Skip to content

[pull] master from google:master#165

Merged
pull[bot] merged 3 commits into
threatcode:masterfrom
google:master
Jul 1, 2026
Merged

[pull] master from google:master#165
pull[bot] merged 3 commits into
threatcode:masterfrom
google:master

Conversation

@pull

@pull pull Bot commented Jul 1, 2026

Copy link
Copy Markdown

See Commits and Changes for more details.


Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

javanlacerda and others added 3 commits July 1, 2026 16:18
…ess (#15825)

This PR integrates OpenBMC's
[dbus-sensors](https://github.com/openbmc/dbus-sensors) repository into
OSS-Fuzz and adds a
comprehensive fuzzing harness (`utils_fuzzer`) targeting critical
utility, path normalization, threshold parsing, and device
  management modules.
    
    ## Key Changes
    
    - **Build Environment & Toolchain**:
- Configured `base_os_version: ubuntu-24-04` in `project.yaml` to
leverage modern C++23 / Clang 22 toolchains and
  systemd/boost libraries compatible with OpenBMC dependencies.
- Set up static builds for `sdbusplus` and lightweight
`libphosphor_logging.a` stubs to eliminate dynamic linking
  dependencies.
    - **Fuzzing Harness (`utils_fuzzer.cpp`)**:
- **`SensorPaths`**: Exercises D-Bus path escaping
(`sensor_paths::escapePathForDbus`) and unit path resolution
  (`sensor_paths::getPathForUnits`).
- **`Utils`**: Exercises D-Bus interface string generation
(`configInterfaceName`), sensor name escaping (`escapeName`),
sysfs path splitting (`splitFileName`), variant type loading
(`loadVariant`), and label permit set processing
  (`getPermitSet`).
- **`Thresholds`**: Exercises threshold configuration parsing
(`parseThresholdsFromConfig`) and threshold interface
  string formatting (`getInterface`).
- **`DeviceMgmt`**: Exercises I2C sensor name search and matching
(`sensorNameFind`) and bus address resolution
  (`getDeviceBusAddr`).
    - **Sanitizer & Static Linking**:
- Statically linked `libssl.a` and `libcrypto.a` to ensure clean
execution under OSS-Fuzz runner containers (`base-
  runner`).
    
    ## Verification & Metrics
    
- **`build_fuzzers`**: Succeeded without compilation or linker warnings.
- **`check_build`**: Passed bad build checks cleanly under
`base-runner:ubuntu-24-04`.
    - **Fuzzing Performance (30-second local run)**:
      - **Executions**: 894,507 runs (~29,000 exec/s)
      - **Coverage**: 1,755 instrumentation points, 545 corpus inputs
    - **Line Coverage Metrics**:
      - `utils_fuzzer.cpp`: **100%** (76 / 76 lines)
      - `DeviceMgmt.hpp`: **80.0%** (4 / 5 lines)
      - `SensorPaths.cpp`: **43.5%** (10 / 23 lines)
      - `Utils.hpp`: **36.8%** (78 / 212 lines)
      - `Thresholds.cpp`: **15.1%** (75 / 498 lines)
      - `Utils.cpp`: **5.8%** (52 / 902 lines)
- **Total Project Coverage**: **13.1%** line coverage (309 lines hit),
**20.4%** branch coverage (86 branches hit)
This PR adds OSS-Fuzz integration for `gbmc-pacemaker` (from `gbmcweb`),
providing continuous automated fuzzing for the pacemaker monitoring
module.

## Files Added
- `projects/gbmc-pacemaker/Dockerfile`: Base builder image configuration
with dependencies (`libssl-dev`, `libboost-dev`, `nlohmann-json3-dev`,
`abseil-cpp`).
- `projects/gbmc-pacemaker/build.sh`: Build script compiling Abseil-CPP
static libraries and the `pacemaker_fuzzer` target with C++20 standard.
- `projects/gbmc-pacemaker/pacemaker_fuzzer.cc`: Fuzz target using
`FuzzedDataProvider` to fuzz `Pacemaker` health check methods, service
status/reset routines, error recording, and monitoring data
serialization.
- `projects/gbmc-pacemaker/project.yaml`: Project metadata and contacts.

## Verification & Coverage
- **Build Verification:** Passes `python3 infra/helper.py build_fuzzers
gbmc-pacemaker`
- **Sanity Check:** Passes `python3 infra/helper.py check_build
gbmc-pacemaker`
- **Code Coverage:** Achieved **100.00%** line coverage on
`tlbmc/pacemaker/pacemaker.cc` (32/32 lines) during a 30-second fuzzing
run.
Simplify validate_nsm_msg_length in fuzzer_helpers.h to only check for
the minimum header size, allowing the fuzzer to pass malformed payloads
to the decoders.

Remove local payload length validation from:
- decode_get_histogram_format_resp_fuzzer.cc
- decode_get_histogram_data_resp_fuzzer.cc
@pull pull Bot locked and limited conversation to collaborators Jul 1, 2026
@pull pull Bot added the ⤵️ pull label Jul 1, 2026
@pull pull Bot merged commit e50a9f1 into threatcode:master Jul 1, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants