-
Notifications
You must be signed in to change notification settings - Fork 49
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fuzz tests should be run from CI #252
Comments
avsm
added a commit
to avsm/opam-repository
that referenced
this issue
Apr 19, 2019
…uct-sexp and cstruct-lwt (5.0.0) CHANGES: **Security**: This release tightens bounds checks to ensure that data outside a given view (but still inside the underlying buffer) cannot be accessed. - `sub` does more checks (mirage/ocaml-cstruct#244 mirage/ocaml-cstruct#245 @hannesm @talex5 review by @dinosaure) - `add_len` and `set_len` are now deprecated and will be removed in a future release. (mirage/ocaml-cstruct#251 @hannesm) - do not add user-provided data for bounds checks (mirage/ocaml-cstruct#253 @hannesm, report and review by @talex5) - improve CI to add fuzzing (mirage/ocaml-cstruct#255 mirage/ocaml-cstruct#252 @avsm @yomimono @talex5) **Remove Unix dependency**: cstruct now uses the new `bigarray-compat` library instead of Bigarray directly, to avoid a dependency on Unix when using OCaml compilers less than 4.06.0. This will break downstream libraries that do not have a direct dependency on `Bigarray`. Simply fix it in your library by adding a `bigarray` dependency in your dune file. (mirage/ocaml-cstruct#247 @TheLortex) **Capability module**: To improve the safety of future code with stronger type checking, this release introduces a new `Cstruct_cap` module which makes the underlying Cstruct an abstract type instead of a record. In return for this extra abstraction, the module can enforce read-only, write only, and read/write buffers by tracking them as phantom type variables. Although this library shares an implementation internally with classic `Cstruct`, it is a significant revision and so we will be gradually migrating to it. Feedback on it is welcome! (mirage/ocaml-cstruct#237 @dinosaure and many excited reviewers) **Ppx compare functions**: A new `compare_X` function is generated for `cenum` declarations. This respects custom ids supplied in the cenum declaration and so is more robust than polymorphic compare (mirage/ocaml-cstruct#248 @emillon) The CI has also been switched over to both Azure Pipelines and Drone in addition to Travis, and as a result the tests all run on Windows, macOS, various Linux distributions, on x86 and arm64 machines, and runs AFL fuzz tests on the Drone cloud (mirage/ocaml-cstruct#255 @avsm).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As mentioned in #250 , the fuzz tests really should be run from CI.
The text was updated successfully, but these errors were encountered: