first toy variant of fuzzing for AOSP (#1016)

* first toy variant of fuzzing for AOSP * update e-mail, fix a typo * update e-mail
2017-12-04 12:54:32 -08:00 · 2017-12-04 12:54:32 -08:00 · 0b3f8b3a29
parent 4af6f53266
commit 0b3f8b3a29
3 changed files with 52 additions and 0 deletions
--- a/projects/aosp/Dockerfile
+++ b/projects/aosp/Dockerfile
@ -0,0 +1,25 @@
+# Copyright 2017 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+FROM gcr.io/oss-fuzz-base/base-builder
+RUN apt-get update && apt-get install -y curl
+
+# Get AOSP's version of sqlite, and get the fuzz target from upstream.
+# Once AOSP updates sqlite we'll be able to use the fuzz target from AOSP.
+RUN git clone https://android.googlesource.com/platform/external/sqlite
+RUN curl https://raw.githubusercontent.com/mackyle/sqlite/6bfffe7cfc8ff834e61f7d92a6509dbbca423b04/test/ossfuzz.c > sqlite_fuzz.c
+
+# Copy the build file
+COPY build.sh $SRC/
--- a/projects/aosp/build.sh
+++ b/projects/aosp/build.sh
@ -0,0 +1,23 @@
+#!/bin/bash -eu
+# Copyright 2017 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+# build sqlite
+$CC -c $CFLAGS sqlite/dist/sqlite3.c -I sqlite/dist
+$CC -c $CFLAGS sqlite_fuzz.c -I sqlite/dist
+$CXX $CXXFLAGS *.o  $LIB_FUZZING_ENGINE -o $OUT/sqlite
+# TODO: add a dictionary, build flags, etc, to better mimic
+# https://github.com/google/oss-fuzz/tree/master/projects/sqlite3
--- a/projects/aosp/project.yaml
+++ b/projects/aosp/project.yaml
@ -0,0 +1,4 @@
+homepage: "https://source.android.com/"
+primary_contact: "android-oss-fuzz@google.com"
+auto_ccs:
+   - "kcc@google.com"