Use fuzzing in CI with some time configuration

Update lint ci job
Zondax · Nov 13, 2024 · 6049bea · 6049bea · github-actions · Nov 13, 2024
1 parent 299933a
commit 6049bea
Show file tree

Hide file tree

Showing 2 changed files with 95 additions and 7 deletions.
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -2,27 +2,34 @@ name: Lint and format 💅
 
 on:
   workflow_dispatch:
-  # push:
-  # pull_request:
-  #   branches:
-  #     - main
-  #     - develop
+  push:
+  pull_request:
+    branches:
+      - main
+      - develop
+      - master # for safety reasons
+      - dev # for safety reasons
 
 jobs:
   lint:
-    runs-on: ubuntu-latest
+    runs-on: ${{ github.repository_owner == 'zondax' && 'zondax-runners' || 'ubuntu-latest' }}
     container: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder-legacy:latest
     steps:
       - uses: actions/checkout@v4
         with:
           submodules: recursive
       - name: Add missing deps
+        env:
+          DEBIAN_FRONTEND: noninteractive
         run: |
-          DEBIAN_FRONTEND=noninteractive
           apt-get update
           apt-get install -y bear sudo
       - name: Generate compilation database
         run: bear -- make -j BOLOS_SDK="$NANOSP_SDK"
+      - name: Setup python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
       - name: Lint and format 💅
         uses: cpp-linter/cpp-linter-action@v2
         id: linter

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -264,3 +264,84 @@ jobs:
           tag_name: ${{ steps.flex.outputs.tag_name }}
           draft: false
           prerelease: false
+
+  fuzzing:
+    name: fuzzing
+    runs-on: ubuntu-latest
+    container:
+      image: rust:latest
+    steps:
+      - uses: actions/checkout@v3
+
+      # Install only the additional dependencies needed for honggfuzz
+      - name: Install system dependencies
+        run: |
+          apt-get update && apt-get install -y \
+            binutils-dev \
+            libunwind-dev \
+            libblocksruntime-dev \
+            liblzma-dev
+
+      - name: Install honggfuzz
+        run: cargo install honggfuzz
+
+      - name: Generate corpus
+        run: |
+          cd app/hfuzz-parser/corpus
+          cargo run
+
+      # Different fuzzing durations based on trigger
+      - name: Quick fuzz (PR)
+        if: github.event_name == 'push'
+        run: |
+          cd app/hfuzz-parser
+          timeout 5m cargo hfuzz run transaction ../hfuzz_corpus/
+
+      - name: Medium fuzz (main)
+        if: github.event_name == 'pull_request'
+        run: |
+          cd app/hfuzz-parser
+          timeout 15m cargo hfuzz run transaction ../hfuzz_corpus/
+
+      - name: Extended fuzz (weekly)
+        if: github.event_name == 'schedule'
+        run: |
+          cd app/hfuzz-parser
+          timeout 30m cargo hfuzz run transaction ../hfuzz_corpus/
+
+      - name: Check for crashes
+        run: |
+          if ls app/hfuzz-parser/hfuzz_workspace/transaction/SIGABRT.PC.* 1> /dev/null 2>&1; then
+            echo "::error::Crashes found during fuzzing!"
+            exit 1
+          fi
+
+      - name: Upload crash artifacts
+        if: failure()
+        uses: actions/upload-artifact@v3
+        with:
+          name: crash-reports
+          path: |
+            app/hfuzz-parser/hfuzz_workspace/transaction/SIGABRT.PC.*
+            app/hfuzz-parser/hfuzz_workspace/transaction/HONGGFUZZ.REPORT.TXT
+            app/hfuzz-parser/hfuzz_workspace/transaction/input/
+
+      - name: Cache corpus
+        uses: actions/cache@v3
+        with:
+          path: app/hfuzz_corpus
+          key: ${{ runner.os }}-fuzz-corpus-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-fuzz-corpus-
+
+      - name: Notify on failure
+        if: failure()
+        uses: actions/github-script@v6
+        with:
+          script: |
+            github.rest.issues.create({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              title: 'Fuzzing found crashes',
+              body: 'Fuzzing job failed. Check the artifacts in the workflow run.'
+            })