OSS-fuzz needs some love

[Andrew Bartlett]

On Mon, 2021-08-30 at 08:09 +1200, Andrew Bartlett via samba-technical
wrote:
> It looks like OSS-Fuzz upstream has moved to Ubuntu 20.04 - perhaps
> only in part - and this has broken Samba on their platform.
> 
> https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37748
> 
> This in turn seems to have given those of us on the CC for the bugs a
> flood of mail complaining that the tests are unreproducible.
> 
> An upgrade to Ubuntu 20.04 is a good thing, the older 16.04 was the
> oldest platform we supported and we had to have a special exception
> to
> allow the old python found there.  Leaving 16.04 behind will make
> upgrading our minimum Python and GnuTLS easier in particular.
> 
> But this breakage means we won't get fuzzing results for a while
> until
> someone has some time to work out what is broken and fix it.
> 
> I know everyone is super-busy, but if by some miracle you are not and
> fuzzing is an area of interest then these links might help you help:
> 
> https://google.github.io/oss-fuzz/advanced-topics/reproducing/#reproducing-build-failures
> 
> https://wiki.samba.org/index.php/Fuzzing
> 
> I'm always happy to give advice and review patches.

Some more context for anyone who takes this on:

https://oss-fuzz-build-logs.storage.googleapis.com/index.html#samba

https://github.com/google/oss-fuzz/issues/6301
https://github.com/google/oss-fuzz/issues/6180
https://github.com/google/oss-fuzz/issues/6291

Looks like work needs to be done to confirm we build in oss-fuzz mode
on 20.04, upgrade the Dockerfile on their side to say so, then on our
side drop the 16.04 build (and the old python exception for the fuzzing
case in buildtools/wafsamba/samba_python.py).

Andrew Bartlett

-- 
Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba

Samba Development and Support, Catalyst IT - Expert Open Source
Solutions