History

Oliver Chang 81c4656621 Run apt-get autoremove after removing honggfuzz dependencies. (#3172 )		2020-01-02 13:24:21 +11:00
..
test_data	Add scripts to bisect clang commits that introduced regressions (#2849 )	2019-10-03 15:35:31 -07:00
Dockerfile	Revert "Enable UBSan's pointer-overflow check. (#3121 )" (#3123 )	2019-12-13 06:48:16 -08:00
README.md	[docs] Remove `-lFuzzingEngine` reference from base-builder image readme.	2019-05-31 16:50:29 -07:00
bisect_clang.py	[bisect_clang] Add comment on testing (#2957 )	2019-10-16 12:45:05 -07:00
bisect_clang_test.py	Add scripts to bisect clang commits that introduced regressions (#2849 )	2019-10-03 15:35:31 -07:00
compile	Revert "Use "x86" instead of "i386" for better name recognition. (#2685 )" (#2687 )	2019-08-12 10:54:18 -07:00
compile_afl	Fix build breakage caused by unnecessary AFL testing (#2291 )	2019-04-04 07:11:40 -07:00
compile_dataflow	[infra] Add support for dataflow builds to the helper script and build check (#1632 ). (#2501 )	2019-06-12 11:08:15 -07:00
compile_honggfuzz	Pre-compile honggfuzz (#3045 )	2019-11-20 11:04:33 +11:00
compile_libfuzzer	Change LIB_FUZZING_ENGINE to -fsanitize=fuzzer in libFuzzer builds (#2312 )	2019-04-15 10:05:02 -07:00
precompile_honggfuzz	Run apt-get autoremove after removing honggfuzz dependencies. (#3172 )	2020-01-02 13:24:21 +11:00
srcmap	[infra] Enable debugging mode for srcmap script to make its failures more obvious.	2018-12-10 10:11:40 -08:00
write_labels.py	Add support for tags field in project.yaml (#1974 ) (#1980 )	2018-11-27 16:46:26 +11:00

README.md

base-builder

Abstract base image for libfuzzer builders.

Every project image supports multiple commands that can be invoked through docker after the image is built:

docker run --rm -ti gcr.io/oss-fuzz/$project <command> <arguments...>

Supported Commands

Command	Description
`compile` (default)	build all fuzz targets
`/bin/bash`	drop into shell, execute `compile` script to start build.

Build Configuration

A single build image can build same set of fuzzers in many configurations. The configuration is picked through one or more environment variables.

Env Variable	Description
`$SANITIZER ("address")`	Specifies predefined sanitizer configuration to use. `address` or `memory` or `undefined`.
`$SANITIZER_FLAGS`	Specify compiler sanitizer flags directly. Overrides `$SANITIZER`.
`$COVERAGE_FLAGS`	Specify compiler flags to use for fuzzer feedback coverage.
`$BUILD_UID`	User id to use while building fuzzers.

Examples

building sqlite3 fuzzer with UBSan (SANITIZER=undefined):

docker run --rm -ti -e SANITIZER=undefined gcr.io/oss-fuzz/sqlite3

Image Files Layout

Location	Env	Description
`/out/`	`$OUT`	Directory to store build artifacts (fuzz targets, dictionaries, options files, seed corpus archives).
`/src/`	`$SRC`	Directory to checkout source files
`/work/`	`$WORK`	Directory for storing intermediate files
`/usr/lib/libFuzzingEngine.a`	`$LIB_FUZZING_ENGINE`	Location of prebuilt fuzzing engine library (e.g. libFuzzer ) that needs to be linked with all fuzz targets.

While files layout is fixed within a container, the environment variables are provided to be able to write retargetable scripts.

Compiler Flags

You must use special compiler flags to build your project and fuzz targets. These flags are provided in following environment variables:

Env Variable	Description
`$CC`	The C compiler binary.
`$CXX`, `$CCC`	The C++ compiler binary.
`$CFLAGS`	C compiler flags.
`$CXXFLAGS`	C++ compiler flags.

Most well-crafted build scripts will automatically use these variables. If not, pass them manually to the build tool.

Child Image Interface

Sources

Child image has to checkout all sources that it needs to compile fuzz targets into $SRC directory. When the image is executed, a directory could be mounted on top of these with local checkouts using docker run -v $HOME/my_project:/src/my_project ....

Other Required Files

Following files have to be added by child images:

File Location	Description
`$SRC/build.sh`	build script to build the project and its fuzz targets