reverts, fixes and even smaller image (#3)

2025-06-11 17:51:32 +00:00 · 2022-06-27 11:05:17 -04:00
parent 1dac69b1eb
commit 22c3b519fa
4 changed files with 118 additions and 98 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -1,67 +1,75 @@
-/.github
+!/coresight_mode
+*.dSYM
+*.o
+*.pyc
+*.so
+.sync_tmp
 .test
 .test2
-.sync_tmp
-*.o
-*.so
-*.pyc
-*.dSYM
-as
-ld
-in
-out
-core*
-!/coresight_mode
+.git
+.dockerignore
+.github
+CITATION.cff
+CONTRIBUTING.md
+Changelog.md
+Dockerfile
+LICENSE
+TODO.md
 afl-analyze
-afl-as
-afl-clang
-afl-clang\+\+
-afl-clang-fast
-afl-clang-fast\+\+
-afl-clang-lto
-afl-clang-lto\+\+
-afl-fuzz
-afl-g\+\+
-afl-gcc
-afl-gcc-fast
-afl-g\+\+-fast
-afl-gotcpu
-afl-ld
-afl-ld-lto
-afl-qemu-trace
-afl-showmap
-afl-tmin
 afl-analyze.8
+afl-as
 afl-as.8
-afl-clang-fast\+\+.8
+afl-clang
+afl-clang-fast
 afl-clang-fast.8
+afl-clang-fast\+\+
+afl-clang-fast\+\+.8
+afl-clang-lto
 afl-clang-lto.8
+afl-clang-lto\+\+
 afl-clang-lto\+\+.8
+afl-clang\+\+
 afl-cmin.8
 afl-cmin.bash.8
+afl-fuzz
 afl-fuzz.8
-afl-gcc.8
-afl-gcc-fast.8
+afl-g\+\+
+afl-g\+\+-fast
 afl-g\+\+-fast.8
+afl-gcc
+afl-gcc-fast
+afl-gcc-fast.8
+afl-gcc.8
+afl-gotcpu
 afl-gotcpu.8
+afl-ld
+afl-ld-lto
 afl-plot.8
+afl-qemu-trace
+afl-showmap
 afl-showmap.8
 afl-system-config.8
+afl-tmin
 afl-tmin.8
 afl-whatsup.8
+as
+core*
+examples/afl_frida/afl-frida
+examples/afl_frida/frida-gum-example.c
+examples/afl_frida/frida-gum.h
+examples/afl_frida/libtestinstr.so
+examples/afl_network_proxy/afl-network-client
+examples/afl_network_proxy/afl-network-server
+in
+ld
+out
 qemu_mode/libcompcov/compcovtest
 qemu_mode/qemu-*
+test/unittests/unit_hash
+test/unittests/unit_list
+test/unittests/unit_maybe_alloc
+test/unittests/unit_preallocable
+test/unittests/unit_rand
 unicorn_mode/samples/*/\.test-*
 unicorn_mode/samples/*/output
 unicorn_mode/unicornafl
-test/unittests/unit_maybe_alloc
-test/unittests/unit_preallocable
-test/unittests/unit_list
-test/unittests/unit_rand
-test/unittests/unit_hash
-examples/afl_network_proxy/afl-network-server
-examples/afl_network_proxy/afl-network-client
-examples/afl_frida/afl-frida
-examples/afl_frida/libtestinstr.so
-examples/afl_frida/frida-gum-example.c
-examples/afl_frida/frida-gum.h
--- a/.github/workflows/container.yaml
+++ b/.github/workflows/container.yaml
@ -19,20 +19,21 @@ jobs:
        uses: actions/checkout@v3
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
-      - name: Login to GitHub Container Registry # Container cache registry
+      - name: Login to GitHub Container Registry  # Container cache registry
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
-          username: ${{ github.actor }}
+          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Build amd64
        uses: docker/build-push-action@v3
        with:
          context: .
          platforms: linux/amd64
-          tags: ghcr.io/${{ github.actor }}/aflplusplus:amd64
+          tags: ghcr.io/${{ github.repository_owner }}/aflplusplus:amd64
          push: true
-          cache-from: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus:amd64
+          cache-to: type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:amd64,mode=max
+          cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:amd64

