2020-03-04 12:35:06 +03:00
#!/usr/bin/env bash
2020-11-09 07:23:58 +03:00
# SPDX-License-Identifier: LGPL-2.1-or-later
2018-01-14 03:51:07 +03:00
set -ex
export LC_CTYPE = C.UTF-8
2018-03-12 17:59:10 +03:00
export CC = ${ CC :- clang }
export CXX = ${ CXX :- clang ++ }
clang_version = " $( $CC --version | sed -nr 's/.*version ([^ ]+?) .*/\1/p' | sed -r 's/-$//' ) "
2018-01-16 18:25:43 +03:00
SANITIZER = ${ SANITIZER :- address -fsanitize-address-use-after-scope }
2019-05-09 01:03:41 +03:00
flags = " -O1 -fno-omit-frame-pointer -gline-tables-only -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize= $SANITIZER "
2018-01-16 18:25:43 +03:00
2018-03-12 17:59:10 +03:00
clang_lib = " /usr/lib64/clang/ ${ clang_version } /lib/linux "
[ -d " $clang_lib " ] || clang_lib = " /usr/lib/clang/ ${ clang_version } /lib/linux "
2018-01-16 18:25:43 +03:00
export CFLAGS = ${ CFLAGS :- $flags }
export CXXFLAGS = ${ CXXFLAGS :- $flags }
2018-03-12 17:59:10 +03:00
export LDFLAGS = ${ LDFLAGS :- -L ${ clang_lib } }
2018-01-16 18:25:43 +03:00
export WORK = ${ WORK :- $( pwd ) }
export OUT = ${ OUT :- $( pwd ) /out }
2021-09-29 22:28:55 +03:00
mkdir -p " $OUT "
2018-01-16 18:25:43 +03:00
2021-09-29 22:28:55 +03:00
build = " $WORK /build "
rm -rf " $build "
mkdir -p " $build "
2018-01-16 16:36:56 +03:00
2018-01-16 18:25:43 +03:00
if [ -z " $FUZZING_ENGINE " ] ; then
scripts: use 4 space indentation
We had all kinds of indentation: 2 sp, 3 sp, 4 sp, 8 sp, and mixed.
4 sp was the most common, in particular the majority of scripts under test/
used that. Let's standarize on 4 sp, because many commandlines are long and
there's a lot of nesting, and with 8sp indentation less stuff fits. 4 sp
also seems to be the default indentation, so this will make it less likely
that people will mess up if they don't load the editor config. (I think people
often use vi, and vi has no support to load project-wide configuration
automatically. We distribute a .vimrc file, but it is not loaded by default,
and even the instructions in it seem to discourage its use for security
reasons.)
Also remove the few vim config lines that were left. We should either have them
on all files, or none.
Also remove some strange stuff like '#!/bin/env bash', yikes.
2019-04-04 15:10:42 +03:00
fuzzflag = "llvm-fuzz=true"
2020-05-21 09:20:01 +03:00
else
fuzzflag = "oss-fuzz=true"
2021-11-17 11:47:29 +03:00
apt-get update
apt-get install -y gperf m4 gettext python3-pip \
libcap-dev libmount-dev libkmod-dev \
2021-11-19 19:23:03 +03:00
pkg-config wget python3-jinja2
2021-12-27 02:26:56 +03:00
# gnu-efi is installed here to enable -Dgnu-efi behind which fuzz-bcd
# is hidden. It isn't linked against efi. It doesn't
# even include "efi.h" because "bcd.c" can work in "unit test" mode
# where it isn't necessary.
apt-get install -y gnu-efi zstd
2021-11-19 19:23:03 +03:00
pip3 install -r .github/workflows/requirements.txt --require-hashes
# https://github.com/google/oss-fuzz/issues/6868
ORIG_PYTHONPATH = $( python3 -c 'import sys;print(":".join(sys.path[1:]))' )
export PYTHONPATH = " $ORIG_PYTHONPATH :/usr/lib/python3/dist-packages/ "
2021-11-17 11:47:29 +03:00
2020-05-21 09:20:01 +03:00
if [ [ " $SANITIZER " = = undefined ] ] ; then
2021-12-28 20:10:18 +03:00
additional_ubsan_checks = pointer-overflow,alignment
UBSAN_FLAGS = " -fsanitize= $additional_ubsan_checks -fno-sanitize-recover= $additional_ubsan_checks "
2020-05-21 09:20:01 +03:00
CFLAGS = " $CFLAGS $UBSAN_FLAGS "
CXXFLAGS = " $CXXFLAGS $UBSAN_FLAGS "
fi
2018-01-16 18:25:43 +03:00
fi
2021-09-29 22:28:55 +03:00
if ! meson " $build " " -D $fuzzflag " -Db_lundef= false; then
cat " $build /meson-logs/meson-log.txt "
2021-02-01 15:40:57 +03:00
exit 1
fi
2021-09-29 22:28:55 +03:00
ninja -v -C " $build " fuzzers
2018-01-14 03:51:07 +03:00
2021-12-27 02:26:56 +03:00
# Compressed BCD files are kept in test/test-bcd so let's unpack them
# and put them all in the seed corpus.
bcd = $( mktemp -d)
for i in test/test-bcd/*.zst; do
unzstd " $i " -o " $bcd / $( basename " ${ i %.zst } " ) " ;
done
zip -jqr " $OUT /fuzz-bcd_seed_corpus.zip " " $bcd "
rm -rf " $bcd "
2018-07-07 18:43:40 +03:00
# The seed corpus is a separate flat archive for each fuzzer,
# with a fixed name ${fuzzer}_seed_corpus.zip.
for d in " $( dirname " $0 " ) /../test/fuzz/fuzz- " *; do
2021-09-29 22:28:55 +03:00
zip -jqr " $OUT / $( basename " $d " ) _seed_corpus.zip " " $d "
2018-01-20 03:44:56 +03:00
done
# get fuzz-dns-packet corpus
2021-09-29 22:28:55 +03:00
df = " $build /dns-fuzzing "
git clone --depth 1 https://github.com/CZ-NIC/dns-fuzzing " $df "
zip -jqr " $OUT /fuzz-dns-packet_seed_corpus.zip " " $df /packet "
2018-01-14 03:51:07 +03:00
meson: create new libsystemd-core.so private shared library
The scheme is very similar to libsystemd-shared.so: instead of building a
static library, we build a shared library from the same objects and link the
two users to it. Both systemd and systemd-analyze consist mostly of the fairly
big code in libcore, so we save a bit on the installation:
(-0g, no strip)
-rwxr-xr-x 5238864 Dec 14 12:52 /var/tmp/inst1/usr/lib/systemd/systemd
-rwxr-xr-x 5399600 Dec 14 12:52 /var/tmp/inst1/usr/bin/systemd-analyze
-rwxr-xr-x 244912 Dec 14 13:17 /var/tmp/inst2/usr/lib/systemd/systemd
-rwxr-xr-x 461224 Dec 14 13:17 /var/tmp/inst2/usr/bin/systemd-analyze
-rwxr-xr-x 5271568 Dec 14 13:17 /var/tmp/inst2/usr/lib/systemd/libsystemd-core-250.so
(-0g, strip)
-rwxr-xr-x 2522080 Dec 14 13:19 /var/tmp/inst1/usr/lib/systemd/systemd
-rwxr-xr-x 2604160 Dec 14 13:19 /var/tmp/inst1/usr/bin/systemd-analyze
-rwxr-xr-x 113304 Dec 14 13:19 /var/tmp/inst2/usr/lib/systemd/systemd
-rwxr-xr-x 207656 Dec 14 13:19 /var/tmp/inst2/usr/bin/systemd-analyze
-rwxr-xr-x 2648520 Dec 14 13:19 /var/tmp/inst2/usr/lib/systemd/libsystemd-core-250.so
So for systemd itself we grow a bit (2522080 → 2648520+113304=2761824), but
overall we save. The most is saved on all the test files that link to libcore,
if they are installed, because there's 15 of them:
$ du -s /var/tmp/inst?
220096 /var/tmp/inst1
122960 /var/tmp/inst2
I also considered making systemd-analyze a symlink to /usr/lib/systemd/systemd
and turning systemd into a multicall binary. We did something like this with
udevd and udevadm. But that solution doesn't fit well in this case.
systemd-analyze has a bunch of functionality that is not used in systemd,
so the systemd binary would need to grow quite a bit. And we're likely to
add new types of verification or introspection features in analyze, and this
baggage would only grow. In addition, there are the test binaries which also
benefit from this.
2021-12-14 15:20:28 +03:00
install -Dt " $OUT /src/shared/ " \
" $build " /src/shared/libsystemd-shared-*.so \
" $build " /src/core/libsystemd-core-*.so
2018-01-14 03:51:07 +03:00
2021-09-29 22:28:55 +03:00
wget -O " $OUT /fuzz-json.dict " https://raw.githubusercontent.com/rc0r/afl-fuzz/master/dictionaries/json.dict
2018-08-01 13:25:26 +03:00
2021-09-29 22:28:55 +03:00
find " $build " -maxdepth 1 -type f -executable -name "fuzz-*" -exec mv { } " $OUT " \;
find src -type f -name "fuzz-*.dict" -exec cp { } " $OUT " \;
cp src/fuzz/*.options " $OUT "