s2n-tls icon indicating copy to clipboard operation
s2n-tls copied to clipboard
verified publisher icon aws

Create Lambda to periodically maximize Fuzz Corpus & send PR with updated Corpus

Open alexw91 opened this issue 8 years ago • 1 comments

Depends on: https://github.com/awslabs/s2n/issues/385 and https://github.com/awslabs/s2n/issues/448

Essentially every 24 hours, the s2n-fuzz-bot lambda should:

  1. Clone latest master branch, download and install dependencies (Defined in Issue https://github.com/awslabs/s2n/issues/385)
  2. Run Script to repeatedly run make fuzz until no new Fuzz Corpus Inputs are generated for some interval (Eg 60 minutes) (Defined in Issue https://github.com/awslabs/s2n/issues/448)
  3. If new Corpus Inputs were found, send a PR to the official s2n GitHub Repository with those new Corpus Inputs. (And hopefully these new files will be merged before the next iteration of the s2n-fuzz-bot)
  4. If crash is found, save Corpus to S3 and notify s2n developers instead of opening PR

This is something that I'd like to set up as a Lambda Function to run every 24 hours, so that as we are making changes to s2n, our Corpus Inputs will always stay up to date. This script will probably have to depend on some Github CLI (https://github.com/github/hub looks good) to be able to send Pull Requests, and will probably need it's own s2n-fuzz-bot Github account since I don't think GitHub supports anonymous Pull Requests.

alexw91 avatar Mar 20 '17 16:03 alexw91

Related: https://github.com/awslabs/s2n/issues/1447

dougch avatar Aug 27 '20 15:08 dougch

Resolved in https://github.com/aws/s2n-tls/pull/4665

goatgoose avatar Aug 15 '24 17:08 goatgoose