-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathoss-fuzz-patches.diff
123 lines (114 loc) · 4.78 KB
/
oss-fuzz-patches.diff
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
diff --git a/infra/base-images/base-builder/Dockerfile b/infra/base-images/base-builder/Dockerfile
index 828155e9d..f95198a49 100644
--- a/infra/base-images/base-builder/Dockerfile
+++ b/infra/base-images/base-builder/Dockerfile
@@ -190,6 +190,16 @@ COPY llvmsymbol.diff $SRC
COPY detect_repo.py /opt/cifuzz/
COPY bazel.bazelrc /root/.bazelrc
+RUN rm -rf /fuzz-introspector/src
+RUN rm -rf /fuzz-introspector/frontends
+COPY src /fuzz-introspector/src
+COPY frontends /fuzz-introspector/frontends
+
+RUN rm -rf /fuzz-introspector/src
+RUN rm -rf /fuzz-introspector/frontends
+COPY src /fuzz-introspector/src
+COPY frontends /fuzz-introspector/frontends
+
# Set up ccache binary and cache directory.
# /ccache/bin will contain the compiler wrappers, and /ccache/cache will
# contain the actual cache, which can be saved.
diff --git a/infra/base-images/base-clang/Dockerfile b/infra/base-images/base-clang/Dockerfile
index 8f6486896..b4f50ac36 100644
--- a/infra/base-images/base-clang/Dockerfile
+++ b/infra/base-images/base-clang/Dockerfile
@@ -45,6 +45,9 @@ RUN apt-get update && apt-get install -y git && \
COPY checkout_build_install_llvm.sh /root/
# Keep all steps in the same script to decrease the number of intermediate
# layes in docker file.
+RUN rm -rf /fuzz-introspector
+COPY fuzz-introspector fuzz-introspector
+
RUN /root/checkout_build_install_llvm.sh
RUN rm /root/checkout_build_install_llvm.sh
diff --git a/infra/base-images/base-builder/compile b/infra/base-images/base-builder/compile
index d9077510f..5baa138a6 100755
--- a/infra/base-images/base-builder/compile
+++ b/infra/base-images/base-builder/compile
@@ -20,6 +20,7 @@ echo "---------------------------------------------------------------"
sysctl -w vm.mmap_rnd_bits=28
OSS_FUZZ_ON_DEMAND="${OSS_FUZZ_ON_DEMAND:-0}"
+RUST_SANITIZER=$SANITIZER
if [ "$FUZZING_LANGUAGE" = "jvm" ]; then
if [ "$FUZZING_ENGINE" != "libfuzzer" ] && [ "$FUZZING_ENGINE" != "wycheproof" ]; then
@@ -66,6 +67,13 @@ if [ "$FUZZING_LANGUAGE" = "python" ]; then
fi
fi
+if [ "$FUZZING_LANGUAGE" = "rust" ]; then
+ if [ "$SANITIZER" = "introspector" ]; then
+ # introspector sanitizer flag will cause cargo build failed, remove it temporary and store it in separate variable
+ export SANITIZER=address
+ fi
+fi
+
if [ -z "${SANITIZER_FLAGS-}" ]; then
FLAGS_VAR="SANITIZER_FLAGS_${SANITIZER}"
export SANITIZER_FLAGS=${!FLAGS_VAR-}
@@ -111,7 +119,7 @@ fi
# use RUSTFLAGS.
# FIXME: Support code coverage once support is in.
# See https://github.com/rust-lang/rust/issues/34701.
-if [ "$SANITIZER" != "undefined" ] && [ "$SANITIZER" != "coverage" ] && [ "$SANITIZER" != "none" ] && [ "$ARCHITECTURE" != 'i386' ]; then
+if [ "$SANITIZER" != "undefined" ] && [ "$SANITIZER" != "coverage" ] && [ "$SANITIZER" != "none" ] && [ "$RUST_SANITIZER" != "introspector" ] && [ "$ARCHITECTURE" != 'i386' ]; then
export RUSTFLAGS="--cfg fuzzing -Zsanitizer=${SANITIZER} -Cdebuginfo=1 -Cforce-frame-pointers"
else
export RUSTFLAGS="--cfg fuzzing -Cdebuginfo=1 -Cforce-frame-pointers"
@@ -188,7 +196,7 @@ EOF
export CXXFLAGS="$CXXFLAGS -fno-sanitize=leak"
fi
-if [ "$SANITIZER" = "introspector" ]; then
+if [ "$SANITIZER" = "introspector" ] || [ "$RUST_SANITIZER" = "introspector" ]; then
export AR=llvm-ar
export NM=llvm-nm
export RANLIB=llvm-ranlib
@@ -280,7 +288,7 @@ else
fi
fi
-if [ "$SANITIZER" = "introspector" ]; then
+if [ "$SANITIZER" = "introspector" ] || [ "$RUST_SANITIZER" = "introspector" ]; then
unset CXXFLAGS
unset CFLAGS
export G_ANALYTICS_TAG="G-8WTFM1Y62J"
@@ -295,6 +303,21 @@ if [ "$SANITIZER" = "introspector" ]; then
mkdir -p $SRC/my-fi-data
find $OUT/ -name *.data -exec mv {} $SRC/my-fi-data/ \;
find $OUT/ -name *.data.yaml -exec mv {} $SRC/my-fi-data/ \;
+ elif [ "$FUZZING_LANGUAGE" = "rust" ]; then
+ echo "GOING rust route"
+
+ # Run the rust frontend
+ pushd /fuzz-introspector/frontends/rust/rust_function_analyser
+ cargo run -- $SRC
+
+ # Move files temporarily to fix workflow of other languages.
+ mkdir -p $SRC/my-fi-data
+ find ./ -name "*.data" -exec mv {} $SRC/my-fi-data/ \;
+ find ./ -name "*.data.yaml" -exec mv {} $SRC/my-fi-data/ \;
+ popd
+
+ # Restore the sanitizer flag for rust
+ export SANITIZER="introspector"
fi
mkdir -p $SRC/inspector
@@ -335,6 +358,12 @@ if [ "$SANITIZER" = "introspector" ]; then
REPORT_ARGS="$REPORT_ARGS --language=jvm"
python3 /fuzz-introspector/src/main.py report $REPORT_ARGS
cp -rf $SRC/inspector $OUT/inspector
+ elif [ "$FUZZING_LANGUAGE" = "rust" ]; then
+ echo "GOING rust route"
+ REPORT_ARGS="$REPORT_ARGS --target_dir=$SRC/inspector"
+ REPORT_ARGS="$REPORT_ARGS --language=rust"
+ python3 /fuzz-introspector/src/main.py report $REPORT_ARGS
+ cp -rf $SRC/inspector $OUT/inspector
else
# C/C++