diff --git a/projects/zeek/Dockerfile b/projects/zeek/Dockerfile new file mode 100644 index 000000000..8eb9d5485 --- /dev/null +++ b/projects/zeek/Dockerfile @@ -0,0 +1,35 @@ +# Copyright 2020 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM gcr.io/oss-fuzz-base/base-builder +MAINTAINER jsiwek@corelight.com + +RUN apt-get update && apt-get install -y --no-install-recommends \ + patchelf \ + cmake \ + ninja-build \ + flex \ + bison \ + libpcap-dev \ + libssl-dev \ + libmaxminddb-dev \ + libkrb5-dev \ + zlib1g-dev \ + && rm -rf /var/lib/apt/lists/* + +RUN git clone --depth 1 --recursive https://github.com/zeek/zeek zeek +WORKDIR zeek +COPY build.sh $SRC/ diff --git a/projects/zeek/build.sh b/projects/zeek/build.sh new file mode 100644 index 000000000..f02e6b150 --- /dev/null +++ b/projects/zeek/build.sh @@ -0,0 +1,76 @@ +#!/bin/bash -eu +# Copyright 2020 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +CFLAGS="${CFLAGS} -pthread" CXXFLAGS="${CXXFLAGS} -pthread" \ + ./configure --prefix=$(pwd)/build/install-root \ + --build-type=debug \ + --generator=Ninja \ + --enable-fuzzers \ + --disable-python \ + --disable-zeekctl \ + --disable-auxtools \ + --disable-broker-tests + +cd build +ninja install + +cp -R ./install-root/share/zeek ${OUT}/oss-fuzz-zeek-scripts + +fuzzers=$(find . -name 'zeek-*-fuzzer') +fuzzer_count=1 + +function copy_lib + { + local fuzzer_path=$1 + local lib=$2 + cp $(ldd ${fuzzer_path} | grep "${lib}" | awk '{ print $3 }') ${OUT}/lib + } + +for f in ${fuzzers}; do + fuzzer_exe=$(basename ${f}) + fuzzer_name=$(echo ${fuzzer_exe} | sed 's/zeek-\(.*\)-fuzzer/\1/g') + + cp ${f} ${OUT}/ + + # Set up run-time dependency libraries + if [[ "${fuzzer_count}" -eq "1" ]]; then + mkdir -p ${OUT}/lib + zeek_libs=$(ldd ${f} | grep 'zeek/build' | awk '{ print $1 }' ) + + for lib in ${zeek_libs}; do + copy_lib ${f} ${lib} + done + + copy_lib ${f} libpcap + copy_lib ${f} libssl + copy_lib ${f} libcrypto + copy_lib ${f} libz + copy_lib ${f} libmaxminddb + fi + + patchelf --set-rpath '$ORIGIN/lib' ${OUT}/${fuzzer_exe} + + if [[ -e ../src/fuzzers/${fuzzer_name}.dict ]]; then + cp ../src/fuzzers/${fuzzer_name}.dict ${OUT}/${fuzzer_exe}.dict + fi + + if [[ -e ../src/fuzzers/${fuzzer_name}-corpus.zip ]]; then + cp ../src/fuzzers/${fuzzer_name}-corpus.zip ${OUT}/${fuzzer_exe}_seed_corpus.zip + fi + + fuzzer_count=$((fuzzer_count + 1)) +done diff --git a/projects/zeek/project.yaml b/projects/zeek/project.yaml new file mode 100644 index 000000000..c97748b65 --- /dev/null +++ b/projects/zeek/project.yaml @@ -0,0 +1,15 @@ +homepage: "https://www.zeek.org" +language: c++ +primary_contact: "security@zeek.org" +auto_ccs: + - "jsiwek@corelight.com" + - "robin@corelight.com" + - "johanna@corelight.com" + - "tim@corelight.com" + - "seth@corelight.com" + - "justin@corelight.com" +fuzzing_engines: + - libfuzzer + - honggfuzz +sanitizers: + - address