  build-arm64:
    name: Build arm64 image
@ -46,7 +47,7 @@ jobs:
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
-          username: ${{ github.actor }}
+          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v2
@ -57,18 +58,24 @@ jobs:
        with:
          context: .
          platforms: linux/arm64
-          tags: ghcr.io/${{ github.actor }}/aflplusplus:arm64
+          tags: ghcr.io/${{ github.repository_owner }}/aflplusplus:arm64
          push: true
-          cache-from: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus:arm64
+          cache-to: type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:arm64,mode=max
+          cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:arm64

  test-amd64:
    name: Test amd64 image
    runs-on: ubuntu-latest
    needs: build-amd64
+    container:
+      image: ghcr.io/${{ github.repository_owner }}/aflplusplus:amd64
    steps:
      - name: Test amd64
-        run: docker run --rm ghcr.io/${{ github.actor }}/aflplusplus:amd64 make tests
-        continue-on-error: true
+        working-directory: /AFLplusplus
+        run: |
+          apt-get update
+          apt-get install -y libcmocka-dev
+          make -i tests

  codeql-amd64:
    name: CodeQL Analyze amd64 compiled code
@ -76,7 +83,7 @@ jobs:
    needs:
      - build-amd64
    container:
-      image: ghcr.io/${{ github.actor }}/aflplusplus:amd64
+      image: ghcr.io/${{ github.repository_owner }}/aflplusplus:amd64
    steps:
      - name: Fix for using external repo in container build # https://github.com/actions/checkout/issues/760
        run: git config --global --add safe.directory /__w/AFLplusplus/AFLplusplus
@ -100,7 +107,7 @@ jobs:
    needs:
      - test-amd64
      - build-arm64
-    if: ${{ github.event_name == 'push' }}
+    if: ${{ github.event_name == 'push' && github.repository == 'AFLplusplus/AFLplusplus' }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3
@ -128,9 +135,9 @@ jobs:
        uses: docker/build-push-action@v3
        with:
          context: .
-          platforms: linux/amd64,linux/arm64 # TODO: Fix: arm64 image doesn't use cached layer from COPY line
+          platforms: linux/amd64,linux/arm64
          push: true
          tags: ${{ steps.push-tags.outputs.PUSH_TAGS }}
-          cache-from: |
-            type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus:amd64
-            type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus:arm64
+          cache-from: |  # TODO: From COPY line on is not cached
+            type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:amd64
+            type=registry,ref=ghcr.io/${{ github.repository_owner }}/aflplusplus/cache:arm64
--- a/11
+++ b/11
@ -47,7 +47,9 @@ RUN apt-get update && \
    # libcapstone-dev is used for coresight_mode on arm64

 RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-${GCC_VERSION} 0 && \
-    update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-${GCC_VERSION} 0
+    update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-${GCC_VERSION} 0 && \
+    update-alternatives --install /usr/bin/clang clang /usr/bin/clang-${LLVM_VERSION} 0 && \
+    update-alternatives --install /usr/bin/clang++ clang++ /usr/bin/clang++-${LLVM_VERSION} 0

 RUN wget -qO- https://sh.rustup.rs | CARGO_HOME=/etc/cargo sh -s -- -y -q --no-modify-path
 ENV PATH=$PATH:/etc/cargo/bin
@ -70,8 +72,11 @@ ARG NO_UNICORN_ARM64=1
 WORKDIR /AFLplusplus
 COPY . .

-RUN export CC=gcc-${GCC_VERSION} && export CXX=g++-${GCC_VERSION} && gmake clean && \
-    gmake distrib && gmake install && gmake clean
+ARG CC=gcc-$GCC_VERSION
+ARG CXX=g++-$GCC_VERSION
+
+RUN sed -i 's/-$(MAKE)/$(MAKE)/g' GNUmakefile && make clean && \
+    make distrib && make install && make clean

 RUN echo "set encoding=utf-8" > /root/.vimrc && \
    echo ". /etc/bash_completion" >> ~/.bashrc && \
--- a/72
+++ b/72
@ -312,7 +312,7 @@ all:	test_x86 test_shm test_python ready $(PROGS) afl-as llvm gcc_plugin test_bu

 .PHONY: llvm
 llvm:
-	$(MAKE) -j$(nproc) -f GNUmakefile.llvm
+	-$(MAKE) -j$(nproc) -f GNUmakefile.llvm
 	@test -e afl-cc || { echo "[-] Compiling afl-cc failed. You seem not to have a working compiler." ; exit 1; }

 .PHONY: gcc_plugin
@ -568,19 +568,19 @@ all_done: test_build
 .PHONY: clean
 clean:
 	rm -rf $(PROGS) afl-fuzz-document afl-as as afl-g++ afl-clang afl-clang++ *.o src/*.o *~ a.out core core.[1-9][0-9]* *.stackdump .test .test1 .test2 test-instr .test-instr0 .test-instr1 afl-cs-proxy afl-qemu-trace afl-gcc-fast afl-g++-fast ld *.so *.8 test/unittests/*.o test/unittests/unit_maybe_alloc test/unittests/preallocable .afl-* afl-gcc afl-g++ afl-clang afl-clang++ test/unittests/unit_hash test/unittests/unit_rand *.dSYM lib*.a
-	$(MAKE) -f GNUmakefile.llvm clean
-	$(MAKE) -f GNUmakefile.gcc_plugin clean
-	$(MAKE) -C utils/libdislocator clean
-	$(MAKE) -C utils/libtokencap clean
-	$(MAKE) -C utils/aflpp_driver clean
-	$(MAKE) -C utils/afl_network_proxy clean
-	$(MAKE) -C utils/socket_fuzzing clean
-	$(MAKE) -C utils/argv_fuzzing clean
-	$(MAKE) -C utils/plot_ui clean
-	$(MAKE) -C qemu_mode/unsigaction clean
-	$(MAKE) -C qemu_mode/libcompcov clean
-	$(MAKE) -C qemu_mode/libqasan clean
-	$(MAKE) -C frida_mode clean
+	-$(MAKE) -f GNUmakefile.llvm clean
+	-$(MAKE) -f GNUmakefile.gcc_plugin clean
+	-$(MAKE) -C utils/libdislocator clean
+	-$(MAKE) -C utils/libtokencap clean
+	-$(MAKE) -C utils/aflpp_driver clean
+	-$(MAKE) -C utils/afl_network_proxy clean
+	-$(MAKE) -C utils/socket_fuzzing clean
+	-$(MAKE) -C utils/argv_fuzzing clean
+	-$(MAKE) -C utils/plot_ui clean
+	-$(MAKE) -C qemu_mode/unsigaction clean
+	-$(MAKE) -C qemu_mode/libcompcov clean
+	-$(MAKE) -C qemu_mode/libqasan clean
+	-$(MAKE) -C frida_mode clean
 	rm -rf nyx_mode/packer/linux_initramfs/init.cpio.gz nyx_mode/libnyx/libnyx/target/release/* nyx_mode/QEMU-Nyx/x86_64-softmmu/qemu-system-x86_64
 ifeq "$(IN_REPO)" "1"
 	-test -e coresight_mode/coresight-trace/Makefile && $(MAKE) -C coresight_mode/coresight-trace clean || true
@ -610,21 +610,21 @@ endif

 .PHONY: distrib
 distrib: all
-	$(MAKE) -j$(nproc) -f GNUmakefile.llvm
+	-$(MAKE) -j$(nproc) -f GNUmakefile.llvm
 ifneq "$(SYS)" "Darwin"
-	$(MAKE) -f GNUmakefile.gcc_plugin
+	-$(MAKE) -f GNUmakefile.gcc_plugin
 endif
-	$(MAKE) -C utils/libdislocator
-	$(MAKE) -C utils/libtokencap
-	$(MAKE) -C utils/afl_network_proxy
-	$(MAKE) -C utils/socket_fuzzing
-	$(MAKE) -C utils/argv_fuzzing
+	-$(MAKE) -C utils/libdislocator
+	-$(MAKE) -C utils/libtokencap
+	-$(MAKE) -C utils/afl_network_proxy
+	-$(MAKE) -C utils/socket_fuzzing
+	-$(MAKE) -C utils/argv_fuzzing
 	# $(MAKE) -C utils/plot_ui
-	$(MAKE) -C frida_mode
+	-$(MAKE) -C frida_mode
 ifneq "$(SYS)" "Darwin"
 ifeq "$(ARCH)" "aarch64"
  ifndef NO_CORESIGHT
-	$(MAKE) -C coresight_mode
+	-$(MAKE) -C coresight_mode
  endif
 endif
 ifeq "$(SYS)" "Linux"
@ -644,17 +644,17 @@ endif

 .PHONY: binary-only
 binary-only: test_shm test_python ready $(PROGS)
-	$(MAKE) -C utils/libdislocator
-	$(MAKE) -C utils/libtokencap
-	$(MAKE) -C utils/afl_network_proxy
-	$(MAKE) -C utils/socket_fuzzing
-	$(MAKE) -C utils/argv_fuzzing
+	-$(MAKE) -C utils/libdislocator
+	-$(MAKE) -C utils/libtokencap
+	-$(MAKE) -C utils/afl_network_proxy
+	-$(MAKE) -C utils/socket_fuzzing
+	-$(MAKE) -C utils/argv_fuzzing
 	# $(MAKE) -C utils/plot_ui
-	$(MAKE) -C frida_mode
+	-$(MAKE) -C frida_mode
 ifneq "$(SYS)" "Darwin"
 ifeq "$(ARCH)" "aarch64"
  ifndef NO_CORESIGHT
-	$(MAKE) -C coresight_mode
+	-$(MAKE) -C coresight_mode
  endif
 endif
 ifeq "$(SYS)" "Linux"
@ -674,12 +674,12 @@ endif

 .PHONY: source-only
 source-only: all
-	$(MAKE) -j$(nproc) -f GNUmakefile.llvm
+	-$(MAKE) -j$(nproc) -f GNUmakefile.llvm
 ifneq "$(SYS)" "Darwin"
-	$(MAKE) -f GNUmakefile.gcc_plugin
+	-$(MAKE) -f GNUmakefile.gcc_plugin
 endif
-	$(MAKE) -C utils/libdislocator
-	$(MAKE) -C utils/libtokencap
+	-$(MAKE) -C utils/libdislocator
+	-$(MAKE) -C utils/libtokencap
 	# $(MAKE) -C utils/plot_ui
 ifeq "$(SYS)" "Linux"
 ifndef NO_NYX
@ -728,9 +728,9 @@ install: all $(MANPAGES)
 	@if [ -f utils/afl_network_proxy/afl-network-server ]; then $(MAKE) -C utils/afl_network_proxy install; fi
 	@if [ -f utils/aflpp_driver/libAFLDriver.a ]; then set -e; install -m 644 utils/aflpp_driver/libAFLDriver.a $${DESTDIR}$(HELPER_PATH); fi
 	@if [ -f utils/aflpp_driver/libAFLQemuDriver.a ]; then set -e; install -m 644 utils/aflpp_driver/libAFLQemuDriver.a $${DESTDIR}$(HELPER_PATH); fi
-	$(MAKE) -f GNUmakefile.llvm install
+	-$(MAKE) -f GNUmakefile.llvm install
 ifneq "$(SYS)" "Darwin"
-	$(MAKE) -f GNUmakefile.gcc_plugin install
+	-$(MAKE) -f GNUmakefile.gcc_plugin install
 endif
 	ln -sf afl-cc $${DESTDIR}$(BIN_PATH)/afl-gcc
 	ln -sf afl-cc $${DESTDIR}$(BIN_PATH)/afl-g++