Update build.sh to reflect upstream changes in dependencies#14180
Merged
DavidKorczynski merged 19 commits intogoogle:masterfrom Oct 23, 2025
Merged
Update build.sh to reflect upstream changes in dependencies#14180DavidKorczynski merged 19 commits intogoogle:masterfrom
DavidKorczynski merged 19 commits intogoogle:masterfrom
Conversation
OpenSSH that provides significnatly improved performance and functionality. It's relatively widely used and we'd like to make sure that our changes pass fuzz tests.
This build scipt and Dockerfile are largely taken from the OpenSSH project. One difference is that we are specifically using the release candidates branch as opposed to master. After 18.4.0 is released we may revise the process. However, being that master only contains full releases, as opposed to development, it may be better to focus on upcoming releases.
> > Due to how our branch structure is set up testing > against a specific OSS-Fuzz branch makes the most sense > at this time. Build.sh now checkouts out osss_fuzz_tests > Additionally, we've stopped using the memory sanitizer and > are just doing the default address and undefined tests. > Using the standard fuzzing engines of afl, libfuzzer, > honggfuzz, and centipede.
We are seeing an error in fuzz runs that are exiting after This seems to being caused by the git pull command being issued when not on a branch. I've removed the git pull command and the checkout command. I think I did't fully understand how the fuzzer interacted with commits. I believe I understand now.
|
rapier1 is either the primary contact or is in the CCs list of projects/hpn-ssh. |
Contributor
Author
|
Not building correctly yet. Will address shortly. |
look at the wrong branch
It thought I was not running an apt-get update before running apt-get install. I was but it missed it somehow. I changed it so that apt-get update is on its own line.
I'm might be too tired to do this.
Contributor
Author
|
I'm sorry about all of the commits to figure out what was going on. I still don't understand this system as well as I hoped. I thought that cifuzz system would run against whatever commit/branch met the on: push: criteria but it seems like that's not the case and it, instead, only runs against a statically defined branch. Since we don't do development in the master branch that's going to require some work on our part. |
DavidKorczynski
approved these changes
Oct 23, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
We changed how the dependencies are set up in our repo. We need to update this build process to reflect those and ensure linking doesn't fail.
Thanks!