MisraStdC/.github/workflows/fuzz.yml at master · brightprogrammer/MisraStdC · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
name: AFL++ Fuzzing

on:
  push:
    branches: [ master, develop ]
  pull_request:
    branches: [ master ]
  schedule:
    # Run a real fuzz session daily at 2 AM UTC
    - cron: '0 2 * * *'
  workflow_dispatch:
    inputs:
      duration:
        description: 'Fuzz session duration (e.g. 60s, 5m, 30m)'
        default: '30m'
        required: false

# Automatically cancel any previous workflow on new push.
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }}
  cancel-in-progress: true

jobs:
  fuzz:
    runs-on: ubuntu-latest
    # 60 min cap so a runaway dispatch can't eat the runner; the actual
    # fuzz step caps itself far below this (see "Determine fuzz duration").
    timeout-minutes: 60

    steps:
    - name: Checkout code
      uses: actions/checkout@v4

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v3

    - name: Make fuzz-docker.sh executable
      run: chmod +x Scripts/fuzz-docker.sh

    - name: Clean up previous fuzzing outputs
      run: |
        # Clean up any previous fuzzing outputs to avoid conflicts
        rm -rf fuzz-outputs/*
        echo "Cleaned up previous fuzzing outputs"

    - name: Determine fuzz duration
      # On push / PR: 60 s smoke test — proves the fuzz pipeline starts and
      # AFL++ initializes without spending half an hour. Real fuzzing happens
      # on the daily schedule or via manual workflow_dispatch.
      id: duration
      run: |
        case "${{ github.event_name }}" in
          schedule)          DURATION=30m ;;
          workflow_dispatch) DURATION="${{ inputs.duration }}" ;;
          *)                 DURATION=60s ;;
        esac
        echo "duration=$DURATION" >> "$GITHUB_OUTPUT"
        echo "Running fuzz for $DURATION (event: ${{ github.event_name }})"

    - name: Run AFL++ fuzzing (with ASAN)
      run: |
        timeout ${{ steps.duration.outputs.duration }} ./Scripts/fuzz-docker.sh || true

    - name: Fix permissions for artifact upload
      run: |
        # Fix ownership and permissions for fuzz outputs
        if [ -d "fuzz-outputs" ]; then
          # Change ownership to runner user
          sudo chown -R runner:runner fuzz-outputs/
          # Ensure proper permissions
          chmod -R 755 fuzz-outputs/
          # List contents to verify
          echo "Fixed permissions for fuzz-outputs directory:"
          ls -la fuzz-outputs/
          # Check for new fuzzer directory structure
          if [ -d "fuzz-outputs/fuzzer-asan" ]; then
            echo "Contents of fuzz-outputs/fuzzer-asan:"
            ls -la fuzz-outputs/fuzzer-asan/
          fi
          # Check for legacy directory structure
          if [ -d "fuzz-outputs/default" ]; then
            echo "Contents of fuzz-outputs/default:"
            ls -la fuzz-outputs/default/
          fi
        else
          echo "No fuzz-outputs directory found"
        fi

    - name: Rename files with invalid characters for artifact upload
      run: |
        # Function to rename files with invalid characters
        rename_files() {
          local dir="$1"
          if [ -d "$dir" ]; then
            echo "Renaming files in $dir to remove invalid characters..."
            find "$dir" -type f -name "*:*" -o -name "*\"*" -o -name "*<*" -o -name "*>*" -o -name "*|*" -o -name "*\**" -o -name "*\?*" | while read -r file; do
              # Get directory and filename
              dirname=$(dirname "$file")
              filename=$(basename "$file")
              # Replace invalid characters with underscores
              new_filename=$(echo "$filename" | sed 's/[:<>|*"?]/_/g')
              # Only rename if the filename actually changed
              if [ "$filename" != "$new_filename" ]; then
                new_path="$dirname/$new_filename"
                echo "Renaming: $file -> $new_path"
                mv "$file" "$new_path"
              fi
            done
          fi
        }

        # Rename files in fuzzing output directories
        if [ -d "fuzz-outputs" ]; then
          rename_files "fuzz-outputs/fuzzer-asan"
          rename_files "fuzz-outputs/default"
          echo "File renaming completed"
        else
          echo "No fuzz-outputs directory found for renaming"
        fi

    - name: Check for crashes
      run: |
        echo "Checking for crashes in fuzzing results..."

        # Check AFL++ with ASAN results (using new fuzzer directory name)
        if [ -d "fuzz-outputs/fuzzer-asan/crashes" ] && [ "$(ls -A fuzz-outputs/fuzzer-asan/crashes)" ]; then
          echo "❌ Crashes found in AFL++ with ASAN:"
          ls -la fuzz-outputs/fuzzer-asan/crashes/
          exit 1
        elif [ -d "fuzz-outputs/default/crashes" ] && [ "$(ls -A fuzz-outputs/default/crashes)" ]; then
          echo "❌ Crashes found in AFL++ with ASAN (legacy directory):"
          ls -la fuzz-outputs/default/crashes/
          exit 1
        else
          echo "✅ No crashes found in AFL++ with ASAN"
        fi

    - name: Upload fuzzing results
      uses: actions/upload-artifact@v4
      if: always()
      with:
        name: fuzzing-results
        path: fuzz-outputs/
        retention-days: 7