From 2a15c3c88b21f4f1be2a7ff115f72bd7a08e34ac Mon Sep 17 00:00:00 2001
From: Catena cyber <35799796+catenacyber@users.noreply.github.com>
Date: Fri, 16 Apr 2021 07:45:42 +0200
Subject: [PATCH] Adds swift-nio project (#5566)

---
 projects/swift-nio/Dockerfile       | 47 ++++++++++++++++++++++++++
 projects/swift-nio/Package.swift    | 19 +++++++++++
 projects/swift-nio/build.sh         | 49 +++++++++++++++++++++++++++
 projects/swift-nio/fuzz_http1.swift | 21 ++++++++++++
 projects/swift-nio/llvmsymbol.diff  | 51 +++++++++++++++++++++++++++++
 projects/swift-nio/project.yaml     | 13 ++++++++
 6 files changed, 200 insertions(+)
 create mode 100644 projects/swift-nio/Dockerfile
 create mode 100644 projects/swift-nio/Package.swift
 create mode 100755 projects/swift-nio/build.sh
 create mode 100644 projects/swift-nio/fuzz_http1.swift
 create mode 100644 projects/swift-nio/llvmsymbol.diff
 create mode 100644 projects/swift-nio/project.yaml

diff --git a/projects/swift-nio/Dockerfile b/projects/swift-nio/Dockerfile
new file mode 100644
index 000000000..e2356887e
--- /dev/null
+++ b/projects/swift-nio/Dockerfile
@@ -0,0 +1,47 @@
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder
+
+# generic swift
+RUN apt-get update && apt install -y wget \
+           binutils \
+           libc6-dev \
+           libcurl3 \
+           libedit2 \
+           libgcc-5-dev \
+           libpython2.7 \
+           libsqlite3-0 \
+           libstdc++-5-dev \
+           libxml2 \
+           pkg-config \
+           tzdata \
+           zlib1g-dev
+RUN wget https://swift.org/builds/swift-5.3.3-release/ubuntu1604/swift-5.3.3-RELEASE/swift-5.3.3-RELEASE-ubuntu16.04.tar.gz
+RUN tar xzf swift-5.3.3-RELEASE-ubuntu16.04.tar.gz
+RUN cp -r swift-5.3.3-RELEASE-ubuntu16.04/usr/* /usr/
+
+# generic swift symbolizer
+RUN apt-get update && apt-get install -y build-essential make cmake ninja-build git python3 g++-multilib binutils-dev zlib1g-dev --no-install-recommends
+RUN git clone --depth 1 https://github.com/llvm/llvm-project.git
+COPY llvmsymbol.diff $SRC
+
+# specific swift-nio
+RUN git clone --depth 1 https://github.com/google/fuzzing
+RUN git clone --depth 1 https://github.com/apple/swift-nio.git
+COPY build.sh $SRC
+COPY *.swift $SRC/
+WORKDIR $SRC/swift-nio
diff --git a/projects/swift-nio/Package.swift b/projects/swift-nio/Package.swift
new file mode 100644
index 000000000..98ab5dc43
--- /dev/null
+++ b/projects/swift-nio/Package.swift
@@ -0,0 +1,19 @@
+// swift-tools-version:5.3
+// The swift-tools-version declares the minimum version of Swift required to build this package.
+
+import PackageDescription
+
+let package = Package(
+    name: "swift-nio-fuzz",
+    dependencies: [
+        // Dependencies declare other packages that this package depends on.
+        .package(name: "swift-nio", path: ".."),
+    ],
+    targets: [
+        // Targets are the basic building blocks of a package. A target can define a module or a test suite.
+        // Targets can depend on other targets in this package, and on products in packages this package depends on.
+        .target(
+            name: "swift-nio-http1-fuzz",
+            dependencies: [.product(name: "NIOHTTP1", package: "swift-nio")]),
+    ]
+)
diff --git a/projects/swift-nio/build.sh b/projects/swift-nio/build.sh
new file mode 100755
index 000000000..8f7191ab2
--- /dev/null
+++ b/projects/swift-nio/build.sh
@@ -0,0 +1,49 @@
+#!/bin/bash -eu
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+# generic swift symbolizer
+(
+cd $SRC/llvm-project
+git apply ../llvmsymbol.diff
+cmake -G "Ninja" -DLIBCXX_ENABLE_SHARED=OFF -DLIBCXX_ENABLE_STATIC_ABI_LIBRARY=ON -DLIBCXXABI_ENABLE_SHARED=OFF -DCMAKE_BUILD_TYPE=Release -DLLVM_TARGETS_TO_BUILD=X86 -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ -DLLVM_BUILD_TESTS=OFF -DLLVM_INCLUDE_TESTS=OFF llvm
+ninja -j$(nproc) llvm-symbolizer
+cp bin/llvm-symbolizer $OUT/
+)
+
+# build project
+mkdir swift-nio-fuzz
+cd swift-nio-fuzz
+swift package init --type=executable
+rm -Rf Sources/swift-nio-fuzz
+mkdir Sources/swift-nio-http1-fuzz
+cp $SRC/fuzz_http1.swift Sources/swift-nio-http1-fuzz/main.swift
+cp $SRC/Package.swift Package.swift
+# Maybe we should have a helper script to set $SWIFT_FLAGS
