fuzzit integration example

.github/workflows/push.yml

@@ -45,21 +45,30 @@ jobs:
           CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
           CODECOV_PR: ${{ github.event.after }}
           CODECOV_SHA: ${{ github.sha }}
-  # fuzz:
-  #   name: Fuzz
-  #   runs-on: ubuntu-latest
-  #   steps:
-  #     - name: Install Go
-  #       uses: actions/setup-go@v1
-  #       with:
-  #         go-version: 1.13
-  #     - name: Checkout code
-  #       uses: actions/checkout@v1
-
-  #     - name: fuzz regression tests
-  #       run: cd _fuzz/it && ./fuzz-ci local-regression 2>&1 | grep -vE '^Running|^Executed'
-  #     - name: fuzz continuous job
-  #       run: export PATH="$PATH:$(go env GOPATH)/bin"; cd _fuzz/it && ./fuzz-ci fuzzing
-  #       if: github.event_name == 'push' && github.ref == 'refs/heads/master'
-  #       env:
-  #         FUZZIT_API_KEY: ${{ secrets.FUZZIT_API_KEY }}
+  fuzzit-regression:
+    name: Fuzzit Regression
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install Go
+        uses: actions/setup-go@v1
+        with:
+          go-version: 1.13
+      - name: Checkout code
+        uses: actions/checkout@v1
+      - name: fuzz regression job
+        run: export PATH="$PATH:$(go env GOPATH)/bin"; ./scripts/fuzz.sh local-regression
+  fuzzit-fuzzing:
+    if: github.event_name == 'push' && github.ref == 'refs/heads/master'
+    name: Fuzzit Fuzzing
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install Go
+        uses: actions/setup-go@v1
+        with:
+          go-version: 1.13
+      - name: Checkout code
+        uses: actions/checkout@v1
+      - name: fuzz continuous job
+        run: export PATH="$PATH:$(go env GOPATH)/bin"; ./scripts/fuzz.sh fuzzing
+        env:
+          FUZZIT_API_KEY: ${{ secrets.FUZZIT_API_KEY }}

scripts/fuzz.sh

@@ -1,13 +1,17 @@
 #!/bin/bash
 set -xe
 
-# go-fuzz doesn't support modules yet, so ensure we do everything
-# in the old style GOPATH way
-export GO111MODULE="off"
-
 # install go-fuzz
 go get -u github.com/dvyukov/go-fuzz/go-fuzz github.com/dvyukov/go-fuzz/go-fuzz-build
 
+# This is current workaround to support go modules
+find $GOPATH
+cd $GOPATH/src/github.com/dvyukov/go-fuzz
+git remote add fork https://github.com/fuzzitdev/go-fuzz
+git fetch
+git checkout fork
+go install ./...
+
 # TODO: needed until https://github.com/actions/setup-go/issues/14 is fixed
 # adds GOBIN to PATH so that go-fuzz-build is visible
 GOB="$(go env GOPATH)/bin"
@@ -16,26 +20,15 @@ PATH=${PATH}:"${GOB}"
 # target name can only contain lower-case letters (a-z), digits (0-9) and a dash (-)
 # to add another target, make sure to create it with `fuzzit create target`
 # before using `fuzzit create job`
-TARGET=micro-starter-kit
-
+TARGET=crypto
+cd ./shared/crypto
 go-fuzz-build -libfuzzer -o ${TARGET}.a .
 clang -fsanitize=fuzzer ${TARGET}.a -o ${TARGET}
 
 # install fuzzit for talking to fuzzit.dev service
 # or latest version:
 # https://github.com/fuzzitdev/fuzzit/releases/latest/download/fuzzit_Linux_x86_64
-wget -q -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/download/v2.4.35/fuzzit_Linux_x86_64
+wget -q -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/download/v2.4.54/fuzzit_Linux_x86_64
 chmod a+x ./fuzzit
 
-# upload fuzz target for long fuzz testing on fuzzit.dev server
-# or run locally for regression
-if [ "${GITHUB_EVENT_NAME}" == "push" ]; then
-	TYPE=fuzzing
-elif [ "${GITHUB_EVENT_NAME}" == "pull_request" ]; then
-	TYPE=local-regression
-else
-    echo "Unexpected event '${GITHUB_EVENT_NAME}'"
-    exit 1
-fi
-
-./fuzzit create job --type $TYPE kkowalczyk/${TARGET} ${TARGET}
+./fuzzit create job --type $1 m-starter-kit/${TARGET} ${TARGET}

shared/crypto/crypto_fuzz.go

@@ -0,0 +1,24 @@
+// +build gofuzz
+
+package crypto
+
+import "log"
+
+func Fuzz(data []byte) int {
+    encrypted_data, err := AesEncrypt(string(data), "12345678123456781234567812345678")
+    if err != nil {
+        log.Panic("tried encrypt %v got err %v", encrypted_data, err)
+    }
+
+    decrypted_data, err := AesDecrypt(encrypted_data, "12345678123456781234567812345678")
+    if err != nil {
+        log.Panic("tried to encrypt/decrypt %v got err %v", data, err)
+    }
+
+    if decrypted_data != string(data) {
+        log.Panic("decrypt(encrypt(%v)) != %v", data, data)
+    }
+
+    return 0
+}
+