mirror of https://github.com/google/oss-fuzz.git
[USBGuard] Initial Integration. (#1667)
USBGuard is a project that provides policy enforcement for attached USB device to protect against malicious on unauthorized USB devices. This adds initial support for the USBGuard project.
This commit is contained in:
Allen-Webb
jonathanmetzman
parent
cecf82749e
commit
8f16f85ef3
|
|
@ -0,0 +1,42 @@
|
|||
# Copyright 2018 Google Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
################################################################################
|
||||
|
||||
FROM gcr.io/oss-fuzz-base/base-builder
|
||||
MAINTAINER allenwebb@google.com
|
||||
|
||||
RUN apt-get update && apt-get install -y \
|
||||
make \
|
||||
autoconf \
|
||||
automake \
|
||||
libtool \
|
||||
pkg-config \
|
||||
libxml2-utils \
|
||||
xsltproc \
|
||||
libqb-dev \
|
||||
libprotobuf-dev \
|
||||
protobuf-compiler \
|
||||
libdbus-1-dev \
|
||||
libdbus-glib-1-dev \
|
||||
libgio2.0-cil-dev \
|
||||
libgcrypt20-dev \
|
||||
libpolkit-gobject-1-dev \
|
||||
libseccomp-dev \
|
||||
libcap-ng-dev
|
||||
|
||||
RUN git clone --recurse-submodules --depth 1 \
|
||||
https://github.com/USBGuard/usbguard usbguard
|
||||
WORKDIR usbguard
|
||||
COPY build.sh $SRC
|
||||
|
|
@ -0,0 +1,83 @@
|
|||
#!/bin/bash -eu
|
||||
# Copyright 2018 Google Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
################################################################################
|
||||
|
||||
autoreconf -fi
|
||||
|
||||
libqb=`find /usr/lib/ -name libqb.a -print -quit`
|
||||
protobuf=`find /usr/lib/ -name libprotobuf.a -print -quit`
|
||||
|
||||
qb_LIBS="${libqb}" \
|
||||
protobuf_LIBS="-pthread ${protobuf} -pthread -lpthread" \
|
||||
./configure --with-bundled-catch --with-bundled-pegtl \
|
||||
--with-crypto-library=gcrypt --disable-shared
|
||||
|
||||
fuzzers="$( cd src/Tests/Fuzzers && find -name 'fuzzer-*.cpp' |
|
||||
sed 's/^\.\/\(fuzzer-.*\)\.cpp$/\1/g' )"
|
||||
|
||||
make -j`nproc` src/build-config.h libusbguard.la
|
||||
make -j`nproc` -C src/Tests/Fuzzers ${fuzzers}
|
||||
|
||||
cd src/Tests/Fuzzers
|
||||
mv ${fuzzers} "$OUT"
|
||||
|
||||
################################################################################
|
||||
# Create seed corpora.
|
||||
################################################################################
|
||||
|
||||
# General case:
|
||||
cd "$SRC/usbguard/src/Tests/Fuzzers"
|
||||
# fuzzer-usb-descriptor seed corpus.
|
||||
for fuzzer_name in ${fuzzers}; do
|
||||
corpus_dir="${fuzzer_name}_corpus"
|
||||
if [[ ! -d "$corpus_dir" ]] ; then
|
||||
continue
|
||||
fi
|
||||
zip_name="$OUT/${fuzzer_name}_seed_corpus.zip"
|
||||
rm -f "${zip_name}"
|
||||
zip -r "${zip_name}" "${corpus_dir}"
|
||||
done
|
||||
|
||||
# Specific cases:
|
||||
cd "$WORK"
|
||||
# fuzzer-rules seed corpus.
|
||||
fuzzer_name=fuzzer-rules
|
||||
corpus_dir="${fuzzer_name}_corpus"
|
||||
zip_name="$OUT/${fuzzer_name}_seed_corpus.zip"
|
||||
if [[ ! -d "$SRC/usbguard/src/Tests/Fuzzers/$corpus_dir" ]] ; then
|
||||
rm -f "${zip_name}"
|
||||
rm -rf "${corpus_dir}"
|
||||
mkdir -p "${corpus_dir}"
|
||||
pushd "${corpus_dir}"
|
||||
i=1000000
|
||||
while read -r line; do
|
||||
echo "${line}" > "$((i++))"
|
||||
done < <( cat $SRC/usbguard/src/Tests/Rules/test-rules.good \
|
||||
$SRC/usbguard/src/Tests/Rules/test-rules.bad )
|
||||
popd
|
||||
zip -r "${zip_name}" "${corpus_dir}"
|
||||
fi
|
||||
|
||||
# fuzzer-usb-descriptor seed corpus.
|
||||
fuzzer_name=fuzzer-usb-descriptor
|
||||
corpus_dir="${fuzzer_name}_corpus"
|
||||
zip_name="$OUT/${fuzzer_name}_seed_corpus.zip"
|
||||
if [[ ! -d "$SRC/usbguard/src/Tests/Fuzzers/$corpus_dir" ]] ; then
|
||||
rm -rf "${corpus_dir}"
|
||||
rm -f "${zip_name}"
|
||||
cp -R "$SRC/usbguard/src/Tests/USB/data" "${corpus_dir}"
|
||||
zip -r "${zip_name}" "${corpus_dir}"
|
||||
fi
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
homepage: "https://usbguard.github.io/"
|
||||
primary_contact: "dkopecek@redhat.com"
|
||||
sanitizers:
|
||||
- address
|
||||
- undefined
|
||||
- memory
|
||||
auto_ccs:
|
||||
- "allenwebb@google.com"
|
||||
Loading…
Reference in New Issue