1 # Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved.
3 # Licensed under the Apache License 2.0 (the "License"). You may not use
4 # this file except in compliance with the License. You can obtain a copy
5 # in the file LICENSE in the source distribution or at
6 # https://www.openssl.org/source/license.html
23 config: enable-fuzz-afl no-module,
28 config: enable-fuzz-libfuzzer enable-asan enable-ubsan,
29 libs: --with-fuzzer-lib=/usr/lib/llvm-12/lib/libFuzzer.a --with-fuzzer-include=/usr/include/clang/12/include/fuzzer,
30 install: libfuzzer-12-dev,
36 config: enable-fuzz-libfuzzer enable-asan enable-ubsan -fsanitize-coverage=trace-cmp -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION,
37 libs: --with-fuzzer-lib=/usr/lib/llvm-12/lib/libFuzzer.a --with-fuzzer-include=/usr/include/clang/12/include/fuzzer,
38 extra: enable-fips enable-ec_nistp_64_gcc_128 -fno-sanitize=alignment enable-tls1_3 enable-weak-ssl-ciphers enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-nextprotoneg,
39 install: libfuzzer-12-dev,
45 runs-on: ubuntu-latest
47 - name: install packages
50 sudo apt-get -yq --force-yes install ${{ matrix.fuzzy.install }}
51 - name: Adjust ASLR for sanitizer
53 sudo cat /proc/sys/vm/mmap_rnd_bits
54 sudo sysctl -w vm.mmap_rnd_bits=28
55 - uses: actions/checkout@v4
59 CC=${{ matrix.fuzzy.cc }} ./config --banner=Configured no-shared \
60 ${{ matrix.fuzzy.config }} ${{ matrix.fuzzy.libs }} ${{ matrix.fuzzy.extra }}
63 run: ./configdata.pm --dump
64 - name: make with explicit linker
65 if: matrix.fuzzy.linker != ''
66 run: LDCMD=${{ matrix.fuzzy.linker }} make -s -j4
67 - name: make sans explicit linker
68 if: matrix.fuzzy.linker == ''
73 ./util/opensslwrap.sh version -c
74 - name: make test restricted
75 if: matrix.fuzzy.tests != ''
76 run: AFL_MAP_SIZE=300000 make test HARNESS_JOBS=${HARNESS_JOBS:-4} TESTS="${{ matrix.fuzzy.tests }}"
78 if: matrix.fuzzy.tests == ''
79 run: AFL_MAP_SIZE=300000 make test HARNESS_JOBS=${HARNESS_JOBS:-4}