cncf / cncf-fuzzing Goto Github PK
View Code? Open in Web Editor NEW✨🔐 CNCF Fuzzers
Home Page: https://cncf.io/projects
License: Apache License 2.0
✨🔐 CNCF Fuzzers
Home Page: https://cncf.io/projects
License: Apache License 2.0
Building fuzzers failed after bumping quic-go version.
Errors are /root/go/pkg/mod/github.com/lucas-clemente/[email protected]/internal/qtls/go118.go:6:13: cannot use "quic-go doesn't build on Go 1.18 yet." (untyped string constant) as int value in variable declaration
, but it is normal when we build our artifacts manually.
More details show as follows.
https://github.com/kubeedge/kubeedge/actions/runs/3359066312/jobs/5566711345
cc @AdamKorcz
I ran into containers/conmon#315 (comment) the other day and then I found https://ostif.org/wp-content/uploads/2022/06/CRI-O-audit-by-ada-logics-chainguard-ostif.pdf where scenarios like that were included in the threat model
... and
input from the container’s are also handled in Conmon. These are areas of potential attack
surface against Conmon.
and as far as I understand there should be a fuzz target:
We also developed a fuzzer for Conmon to analyse the logging and parsing routines in conmon/src/ctr_logging.c.
@DavidKorczynski I can't seem to find that fuzz target anywhere. Is there any chance you could point me in the right direction?
I would like to get cloudprovider-azure integrated with CNCF-Fuzzing!
Codebase is at https://github.com/kubernetes-sigs/cloud-provider-azure
It is a set of controllers.
Thanks!
I would like to get Pravega.io integrated with CNCF-Fuzzing!
Codebase is at https://github.com/pravega/pravega
A full deployment involves ZooKeeper, BookKeeper, Pravega Controllers and Pravega Segment Stores.
Thanks!
I am on a Mac M1 (arm64) and seeing the following when pulling the images:
Unable to find image 'gcr.io/oss-fuzz-base/base-runner:latest' locally
latest: Pulling from oss-fuzz-base/base-runner
08c01a0ec47e: Pull complete
26db2b7fb236: Pull complete
1f44b92c8dd8: Pull complete
48a0f87d472e: Pull complete
987ef13f0fe0: Pull complete
70c9ed524714: Pull complete
5ec98123cb3e: Pull complete
6be990f73bc1: Pull complete
293df89222b6: Pull complete
f74545e6eee4: Pull complete
a9b0edd055b9: Pull complete
065de64d84f6: Pull complete
ef7ffe221187: Pull complete
ee755a457c4d: Pull complete
Digest: sha256:dde0612a1cefe5fc8fbac9e7046afbbd555553f5392a779ef96fa590bf13e964
Status: Downloaded newer image for gcr.io/oss-fuzz-base/base-runner:latest
WARNING: The requested image's platform (linux/amd64) does not match the detected host platform (linux/arm64/v8) and no specific platform was requested
Note that even though this looks just like an warning. I am running into segfaults when trying to test the pulled image.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.