krb5 commit: Add cifuzz workflow for PR fuzzing

ghudson at mit.edu ghudson at mit.edu
Fri Jun 7 16:48:01 EDT 2024


https://github.com/krb5/krb5/commit/13e97260e012c34b454fba66a8525b32fe21e438
commit 13e97260e012c34b454fba66a8525b32fe21e438
Author: Arjun <pkillarjun at protonmail.com>
Date:   Tue Jun 4 11:35:14 2024 +0530

    Add cifuzz workflow for PR fuzzing

 .github/workflows/cifuzz.yml | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml
new file mode 100644
index 000000000..9d29aad0c
--- /dev/null
+++ b/.github/workflows/cifuzz.yml
@@ -0,0 +1,38 @@
+name: CIFuzz
+
+on:
+    pull_request: {paths: [src/**, .github/workflows/build.yml]}
+
+permissions: {}
+jobs:
+    Fuzzing:
+        runs-on: ubuntu-latest
+        permissions:
+            security-events: write
+        steps:
+        - name: Build Fuzzers
+          id: build
+          uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers at master
+          with:
+            oss-fuzz-project-name: 'krb5'
+            language: c
+        - name: Run Fuzzers
+          uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers at master
+          with:
+            oss-fuzz-project-name: 'krb5'
+            language: c
+            fuzz-seconds: 300
+            output-sarif: true
+        - name: Upload Crash
+          uses: actions/upload-artifact at v3
+          if: failure() && steps.build.outcome == 'success'
+          with:
+            name: artifacts
+            path: ./out/artifacts
+        - name: Upload Sarif
+          if: always() && steps.build.outcome == 'success'
+          uses: github/codeql-action/upload-sarif at v2
+          with:
+            # Path to SARIF file relative to the root of the repository
+            sarif_file: cifuzz-sarif/results.sarif
+            checkout_path: cifuzz-sarif


More information about the cvs-krb5 mailing list