+# for instance about -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION in -Xcc
+swift build -c debug -Xswiftc -sanitize=fuzzer,address -Xswiftc -parse-as-library -Xswiftc -static-stdlib -Xswiftc -use-ld=/usr/bin/ld --static-swift-stdlib  --sanitize=address -Xcc="-fsanitize=fuzzer-no-link,address"
+(
+cd .build/debug/
+find . -maxdepth 1 -type f -name "*fuzz" -executable | while read i; do cp $i $OUT/"$i"-debug; done
+)
+swift build -c release -Xswiftc -sanitize=fuzzer,address -Xswiftc -parse-as-library -Xswiftc -static-stdlib -Xswiftc -use-ld=/usr/bin/ld --static-swift-stdlib  --sanitize=address -Xcc="-fsanitize=fuzzer-no-link,address"
+(
+cd .build/release/
+find . -maxdepth 1 -type f -name "*fuzz" -executable | while read i; do cp $i $OUT/"$i"-release; done
+)
+
+cp $SRC/fuzzing/dictionaries/http.dict $OUT/swift-nio-http1-fuzz-debug.dict
+cp $SRC/fuzzing/dictionaries/http.dict $OUT/swift-nio-http1-fuzz-release.dict
diff --git a/projects/swift-nio/fuzz_http1.swift b/projects/swift-nio/fuzz_http1.swift
new file mode 100644
index 000000000..065471a9a
--- /dev/null
+++ b/projects/swift-nio/fuzz_http1.swift
@@ -0,0 +1,21 @@
+import NIOHTTP1
+import NIO
+
+@_cdecl("LLVMFuzzerTestOneInput")
+public func test(_ start: UnsafeRawPointer, _ count: Int) -> CInt {
+    let bytes = UnsafeRawBufferPointer(start: start, count: count)
+    let channel = EmbeddedChannel()
+    var buffer = channel.allocator.buffer(capacity: count)
+    buffer.writeBytes(bytes)
+    do {
+        try channel.pipeline.addHandler(ByteToMessageHandler(HTTPRequestDecoder())).wait()
+        try channel.writeInbound(buffer)
+        channel.embeddedEventLoop.run()
+    } catch {
+    }
+    do {
+        try channel.finish(acceptAlreadyClosed: true)
+    } catch {
+    }
+    return 0
+}
diff --git a/projects/swift-nio/llvmsymbol.diff b/projects/swift-nio/llvmsymbol.diff
new file mode 100644
index 000000000..c53c978df
--- /dev/null
+++ b/projects/swift-nio/llvmsymbol.diff
@@ -0,0 +1,51 @@
+diff --git a/llvm/lib/DebugInfo/Symbolize/CMakeLists.txt b/llvm/lib/DebugInfo/Symbolize/CMakeLists.txt
+index acfb3bd0e..5c4cf9763 100644
+--- a/llvm/lib/DebugInfo/Symbolize/CMakeLists.txt
++++ b/llvm/lib/DebugInfo/Symbolize/CMakeLists.txt
+@@ -12,4 +12,12 @@ add_llvm_component_library(LLVMSymbolize
+   Object
+   Support
+   Demangle
+-  )
++
++  LINK_LIBS
++  /usr/lib/swift_static/linux/libswiftCore.a
++  /usr/lib/swift_static/linux/libswiftImageInspectionShared.a
++  /usr/lib/swift_static/linux/libicui18nswift.a
++  /usr/lib/swift_static/linux/libicuucswift.a
++  /usr/lib/swift_static/linux/libicudataswift.a
++  /usr/lib/x86_64-linux-gnu/libstdc++.so.6
++)
+diff --git a/llvm/lib/DebugInfo/Symbolize/Symbolize.cpp b/llvm/lib/DebugInfo/Symbolize/Symbolize.cpp
+index 4c3f3a3767e1..aa7b9f0f5abb 100644
+--- a/llvm/lib/DebugInfo/Symbolize/Symbolize.cpp
++++ b/llvm/lib/DebugInfo/Symbolize/Symbolize.cpp
+@@ -36,6 +36,13 @@
+ #include <cassert>
+ #include <cstring>
+ 
++
++extern "C" char *swift_demangle(const char *mangledName,
++                     size_t mangledNameLength,
++                     char *outputBuffer,
++                     size_t *outputBufferSize,
++                     uint32_t flags);
++
+ namespace llvm {
+ namespace symbolize {
+ 
+@@ -632,6 +639,14 @@ LLVMSymbolizer::DemangleName(const std::string &Name,
+     free(DemangledName);
+     return Result;
+   }
++  if (!Name.empty() && Name.front() == '$') {
++    char *DemangledName = swift_demangle(Name.c_str(), Name.length(), 0, 0, 0);
++    if (DemangledName) {
++      std::string Result = DemangledName;
++      free(DemangledName);
++      return Result;
++    }
++  }
+ 
+   if (DbiModuleDescriptor && DbiModuleDescriptor->isWin32Module())
+     return std::string(demanglePE32ExternCFunc(Name));
diff --git a/projects/swift-nio/project.yaml b/projects/swift-nio/project.yaml
new file mode 100644
index 000000000..ea9e22737
--- /dev/null
+++ b/projects/swift-nio/project.yaml
@@ -0,0 +1,13 @@
+homepage: "https://github.com/apple/swift-nio"
+language: swift
+primary_contact: "lukasa@apple.com"
+auto_ccs :
+- "johannesweiss@apple.com"
+- "pp_adams@apple.com"
+- "p.antoine@catenacyber.fr"
+
+fuzzing_engines:
+- libfuzzer
+sanitizers:
+- address
+main_repo: 'https://github.com/apple/swift-nio.git'