mirror of https://github.com/google/oss-fuzz.git
libdwarf: switch to fuzzers and corpora maintained by the project owner (#9786)
This pull request updates the Dockerfile and the build script to use the new [fuzzers](https://github.com/davea42/libdwarf-code/tree/master/fuzz) and [corpora](https://github.com/davea42/libdwarf-binary-samples) maintained by the owner of libdwarf-code. --------- Co-authored-by: Maksym Adamantis <maksym.adamantis@leviathan.corp-partner.google.com>
This commit is contained in:
madamantis-leviathan
GitHub
parent
0ba4b20807
commit
0248ec7d05
|
|
@ -15,9 +15,8 @@
|
|||
################################################################################
|
||||
|
||||
FROM gcr.io/oss-fuzz-base/base-builder
|
||||
RUN apt-get update && apt-get install -y make autoconf automake libtool zlib1g-dev
|
||||
RUN git clone --depth 1 https://github.com/davea42/libdwarf-code libdwarf
|
||||
RUN git clone --depth=1 https://github.com/DavidKorczynski/binary-samples $SRC/binary-samples
|
||||
RUN apt-get -qq update && apt-get install -qq -y make autoconf automake libtool zlib1g-dev
|
||||
RUN git clone --depth=1 https://github.com/davea42/libdwarf-code $SRC/libdwarf
|
||||
RUN git clone --depth=1 https://github.com/davea42/libdwarf-binary-samples $SRC/libdwarf-binary-samples
|
||||
WORKDIR libdwarf
|
||||
COPY build.sh $SRC/
|
||||
COPY fuzz*.c $SRC/
|
||||
|
|
|
|||
|
|
@ -15,26 +15,39 @@
|
|||
#
|
||||
################################################################################
|
||||
|
||||
export CFLAGS="${CFLAGS} -g -Werror"
|
||||
export CXXFLAGS="${CXXFLAGS} -g -Werror"
|
||||
# Build corpus for fuzzing
|
||||
export BINARY_SAMPLES_DIR="$SRC/libdwarf-binary-samples"
|
||||
export BINARY_SAMPLES_V1="$BINARY_SAMPLES_DIR/binary-samples"
|
||||
export BINARY_SAMPLES_V2="$BINARY_SAMPLES_DIR/binary-samples-v2"
|
||||
export FUZZER_DIR="$SRC/libdwarf/fuzz"
|
||||
|
||||
mkdir $SRC/corp
|
||||
cp $BINARY_SAMPLES_V1/elf* $SRC/corp
|
||||
cp $BINARY_SAMPLES_V1/Mach* $SRC/corp
|
||||
cp $BINARY_SAMPLES_V1/pe* $SRC/corp
|
||||
cp $BINARY_SAMPLES_V1/lib* $SRC/corp
|
||||
for file in $BINARY_SAMPLES_V2/{linux,windows}/*_DWARF*/* $BINARY_SAMPLES_V2/macOS-arm/*/*; do
|
||||
export newfile=$(echo $file | sed 's/ /_/g')
|
||||
# e.g. cp "..." /out/windows_gcc11_DWARF2_cross-platform.exe
|
||||
cp "$file" $SRC/corp/$(echo "$newfile" | cut -d/ -f5,6 | sed 's/\//_/g')_$(basename "$newfile")
|
||||
done
|
||||
|
||||
zip -r -j $OUT/fuzz_seed_corpus.zip $SRC/corp
|
||||
for fuzzFile in $FUZZER_DIR/fuzz*.c; do
|
||||
fuzzName=$(basename "$fuzzFile" '.c')
|
||||
cp $OUT/fuzz_seed_corpus.zip $OUT/${fuzzName}_seed_corpus.zip
|
||||
done
|
||||
rm $OUT/fuzz_seed_corpus.zip
|
||||
|
||||
|
||||
# Build fuzzers
|
||||
mkdir build
|
||||
cd build
|
||||
cmake ../
|
||||
make
|
||||
|
||||
# Build corpus for fuzzing
|
||||
mkdir $SRC/corp
|
||||
cp $SRC/binary-samples/elf* $SRC/corp
|
||||
cp $SRC/binary-samples/Mach* $SRC/corp
|
||||
cp $SRC/binary-samples/pe* $SRC/corp
|
||||
cp $SRC/binary-samples/lib* $SRC/corp
|
||||
|
||||
zip -r -j $OUT/fuzz_init_path_seed_corpus.zip $SRC/corp
|
||||
cp $OUT/fuzz_init_path_seed_corpus.zip $OUT/fuzz_init_binary_seed_corpus.zip
|
||||
|
||||
for fuzzName in init_path init_binary; do
|
||||
$CC $CFLAGS -I../src/lib/libdwarf/ $SRC/fuzz_${fuzzName}.c -c
|
||||
$CXX $CXXFLAGS $LIB_FUZZING_ENGINE -o $OUT/fuzz_${fuzzName} fuzz_${fuzzName}.o \
|
||||
./src/lib/libdwarf/libdwarf.a -lz
|
||||
for fuzzFile in $FUZZER_DIR/fuzz*.c; do
|
||||
fuzzName=$(basename "$fuzzFile" '.c')
|
||||
$CC $CFLAGS $LIB_FUZZING_ENGINE -I../src/lib/libdwarf/ \
|
||||
"$FUZZER_DIR/${fuzzName}.c" -o "$OUT/${fuzzName}" ./src/lib/libdwarf/libdwarf.a -lz
|
||||
done
|
||||
|
|
|
|||
|
|
@ -1,57 +0,0 @@
|
|||
/* Copyright 2021 Google LLC
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
#include <stdint.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/stat.h>
|
||||
#include <fcntl.h>
|
||||
#include <unistd.h>
|
||||
|
||||
/*
|
||||
* Libdwarf library callers can only use these headers.
|
||||
*/
|
||||
#include "dwarf.h"
|
||||
#include "libdwarf.h"
|
||||
|
||||
/*
|
||||
* A fuzzer that simulates a small part of the simplereader.c example.
|
||||
* This fuzzer targets dwarf_init_b.
|
||||
*/
|
||||
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
|
||||
char filename[256];
|
||||
sprintf(filename, "/tmp/libfuzzer.%d", getpid());
|
||||
|
||||
FILE *fp = fopen(filename, "wb");
|
||||
if (!fp) {
|
||||
return 0;
|
||||
}
|
||||
fwrite(data, size, 1, fp);
|
||||
fclose(fp);
|
||||
|
||||
int my_init_fd = 0;
|
||||
Dwarf_Ptr errarg = 0;
|
||||
Dwarf_Handler errhand = 0;
|
||||
Dwarf_Error *errp = NULL;
|
||||
Dwarf_Debug dbg = 0;
|
||||
|
||||
my_init_fd = open(filename, O_RDONLY);
|
||||
if (my_init_fd != -1) {
|
||||
dwarf_init_b(my_init_fd,DW_GROUPNUMBER_ANY,errhand,errarg,&dbg,errp);
|
||||
dwarf_finish(dbg);
|
||||
close(my_init_fd);
|
||||
}
|
||||
|
||||
unlink(filename);
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -1,51 +0,0 @@
|
|||
/* Copyright 2021 Google LLC
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
#include <stdint.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/types.h>
|
||||
#include <unistd.h>
|
||||
|
||||
/*
|
||||
* Libdwarf library callers can only use these headers.
|
||||
*/
|
||||
#include "dwarf.h"
|
||||
#include "libdwarf.h"
|
||||
|
||||
/*
|
||||
* A fuzzer that simulates a small part of the simplereader.c example.
|
||||
*/
|
||||
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
|
||||
char filename[256];
|
||||
sprintf(filename, "/tmp/libfuzzer.%d", getpid());
|
||||
|
||||
FILE *fp = fopen(filename, "wb");
|
||||
if (!fp) {
|
||||
return 0;
|
||||
}
|
||||
fwrite(data, size, 1, fp);
|
||||
fclose(fp);
|
||||
Dwarf_Ptr errarg = 0;
|
||||
Dwarf_Handler errhand = 0;
|
||||
Dwarf_Debug dbg = 0;
|
||||
Dwarf_Error *errp = NULL;
|
||||
#define MACHO_PATH_LEN 2000
|
||||
char macho_real_path[2000];
|
||||
dwarf_init_path(filename, macho_real_path, MACHO_PATH_LEN,
|
||||
DW_GROUPNUMBER_ANY, errhand, errarg, &dbg, errp);
|
||||
|
||||
dwarf_finish(dbg);
|
||||
|
||||
unlink(filename);
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -8,4 +8,4 @@ fuzzing_engines:
|
|||
- afl
|
||||
- honggfuzz
|
||||
- libfuzzer
|
||||
- centipede
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue