oss-fuzz: standardise on RPATH for the static-ish binaries

This includes a revert of commit e60df21499.

We strictly require RPATH, not the modern RUNPATH for the behaviour
we need in oss-fuzz, which is that not just the first line of dependencies
but the full set of libraries used by the program are looked for in the
'$ORIGIN/lib' directory.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Oct 22 14:10:04 UTC 2020 on sn-devel-184

lib/fuzzing/oss-fuzz/build_samba.sh

@@ -63,7 +63,7 @@ case "$SANITIZER" in
 	# cc style options, so we can just set ADDITIONAL_LDFLAGS
 	# to ensure the coverage build is done, despite waf splitting
 	# the compile and link phases.
-	ADDITIONAL_LDFLAGS="$COVERAGE_FLAGS"
+	ADDITIONAL_LDFLAGS="${ADDITIONAL_LDFLAGS:-} $COVERAGE_FLAGS"
 	export ADDITIONAL_LDFLAGS
 
 	SANITIZER_ARG=''
@@ -113,19 +113,16 @@ do
     cp $x $OUT/
     bin=`basename $x`
 
-    # Change any RPATH to RUNPATH.
+    # Changing RPATH (not RUNPATH, but we can't tell here which was
+    # set) is critical, otherwise libraries used by libraries won't be
+    # found on the oss-fuzz target host.  Sadly this is only possible
+    # with clang or ld.bfd on Ubuntu 16.04 (this script is only run on
+    # that).
     #
-    # We use ld.bfd for the coverage builds, rather than the faster ld.gold.
+    # chrpath --convert only allows RPATH to be changed to RUNPATH,
+    # not the other way around, and we really don't want RUNPATH.
     #
-    # On Ubuntu 16.04, used for the oss-fuzz build, when linking with
-    # ld.bfd the binaries get a RPATH, but builds in Ubuntu 18.04
-    # ld.bfd and those using ld.gold get a RUNPATH.
-    #
-    # Just convert them all to RUNPATH to make the check_build.sh test
-    # easier.
-    chrpath -c $OUT/$bin
-    # Change RUNPATH so that the copied libraries are found on the
-    # runner
+    # This means the copied libraries are found on the runner
     chrpath -r '$ORIGIN/lib' $OUT/$bin
 
     # Truncate the original binary to save space

lib/fuzzing/oss-fuzz/check_build.sh

@@ -23,12 +23,21 @@ do
         continue
     fi
     # Confirm that the chrpath was reset to lib/ in the same directory
-    # as the binary
-    chrpath -l $bin | grep 'RUNPATH=$ORIGIN/lib'
+    # as the binary.  RPATH (not RUNPATH) is critical, otherwise
+    # libraries used by libraries won't be found on the oss-fuzz
+    # target host, but is only possible with clang or ld.bfd on Ubuntu
+    # 16.04 (this script is only run on that).
+    chrpath -l $bin | grep 'RPATH=$ORIGIN/lib'
 
     # Confirm that we link to at least some libraries in this
     # directory (shows that the libraries were found and copied).
     ldd $bin | grep "$OUT/lib"
+    num_libs=$(ldd $bin | grep -v ld-linux | grep -v linux-vdso | grep -v "$OUT/lib"| wc -l)
+
+    if [ 0$num_libs -ne 0 ]; then
+	echo "some libraries not linked to $ORIGIN/lib, oss-fuzz will fail!"
+	exit 1
+    fi
 
     if [ -f ${bin}_seed_corpus.zip ]; then
         seeds_found=yes

script/autobuild.py

@@ -651,7 +651,7 @@ tasks = {
     "samba-fuzz": [
         # build the fuzzers (static) via the oss-fuzz script
         ("fuzzers-mkdir-prefix", "mkdir -p ${PREFIX_DIR}"),
-        ("fuzzers-build", "OUT=${PREFIX_DIR} LIB_FUZZING_ENGINE= SANITIZER=address CXX= CFLAGS= ./lib/fuzzing/oss-fuzz/build_samba.sh --enable-afl"),
+        ("fuzzers-build", "OUT=${PREFIX_DIR} LIB_FUZZING_ENGINE= SANITIZER=address CXX= CFLAGS= ADDITIONAL_LDFLAGS='-fuse-ld=bfd' ./lib/fuzzing/oss-fuzz/build_samba.sh --enable-afl"),
         ("fuzzers-check", "./lib/fuzzing/oss-fuzz/check_build.sh ${PREFIX_DIR}")
         ],