Add ntopng project (#10218)

This a new project proposal to start fuzzing ntopng. The project it is still in early stage but in the near future we plan to enable other sanitizers and fuzzing engines cc @lucaderi
2023-05-09 15:01:18 +02:00 · 2023-05-09 15:01:18 +02:00 · 5f788e5632
parent f8d2bb7548
commit 5f788e5632
3 changed files with 164 additions and 0 deletions
--- a/projects/ntopng/Dockerfile
+++ b/projects/ntopng/Dockerfile
@ -0,0 +1,54 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder
+RUN apt-get update && apt-get install -y make autoconf automake libtool ninja-build \
+    liblzma-dev libzstd-dev pkg-config libglib2.0-dev groff libxml2-dev \
+    libcurl4-openssl-dev libsqlite3-dev flex bison
+
+# Ntopng
+RUN git clone --depth 1 https://github.com/ntop/ntopng.git ntopng
+ENV NTOPNG_HOME=$SRC/ntopng
+
+
+### Fuzzing dependencies ###
+
+# Build libprotobuf-mutator
+RUN git clone --depth 1 https://github.com/google/libprotobuf-mutator.git
+RUN mkdir libprotobuf-mutator/build; cd libprotobuf-mutator/build; \
+    cmake .. -GNinja -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ -DLIB_PROTO_MUTATOR_DOWNLOAD_PROTOBUF=ON -DLIB_PROTO_MUTATOR_TESTING=OFF -DCMAKE_BUILD_TYPE=Release; \
+    ninja;
+
+### Dependencies that need static linking ###
+
+ADD https://www.tcpdump.org/release/libpcap-1.9.1.tar.gz libpcap-1.9.1.tar.gz
+RUN tar -xvzf libpcap-1.9.1.tar.gz
+ADD https://github.com/zeromq/libzmq/releases/download/v4.3.4/zeromq-4.3.4.tar.gz zeromq-4.3.4.tar.gz
+RUN tar -xvzf zeromq-4.3.4.tar.gz
+ADD https://github.com/json-c/json-c/archive/refs/tags/json-c-0.16-20220414.tar.gz json-c-0.16-20220414.tar.gz
+RUN tar -xvzf json-c-0.16-20220414.tar.gz
+ADD https://github.com/maxmind/libmaxminddb/releases/download/1.7.1/libmaxminddb-1.7.1.tar.gz libmaxminddb-1.7.1.tar.gz
+RUN tar -xvzf libmaxminddb-1.7.1.tar.gz;
+
+### ntopng dependecies ###
+
+RUN git clone --depth 1 https://github.com/ntop/nDPI.git nDPI
+ENV NDPI_HOME=$SRC/nDPI
+
+
+WORKDIR ntopng
+
+COPY build.sh $SRC/
--- a/projects/ntopng/build.sh
+++ b/projects/ntopng/build.sh
@ -0,0 +1,96 @@
+#!/bin/bash -eu
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+# Disable code instrumentation
+CFLAGS_SAVE="$CFLAGS"
+CXXFLAGS_SAVE="$CXXFLAGS"
+unset CFLAGS
+unset CXXFLAGS
+export AFL_NOOPT=1
+# This is needed because oss-fuzz always uses it
+export CXXFLAGS="-stdlib=libc++"
+
+### Dependencies that need static linking ###
+
+# libpcap
+cd $SRC/libpcap-1.9.1
+./configure --disable-shared
+make -j$(nproc)
+make install
+
+# zeromq
+cd $SRC/zeromq-4.3.4
+./autogen.sh
+./configure --without-documentation --without-libsodium --enable-static --disable-shared
+make -j$(nproc)
+make install
+
+# json-c
+cd $SRC/json-c-json-c-0.16-20220414
+mkdir build
+cd build
+cmake -DBUILD_SHARED_LIBS=OFF ..
+make -j$(nproc)
+make install
+
+# libmaxminddb
+cd $SRC/libmaxminddb-1.7.1
+./configure --disable-shared --enable-static
+make -j$(nproc)
+make install
+
+
+### ntopng dependecies ###
+
+# Build nDPI
+cd $NDPI_HOME
+./autogen.sh
+make -j$(nproc)
+
+# Build LUA
+make -C $NTOPNG_HOME/third-party/lua-5.4.3 generic
+
+# Build librrdtool
+cd $NTOPNG_HOME/third-party/rrdtool-1.4.8
+./configure --disable-libdbi --disable-libwrap --disable-rrdcgi --disable-libtool-lock \
+    --disable-nls --disable-rpath --disable-perl --disable-ruby --disable-lua \
+    --disable-tcl --disable-python --disable-dependency-tracking --disable-rrd_graph
+cd src
+make librrd_th.la
+
+
+# Re-enable code instrumentation
+export CFLAGS="${CFLAGS_SAVE}"
+export CXXFLAGS="${CXXFLAGS_SAVE}"
+unset AFL_NOOPT
+
+### Build ntopng ###
+
+cd $NTOPNG_HOME
+
+./autogen.sh
+
+./configure --enable-fuzztargets --without-hiredis --with-zmq-static \
+    --with-json-c-static --with-maxminddb-static
+
+make -j$(nproc) fuzz_all
+
+# Copy fuzzers
+find fuzz/ -regex 'fuzz/fuzz_[a-z_]*' -exec cp {} {}.dict {}_seed_corpus.zip $OUT/ \;
+
+# Create the directory structure needed for fuzzing
+mkdir -p $OUT/install $OUT/data-dir $OUT/docs $OUT/scripts/callbacks
--- a/projects/ntopng/project.yaml
+++ b/projects/ntopng/project.yaml
@ -0,0 +1,14 @@
+homepage: "https://github.com/ntop/ntopng/"
+language: c++
+primary_contact: "luca.deri@gmail.com"
+auto_ccs:
+  - "patacca.x@gmail.com"
+main_repo: "https://github.com/ntop/ntopng.git"
+
+sanitizers:
+  - address
+
+fuzzing_engines:
+  - libfuzzer
+  - afl
+  - honggfuzz