New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Migrate OSS-Fuzz back to development #9071
Labels
component-test
Test framework and CI scripts
needs-preceding-pr
Requires another PR to be merged first
size-s
Estimated task size: small (~2d)
Projects
Comments
gilles-peskine-arm
added
needs-preceding-pr
Requires another PR to be merged first
component-test
Test framework and CI scripts
size-s
Estimated task size: small (~2d)
labels
Apr 29, 2024
gilles-peskine-arm
added a commit
to gilles-peskine-arm/oss-fuzz
that referenced
this issue
Apr 29, 2024
The `development` branch of Mbed TLS will have some API-breaking changes in the next few months, in preparation for the next major release (see https://lists.trustedfirmware.org/archives/list/mbed-tls@lists.trustedfirmware.org/thread/RHZSQLKCBOPDXS7NFKY5FATMTBYV7D5J/). To avoid breaking fuzzers, temporarily point them at the `mbedtls-3.6` long-term support branch. We will go back to fuzzing the `development` branch before the 4.0 release (Mbed-TLS/mbedtls#9071). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
gilles-peskine-arm
added a commit
to gilles-peskine-arm/oss-fuzz
that referenced
this issue
Apr 30, 2024
The `development` branch of Mbed TLS will have some API-breaking changes in the next few months, in preparation for the next major release (see https://lists.trustedfirmware.org/archives/list/mbed-tls@lists.trustedfirmware.org/thread/RHZSQLKCBOPDXS7NFKY5FATMTBYV7D5J/). To avoid breaking fuzzers, temporarily point them at the `mbedtls-3.6` long-term support branch. We will go back to fuzzing the `development` branch before the 4.0 release (Mbed-TLS/mbedtls#9071). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
gilles-peskine-arm
added a commit
to gilles-peskine-arm/oss-fuzz
that referenced
this issue
Apr 30, 2024
The `development` branch of Mbed TLS will have some API-breaking changes in the next few months, in preparation for the next major release (see https://lists.trustedfirmware.org/archives/list/mbed-tls@lists.trustedfirmware.org/thread/RHZSQLKCBOPDXS7NFKY5FATMTBYV7D5J/). To avoid breaking fuzzers, temporarily point them at the `mbedtls-3.6` long-term support branch. We will go back to fuzzing the `development` branch before the 4.0 release (Mbed-TLS/mbedtls#9071). Do not change ecc-diff-fuzzer because https://oss-fuzz-build-logs.storage.googleapis.com/index.html#ecc-diff-fuzzer shows that its build has been broken since 2024-01-13. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
gilles-peskine-arm
added a commit
to gilles-peskine-arm/oss-fuzz
that referenced
this issue
Apr 30, 2024
The `development` branch of Mbed TLS will have some API-breaking changes in the next few months, in preparation for the next major release (see https://lists.trustedfirmware.org/archives/list/mbed-tls@lists.trustedfirmware.org/thread/RHZSQLKCBOPDXS7NFKY5FATMTBYV7D5J/). To avoid breaking fuzzers, temporarily point them at the `mbedtls-3.6` long-term support branch. We will go back to fuzzing the `development` branch before the 4.0 release (Mbed-TLS/mbedtls#9071). Do not change ecc-diff-fuzzer because https://oss-fuzz-build-logs.storage.googleapis.com/index.html#ecc-diff-fuzzer shows that its build has been broken since 2024-01-13. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
gilles-peskine-arm
added a commit
to gilles-peskine-arm/oss-fuzz
that referenced
this issue
Apr 30, 2024
The `development` branch of Mbed TLS will have some API-breaking changes in the next few months, in preparation for the next major release (see https://lists.trustedfirmware.org/archives/list/mbed-tls@lists.trustedfirmware.org/thread/RHZSQLKCBOPDXS7NFKY5FATMTBYV7D5J/). To avoid breaking fuzzers, temporarily point them at the `mbedtls-3.6` long-term support branch. We will go back to fuzzing the `development` branch before the 4.0 release (Mbed-TLS/mbedtls#9071). Do not change ecc-diff-fuzzer because https://oss-fuzz-build-logs.storage.googleapis.com/index.html#ecc-diff-fuzzer shows that its build has been broken since 2024-01-13. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
DonggeLiu
pushed a commit
to google/oss-fuzz
that referenced
this issue
May 1, 2024
The `development` branch of Mbed TLS will have some API-breaking changes in the next few months, in preparation for the next major release (see https://lists.trustedfirmware.org/archives/list/mbed-tls@lists.trustedfirmware.org/thread/RHZSQLKCBOPDXS7NFKY5FATMTBYV7D5J/). To avoid breaking fuzzers, temporarily point them at the `mbedtls-3.6` long-term support branch. We will go back to fuzzing the `development` branch before the 4.0 release (Mbed-TLS/mbedtls#9071). Do not change ecc-diff-fuzzer because https://oss-fuzz-build-logs.storage.googleapis.com/index.html#ecc-diff-fuzzer shows that its build has been broken since 2024-01-13. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
component-test
Test framework and CI scripts
needs-preceding-pr
Requires another PR to be merged first
size-s
Estimated task size: small (~2d)
During the preparation of Mbed TLS 4.0, we pointed OSS-Fuzz to
mbedtls-3.6
, due to the likely instability of thedevelopment
branch. The goal of this issue is to migrate OSS-Fuzz back to what will become Mbed TLS 4.0, or as applicable TF-PSA-Crypto 1.0.We should do this as soon as APIs and build scripts have stabilized enough. In any case, This must be completed several weeks before the 4.0 release so that we have run at least one fuzz cycle with the new code.
Prerequisites: design a way to keep fuzzing bignum and ECC and implement that design.
The text was updated successfully, but these errors were encountered: