[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #33140 [Core Tor]: Clusterfuzz environment flags reused for dependencies



#33140: Clusterfuzz environment flags reused for dependencies
-----------------------------------+------------------------
 Reporter:  cypherpunks            |          Owner:  (none)
     Type:  defect                 |         Status:  new
 Priority:  Medium                 |      Milestone:
Component:  Core Tor               |        Version:
 Severity:  Normal                 |     Resolution:
 Keywords:  clusterfuzz, oss-fuzz  |  Actual Points:
Parent ID:                         |         Points:
 Reviewer:                         |        Sponsor:
-----------------------------------+------------------------

Comment (by cypherpunks):

 If tor doesn't use openssl correctly tor fails the test. Openssl is fuzzed
 upstream so the instrumentation doesn't help because we don't complete the
 openssl fuzz build, we complete the tor fuzz build.

 That and when used with zlib you literally have no choice but to fully
 instrument the zlib build or expect zlib to to break eventually.

 I'm going to leave this here for open discussion and check in
 periodically.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33140#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs