ci: merge seed corpora with public OSS-Fuzz corpora on CFLite

to let it cover as much code as possible. It should help to catch
most regressions in a few minutes.

diff --git a/.clusterfuzzlite/Dockerfile b/.clusterfuzzlite/Dockerfile
index bdb0378ebc2480af68023764c8eb7460ff9755b5..47f238c785c253ab32882258dbbce675ac95f63e 100644 (file)
--- a/.clusterfuzzlite/Dockerfile
+++ b/.clusterfuzzlite/Dockerfile
@@ -1,4 +1,5 @@
 FROM gcr.io/oss-fuzz-base/base-builder@sha256:14b332de0e18683f37386eaedbf735bc6e8d81f9c0e1138d620f2178e20cd30a
+ENV MERGE_WITH_OSS_FUZZ_CORPORA=yes
 COPY . $SRC/systemd
 WORKDIR $SRC/systemd
 COPY tools/oss-fuzz.sh $SRC/build.sh

diff --git a/tools/oss-fuzz.sh b/tools/oss-fuzz.sh
index f227eb0e85c95e7d6e92e5ae7e5e4860b2bf7215..8ff3abefb741d2ec3822f39b5476ffa78e57ece5 100755 (executable)
--- a/tools/oss-fuzz.sh
+++ b/tools/oss-fuzz.sh
@@ -35,7 +35,7 @@ else
     apt-get update
     apt-get install -y gperf m4 gettext python3-pip \
         libcap-dev libmount-dev libkmod-dev \
-        pkg-config wget python3-jinja2
+        pkg-config wget python3-jinja2 zipmerge
 
     # gnu-efi is installed here to enable -Dgnu-efi behind which fuzz-bcd
     # is hidden. It isn't linked against efi. It doesn't
@@ -98,3 +98,15 @@ wget -O "$OUT/fuzz-json.dict" https://raw.githubusercontent.com/rc0r/afl-fuzz/ma
 find "$build" -maxdepth 1 -type f -executable -name "fuzz-*" -exec mv {} "$OUT" \;
 find src -type f -name "fuzz-*.dict" -exec cp {} "$OUT" \;
 cp src/fuzz/*.options "$OUT"
+
+if [[ "$MERGE_WITH_OSS_FUZZ_CORPORA" == "yes" ]]; then
+    for f in "$OUT/"fuzz-*; do
+        [[ -x "$f" ]] || continue
+        fuzzer=$(basename "$f")
+        t=$(mktemp)
+        if wget -O "$t" "https://storage.googleapis.com/systemd-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/systemd_${fuzzer}/public.zip"; then
+            zipmerge "$OUT/${fuzzer}_seed_corpus.zip" "$t"
+        fi
+        rm -rf "$t"
+    done
+fi