From c3087b701810d86b782228346d7659eb3a3bf004 Mon Sep 17 00:00:00 2001 From: Abhishek Arya Date: Wed, 20 Jan 2021 08:59:05 -0800 Subject: [PATCH 1/4] Install rust in base-builder with minimal profile. (#5015) Remove docs and other unneeded stuff. https://blog.rust-lang.org/2019/10/15/Rustup-1.20.0.html --- infra/base-images/base-builder/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/base-images/base-builder/Dockerfile b/infra/base-images/base-builder/Dockerfile index 3e2ea725b..95e93a611 100644 --- a/infra/base-images/base-builder/Dockerfile +++ b/infra/base-images/base-builder/Dockerfile @@ -83,7 +83,7 @@ RUN go get -u github.com/mdempsky/go114-fuzz-build && \ ENV CARGO_HOME=/rust ENV RUSTUP_HOME=/rust/rustup ENV PATH=$PATH:/rust/bin -RUN curl https://sh.rustup.rs | sh -s -- -y --default-toolchain=nightly +RUN curl https://sh.rustup.rs | sh -s -- -y --default-toolchain=nightly --profile=minimal RUN cargo install cargo-fuzz # Needed to recompile rust std library for MSAN RUN rustup component add rust-src --toolchain nightly From 26dd144e52d46b49971e6dd35b603dc2148bf241 Mon Sep 17 00:00:00 2001 From: Abhishek Arya Date: Wed, 20 Jan 2021 11:37:37 -0800 Subject: [PATCH 2/4] Build modified projects as well when infra is modified. (#5019) --- infra/ci/build.py | 3 ++- projects/brotli/build.sh | 15 +++++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/infra/ci/build.py b/infra/ci/build.py index a1a22836a..30ff4ea49 100755 --- a/infra/ci/build.py +++ b/infra/ci/build.py @@ -239,7 +239,8 @@ def main(): infra_changed = is_infra_changed() if infra_changed: print('Pulling and building base images first.') - return build_base_images() + if build_base_images(): + return 1 result = build_modified_projects() if result == BuildModifiedProjectsResult.BUILD_FAIL: diff --git a/projects/brotli/build.sh b/projects/brotli/build.sh index cf6f5e765..c6abf6672 100755 --- a/projects/brotli/build.sh +++ b/projects/brotli/build.sh @@ -1,4 +1,19 @@ #!/bin/bash -eu +# Copyright 2016 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ cmake . -DBUILD_TESTING=OFF make clean From 9797a3447d734c50ce1460c6f7eca9e8d8b04444 Mon Sep 17 00:00:00 2001 From: Nico Weber Date: Wed, 20 Jan 2021 14:44:07 -0500 Subject: [PATCH 3/4] Fix workdir for serenity project (#5018) With this, can build fuzzers against a local checkout with: python3 infra/helper.py build_fuzzers serenity $HOME/src/serenity Similar to 14452cfb3d87f3f54ced75b9d5dd67b1470f2080 --- projects/serenity/Dockerfile | 2 +- projects/serenity/build.sh | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/projects/serenity/Dockerfile b/projects/serenity/Dockerfile index 138631c3d..c494759d2 100644 --- a/projects/serenity/Dockerfile +++ b/projects/serenity/Dockerfile @@ -17,5 +17,5 @@ FROM gcr.io/oss-fuzz-base/base-builder RUN apt-get update && apt-get install -y build-essential cmake curl e2fsprogs libmpfr-dev libmpc-dev libgmp-dev ninja-build RUN git clone https://github.com/SerenityOS/serenity -WORKDIR $SRC COPY build.sh $SRC/ +WORKDIR $SRC/serenity/Meta/Lagom diff --git a/projects/serenity/build.sh b/projects/serenity/build.sh index 3cce9976a..fa01830ce 100755 --- a/projects/serenity/build.sh +++ b/projects/serenity/build.sh @@ -16,8 +16,7 @@ ################################################################################ # Now build the content -cd serenity/Meta/Lagom -mkdir build +mkdir -p build cd build cmake -GNinja \ -DBUILD_LAGOM=ON \ From 687187f07ee5cb795911787fded90f959734fed8 Mon Sep 17 00:00:00 2001 From: Andrew Lytvynov Date: Wed, 20 Jan 2021 19:44:15 +0000 Subject: [PATCH 4/4] compile_go_fuzzer: pass build tags to `go list` (#5008) `go list` will fail if all files in the fuzzed package use a build tag restriction (like the common `gofuzz` tag). Also, pass the `gofuzz` tag in the teleport build to plumb it through. --- infra/base-images/base-builder/compile_go_fuzzer | 2 +- projects/teleport/build.sh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/infra/base-images/base-builder/compile_go_fuzzer b/infra/base-images/base-builder/compile_go_fuzzer index b827f8223..8f8cde759 100755 --- a/infra/base-images/base-builder/compile_go_fuzzer +++ b/infra/base-images/base-builder/compile_go_fuzzer @@ -25,7 +25,7 @@ fi if [[ $SANITIZER = *coverage* ]]; then cd $GOPATH/src/$path - fuzzed_package=`go list -f '{{.Name}}'` + fuzzed_package=`go list $tags -f '{{.Name}}'` cp $GOPATH/ossfuzz_coverage_runner.go ./"${function,,}"_test.go sed -i -e 's/FuzzFunction/'$function'/' ./"${function,,}"_test.go sed -i -e 's/mypackagebeingfuzzed/'$fuzzed_package'/' ./"${function,,}"_test.go diff --git a/projects/teleport/build.sh b/projects/teleport/build.sh index 90d9e8c53..23fefce58 100644 --- a/projects/teleport/build.sh +++ b/projects/teleport/build.sh @@ -20,5 +20,5 @@ mkdir -p $GOPATH/src/github.com/gravitational cd $GOPATH/src/github.com/gravitational git clone https://github.com/gravitational/teleport.git -compile_go_fuzzer github.com/gravitational/teleport/lib/fuzz FuzzParseProxyJump utils_fuzz -compile_go_fuzzer github.com/gravitational/teleport/lib/fuzz FuzzNewExpression parse_fuzz +compile_go_fuzzer github.com/gravitational/teleport/lib/fuzz FuzzParseProxyJump utils_fuzz gofuzz +compile_go_fuzzer github.com/gravitational/teleport/lib/fuzz FuzzNewExpression parse_fuzz gofuzz