Home Explore Help
Register Sign In
Apq
/
coturn
mirror of https://github.com/coturn/coturn.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

add fuzzing to ci workflows (#1745)

allow fuzzing to be performed as part of the continuous integration.

the timing of the fuzzing can be extended, and i aim to broaden the
scope of the fuzz testing as well, since we currently only test the stun
message parser.
redraincatching 1 month ago
parent
439914716d
commit
d124014428
2 changed files with 43 additions and 0 deletions
Split View Show Diff Stats
  1. 42 0
      .github/workflows/cifuzz.yml
  2. 1 0
      README.md

+ 42 - 0
.github/workflows/cifuzz.yml
View File 

@@ -0,0 +1,42 @@
 
+name: CIFuzz
 
+on: 
+  [pull_request]
 
+permissions: {}
 
+jobs:
 
+  Fuzzing:
 
+    runs-on: ubuntu-latest
 
+    permissions:
 
+      security-events: write
 
+    strategy:
 
+      fail-fast: false
 
+      matrix: 
+        sanitizer: [address, memory, undefined]
 
+    steps:
 
+    - name: checkout repository
 
+      uses: actions/checkout@v5
 
+    - name: build fuzzers (${{ matrix.sanitizer }})
 
+      id: build
 
+      uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
 
+      with:
 
+        oss-fuzz-project-name: 'coturn'
 
+        language: c
 
+        sanitizer: ${{ matrix.sanitizer }}
 
+    - name: run fuzzers (${{ matrix.sanitizer }})
 
+      uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
 
+      with:
 
+        oss-fuzz-project-name: 'coturn'
 
+        language: c
 
+        sanitizer: ${{ matrix.sanitizer }}
 
+        fuzz-seconds: 600
 
+        output-sarif: true
 
+    - name: upload crash
 
+      uses: actions/upload-artifact@v4
 
+      if: failure() && steps.build.outcome == 'success'
 
+      with:
 
+        name: ${{ matrix.sanitizer }}_artifacts
 
+        path: ./out/artifacts
 
+    - name: upload sarif
 
+      if: always() && steps.build.outcome == 'success'
 
+      uses: github/codeql-action/upload-sarif@v3
 
+      with:
 
+        sarif_file: cifuzz-sarif/results.sarif

+ 1 - 0
README.md
View File 

@@ -1,5 +1,6 @@
 
 [![Docker CI](https://github.com/coturn/coturn/actions/workflows/docker.yml/badge.svg  "Docker CI")](https://github.com/coturn/coturn/actions/workflows/docker.yml)
 
 [![Docker Hub](https://img.shields.io/docker/pulls/coturn/coturn?label=Docker%20Hub%20pulls "Docker Hub pulls")](https://hub.docker.com/r/coturn/coturn)
 
+[![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/coturn.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:coturn)
 
 
 [Docker Hub](https://hub.docker.com/r/coturn/coturn)
 
 | [GitHub Container Registry](https://github.com/orgs/coturn/packages/container/package/coturn)