 15 ------------ Mayhemfile | 5 ---- mayhem/Dockerfile | 17 ++++++++++++++ mayhem/Mayhemfile | 7 ++++++ 5 files changed, 47 insertions(+), 41 deletions(-) delete mode 100644 Dockerfile.mayhem delete mode 100644 Mayhemfile create mode 100644 mayhem/Dockerfile create mode 100644 mayhem/Mayhemfile diff --git a/.github/workflows/mayhem.yml b/.github/workflows/mayhem.yml index c5b8eee8..f7e20fcf 100644 --- a/.github/workflows/mayhem.yml +++ b/.github/workflows/mayhem.yml @@ -10,22 +10,13 @@ env: jobs: build: + name: 'Build mayhem fuzzing container' permissions: write-all - name: '${{ matrix.os }} shared=${{ matrix.shared }} ${{ matrix.build_type }}' - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest] - shared: [false] - build_type: [Release] - include: - - os: ubuntu-latest - triplet: x64-linux - + runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 with: - submodules: true + submodules: recursive - name: Log in to the Container registry uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 @@ -43,20 +34,31 @@ jobs: - name: Build and push Docker image uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc with: - file: ./Dockerfile.mayhem context: . + file: mayhem/Dockerfile push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - - name: Start analysis + outputs: + image: ${{ steps.meta.outputs.tags }} + + mayhem: + needs: build + name: 'fuzz ${{ matrix.mayhemfile }}' + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + mayhemfile: + - mayhem/Mayhemfile + + steps: + - uses: actions/checkout@v2 + + - name: Start analysis for ${{ matrix.mayhemfile }} uses: ForAllSecure/mcode-action@v1 with: mayhem-token: ${{ secrets.MAYHEM_TOKEN }} - args: --image ${{ steps.meta.outputs.tags }} - sarif-output: sarif - - - name: Upload SARIF file(s) - uses: github/codeql-action/upload-sarif@v1 - with: - sarif_file: sarif + args: --image ${{ needs.build.outputs.image }} --file ${{ matrix.mayhemfile }} --duration 300 + sarif-output: sarif \ No newline at end of file diff --git a/Dockerfile.mayhem b/Dockerfile.mayhem deleted file mode 100644 index 8ef61913..00000000 --- a/Dockerfile.mayhem +++ /dev/null @@ -1,15 +0,0 @@ -FROM --platform=linux/amd64 ubuntu:22.04 as builder - -RUN apt-get update -RUN DEBIAN_FRONTEND=noninteractive apt-get install -y build-essential cmake - -COPY . /repo -WORKDIR /repo/build -RUN cmake .. -RUN make -j8 - -FROM ubuntu:22.04 as package -COPY --from=builder /repo/build/cnip / -COPY --from=builder /repo/build/C/* /deps/ -COPY --from=builder /repo/build/common/* /deps/ -ENV LD_LIBRARY_PATH=/deps diff --git a/Mayhemfile b/Mayhemfile deleted file mode 100644 index 187e73d7..00000000 --- a/Mayhemfile +++ /dev/null @@ -1,5 +0,0 @@ -project: psychec -target: cnip - -cmds: - - cmd: /cnip @@ diff --git a/mayhem/Dockerfile b/mayhem/Dockerfile new file mode 100644 index 00000000..5cca14dc --- /dev/null +++ b/mayhem/Dockerfile @@ -0,0 +1,17 @@ +FROM --platform=linux/amd64 ubuntu:22.04 as builder + +RUN apt-get update +RUN DEBIAN_FRONTEND=noninteractive apt-get install -y build-essential cmake +RUN DEBIAN_FRONTEND=noninteractive apt-get install -y clang + +COPY . /repo +# WORKDIR /repo/build +WORKDIR /repo +# RUN cmake .. +RUN clang++ harness.cpp utility/Process.cpp tools/*.cpp -fsanitize=fuzzer -o out -Iutility/ + +# FROM ubuntu:22.04 as package +# COPY --from=builder /repo/build/cnip / +# COPY --from=builder /repo/build/C/* /deps/ +# COPY --from=builder /repo/build/common/* /deps/ +# ENV LD_LIBRARY_PATH=/deps diff --git a/mayhem/Mayhemfile b/mayhem/Mayhemfile new file mode 100644 index 00000000..d6d731b1 --- /dev/null +++ b/mayhem/Mayhemfile @@ -0,0 +1,7 @@ +project: psychec +target: cnip + +cmds: + - cmd: /repo/out + libfuzzer: true +image: ghcr.io/rnshah9/playground:psychec