Fuzzing Setup

.devcontainer/Dockerfile

@@ -0,0 +1,26 @@
+FROM mcr.microsoft.com/devcontainers/cpp:1-ubuntu-22.04
+
+#ARG REINSTALL_CMAKE_VERSION_FROM_SOURCE="3.22.2"
+
+# Optionally install the cmake for vcpkg
+#COPY ./reinstall-cmake.sh /tmp/
+
+#RUN if [ "${REINSTALL_CMAKE_VERSION_FROM_SOURCE}" != "none" ]; then \
+#        chmod +x /tmp/reinstall-cmake.sh && /tmp/reinstall-cmake.sh ${REINSTALL_CMAKE_VERSION_FROM_SOURCE}; \
+#    fi \
+#    && rm -f /tmp/reinstall-cmake.sh
+
+# [Optional] Uncomment this section to install additional vcpkg ports.
+# RUN su vscode -c "${VCPKG_ROOT}/vcpkg install <your-port-name-here>"
+
+# [Optional] Uncomment this section to install additional packages.
+RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
+     && apt-get -y install --no-install-recommends cmake clang llvm lcov
+RUN --mount=type=secret,id=credentials \
+    export CIFUZZ_CREDENTIALS=$(cat /run/secrets/credentials) &&\
+    sh -c "$(curl -fsSL http://downloads.code-intelligence.com/assets/install-cifuzz.sh)" $CIFUZZ_CREDENTIALS latest &&\
+    export CIFUZZ_CREDENTIALS=""
+
+
+RUN sysctl vm.mmap_rnd_bits=30
+RUN cifuzz completion bash > /etc/bash_completion.d/cifuzz

.devcontainer/devcontainer.json

@@ -0,0 +1,39 @@
+// For format details, see https://aka.ms/devcontainer.json. For config options, see the
+// README at: https://github.com/devcontainers/templates/tree/main/src/cpp
+{
+	"name": "Cifuzz",
+	"build": {
+		"dockerfile": "Dockerfile",
+		"options": [
+			"--secret=id=credentials,env=CIFUZZ_CREDENTIALS"
+		]
+	},
+	"features": {
+		"ghcr.io/devcontainers-community/features/llvm:3": {}
+	},
+	"customizations": {
+		"vscode": {
+			"extensions": [
+				"ryanluker.vscode-coverage-gutters",
+				"ms-vscode.cpptools",
+				"ms-vscode.cpptools-extension-pack",
+				"jeff-hykin.better-cpp-syntax"
+			]
+		}
+	}
+
+	// Features to add to the dev container. More info: https://containers.dev/features.
+	// "features": {},
+
+	// Use 'forwardPorts' to make a list of ports inside the container available locally.
+	// "forwardPorts": [],
+
+	// Use 'postCreateCommand' to run commands after the container is created.
+	// "postCreateCommand": "gcc -v",
+
+	// Configure tool-specific properties.
+	// "customizations": {},
+
+	// Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root.
+	// "remoteUser": "root"
+}

.devcontainer/reinstall-cmake.sh

@@ -0,0 +1,59 @@
+#!/usr/bin/env bash
+#-------------------------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
+#-------------------------------------------------------------------------------------------------------------
+#
+set -e
+
+CMAKE_VERSION=${1:-"none"}
+
+if [ "${CMAKE_VERSION}" = "none" ]; then
+    echo "No CMake version specified, skipping CMake reinstallation"
+    exit 0
+fi
+
+# Cleanup temporary directory and associated files when exiting the script.
+cleanup() {
+    EXIT_CODE=$?
+    set +e
+    if [[ -n "${TMP_DIR}" ]]; then
+        echo "Executing cleanup of tmp files"
+        rm -Rf "${TMP_DIR}"
+    fi
+    exit $EXIT_CODE
+}
+trap cleanup EXIT
+
+
+echo "Installing CMake..."
+apt-get -y purge --auto-remove cmake
+mkdir -p /opt/cmake
+
+architecture=$(dpkg --print-architecture)
+case "${architecture}" in
+    arm64)
+        ARCH=aarch64 ;;
+    amd64)
+        ARCH=x86_64 ;;
+    *)
+        echo "Unsupported architecture ${architecture}."
+        exit 1
+        ;;
+esac
+
+CMAKE_BINARY_NAME="cmake-${CMAKE_VERSION}-linux-${ARCH}.sh"
+CMAKE_CHECKSUM_NAME="cmake-${CMAKE_VERSION}-SHA-256.txt"
+TMP_DIR=$(mktemp -d -t cmake-XXXXXXXXXX)
+
+echo "${TMP_DIR}"
+cd "${TMP_DIR}"
+
+curl -sSL "https://github.com/Kitware/CMake/releases/download/v${CMAKE_VERSION}/${CMAKE_BINARY_NAME}" -O
+curl -sSL "https://github.com/Kitware/CMake/releases/download/v${CMAKE_VERSION}/${CMAKE_CHECKSUM_NAME}" -O
+
+sha256sum -c --ignore-missing "${CMAKE_CHECKSUM_NAME}"
+sh "${TMP_DIR}/${CMAKE_BINARY_NAME}" --prefix=/opt/cmake --skip-license
+
+ln -s /opt/cmake/bin/cmake /usr/local/bin/cmake
+ln -s /opt/cmake/bin/ctest /usr/local/bin/ctest

.github/dependabot.yml

@@ -0,0 +1,12 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for more information:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+# https://containers.dev/guide/dependabot
+
+version: 2
+updates:
+ - package-ecosystem: "devcontainers"
+   directory: "/"
+   schedule:
+     interval: weekly

.gitignore

@@ -4,4 +4,6 @@ build
 cmake-build-debug
 
 /**/.cifuzz-*
-/**/*fuzzer_inputs
+/**/*fuzzer_inputs
+
+/**/lcov.info

CMakeLists.txt

@@ -14,5 +14,8 @@ set(CMAKE_MODULE_PATH ${PROJECT_SOURCE_DIR}/cmake/external)
 enable_testing()
 include(googletest)
 
+find_package(cifuzz NO_SYSTEM_ENVIRONMENT_PATH)
+enable_fuzz_testing()
+
 add_subdirectory(src/explore_me)
-add_subdirectory(src/automotive)
+add_subdirectory(src/automotive)

CMakeUserPresets.json

@@ -0,0 +1,100 @@
+{
+	"version": 3,
+	"cmakeMinimumRequired": {
+		"major": 3,
+		"minor": 20,
+		"patch": 0
+	},
+	"configurePresets": [
+		{
+			"name": "cifuzz (Coverage)",
+			"displayName": "cifuzz (Coverage)",
+			"binaryDir": "${sourceDir}/.cifuzz-build/replayer/gcov",
+			"cacheVariables": {
+				"CMAKE_BUILD_TYPE": "RelWithDebInfo",
+				"CIFUZZ_ENGINE": "replayer",
+				"CIFUZZ_SANITIZERS": "gcov",
+				"CIFUZZ_TESTING": {
+					"type": "BOOL",
+					"value": "ON"
+				},
+				"CMAKE_BUILD_RPATH_USE_ORIGIN": {
+					"type": "BOOL",
+					"value": "ON"
+				}
+			}
+		},
+		{
+			"name": "cifuzz (Fuzzing)",
+			"displayName": "cifuzz (Fuzzing)",
+			"binaryDir": "${sourceDir}/.cifuzz-build/libfuzzer/address+undefined",
+			"cacheVariables": {
+				"CMAKE_BUILD_TYPE": "RelWithDebInfo",
+				"CIFUZZ_ENGINE": "libfuzzer",
+				"CIFUZZ_SANITIZERS": "address;undefined",
+				"CIFUZZ_TESTING": {
+					"type": "BOOL",
+					"value": "ON"
+				},
+				"CMAKE_BUILD_RPATH_USE_ORIGIN": {
+					"type": "BOOL",
+					"value": "ON"
+				}
+			},
+			"environment": {
+				"CC": "clang",
+				"CXX": "clang++"
+			}
+		},
+		{
+			"name": "cifuzz (Regression Test)",
+			"displayName": "cifuzz (Regression Test)",
+			"binaryDir": "${sourceDir}/.cifuzz-build/replayer/address+undefined",
+			"cacheVariables": {
+				"CMAKE_BUILD_TYPE": "RelWithDebInfo",
+				"CIFUZZ_ENGINE": "replayer",
+				"CIFUZZ_SANITIZERS": "address;undefined",
+				"CIFUZZ_TESTING": {
+					"type": "BOOL",
+					"value": "ON"
+				},
+				"CMAKE_BUILD_RPATH_USE_ORIGIN": {
+					"type": "BOOL",
+					"value": "ON"
+				}
+			}
+		}
+	],
+	"buildPresets": [
+		{
+			"name": "cifuzz (Coverage)",
+			"displayName": "cifuzz (Coverage)",
+			"configurePreset": "cifuzz (Coverage)",
+			"configuration": "RelWithDebInfo"
+		},
+		{
+			"name": "cifuzz (Fuzzing)",
+			"displayName": "cifuzz (Fuzzing)",
+			"configurePreset": "cifuzz (Fuzzing)",
+			"configuration": "RelWithDebInfo"
+		},
+		{
+			"name": "cifuzz (Regression Test)",
+			"displayName": "cifuzz (Regression Test)",
+			"configurePreset": "cifuzz (Regression Test)",
+			"configuration": "RelWithDebInfo"
+		}
+	],
+	"testPresets": [
+		{
+			"name": "cifuzz (Regression Test)",
+			"displayName": "cifuzz (Regression Test)",
+			"configurePreset": "cifuzz (Regression Test)",
+			"filter": {
+				"include": {
+					"label": "^cifuzz_regression_test$"
+				}
+			}
+		}
+	]
+}

README.md

@@ -27,3 +27,6 @@ input parameters that trigger the bug.
 * [Automotive Example](src/automotive):
 An example that demonstrates the challenges of creating high-quality fuzz tests for complex 
 projects with a large public API. We demonstrate how we can automate most of this task with CI Spark.
+
+
+If you want to use the devcontainer environment then export your cifuzz download token to a environment var called "CIFUZZ_CREDENTIALS" like `export CIFUZZ_CREDENTIALS=[my_token]`.

cifuzz.yaml

@@ -0,0 +1,46 @@
+## Configuration for a CI Fuzz project
+## Generated on 2023-06-06
+
+## The build system used to build this project. If not set, cifuzz tries
+## to detect the build system automatically.
+## Valid values: "bazel", "cmake", "maven", "gradle", "other".
+#build-system: cmake
+
+## If the build system type is "other", this command is used by
+## `cifuzz run` to build the fuzz test.
+#build-command: "make my_fuzz_test"
+
+## Directories containing sample inputs for the code under test.
+## See https://llvm.org/docs/LibFuzzer.html#corpus
+#seed-corpus-dirs:
+# - path/to/seed-corpus
+
+## A file containing input language keywords or other interesting byte
+## sequences.
+## See https://llvm.org/docs/LibFuzzer.html#dictionaries
+#dict: path/to/dictionary.dct
+
+## Command-line arguments to pass to libFuzzer.
+## See https://llvm.org/docs/LibFuzzer.html#options
+engine-args:
+ - -use_value_profile=1
+
+## Maximum time to run fuzz tests. The default is to run indefinitely.
+timeout: 5m
+
+## By default, fuzz tests are executed in a sandbox to prevent accidental
+## damage to the system. Set to false to run fuzz tests unsandboxed.
+## Only supported on Linux.
+#use-sandbox: false
+
+## Set to true to print output of the `cifuzz run` command as JSON.
+#print-json: true
+
+## Set to true to disable desktop notifications
+#no-notifications: true
+
+## Set URL of the CI App
+#server: https://app.code-intelligence.com
+
+## Set the project name on the CI App
+#project: my-project-1a2b3c4d

src/automotive/CMakeLists.txt

@@ -11,4 +11,13 @@ target_include_directories(automotive PUBLIC
     ${CMAKE_CURRENT_SOURCE_DIR}/gps
     ${CMAKE_CURRENT_SOURCE_DIR}/key_management
     ${CMAKE_CURRENT_SOURCE_DIR}/time
-)
+)
+
+add_fuzz_test(automotive_fuzzer
+    fuzz_test.cpp
+    mocks.cpp
+)
+
+target_link_libraries(automotive_fuzzer
+    automotive
+)