mirror of
https://github.com/samba-team/samba.git
synced 2025-01-08 21:18:16 +03:00
oss-fuzz: standardise on RPATH for the static-ish binaries
This includes a revert of commit e60df21499
.
We strictly require RPATH, not the modern RUNPATH for the behaviour
we need in oss-fuzz, which is that not just the first line of dependencies
but the full set of libraries used by the program are looked for in the
'$ORIGIN/lib' directory.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Oct 22 14:10:04 UTC 2020 on sn-devel-184
This commit is contained in:
parent
048725080b
commit
c03a265030
@ -63,7 +63,7 @@ case "$SANITIZER" in
|
|||||||
# cc style options, so we can just set ADDITIONAL_LDFLAGS
|
# cc style options, so we can just set ADDITIONAL_LDFLAGS
|
||||||
# to ensure the coverage build is done, despite waf splitting
|
# to ensure the coverage build is done, despite waf splitting
|
||||||
# the compile and link phases.
|
# the compile and link phases.
|
||||||
ADDITIONAL_LDFLAGS="$COVERAGE_FLAGS"
|
ADDITIONAL_LDFLAGS="${ADDITIONAL_LDFLAGS:-} $COVERAGE_FLAGS"
|
||||||
export ADDITIONAL_LDFLAGS
|
export ADDITIONAL_LDFLAGS
|
||||||
|
|
||||||
SANITIZER_ARG=''
|
SANITIZER_ARG=''
|
||||||
@ -113,19 +113,16 @@ do
|
|||||||
cp $x $OUT/
|
cp $x $OUT/
|
||||||
bin=`basename $x`
|
bin=`basename $x`
|
||||||
|
|
||||||
# Change any RPATH to RUNPATH.
|
# Changing RPATH (not RUNPATH, but we can't tell here which was
|
||||||
|
# set) is critical, otherwise libraries used by libraries won't be
|
||||||
|
# found on the oss-fuzz target host. Sadly this is only possible
|
||||||
|
# with clang or ld.bfd on Ubuntu 16.04 (this script is only run on
|
||||||
|
# that).
|
||||||
#
|
#
|
||||||
# We use ld.bfd for the coverage builds, rather than the faster ld.gold.
|
# chrpath --convert only allows RPATH to be changed to RUNPATH,
|
||||||
|
# not the other way around, and we really don't want RUNPATH.
|
||||||
#
|
#
|
||||||
# On Ubuntu 16.04, used for the oss-fuzz build, when linking with
|
# This means the copied libraries are found on the runner
|
||||||
# ld.bfd the binaries get a RPATH, but builds in Ubuntu 18.04
|
|
||||||
# ld.bfd and those using ld.gold get a RUNPATH.
|
|
||||||
#
|
|
||||||
# Just convert them all to RUNPATH to make the check_build.sh test
|
|
||||||
# easier.
|
|
||||||
chrpath -c $OUT/$bin
|
|
||||||
# Change RUNPATH so that the copied libraries are found on the
|
|
||||||
# runner
|
|
||||||
chrpath -r '$ORIGIN/lib' $OUT/$bin
|
chrpath -r '$ORIGIN/lib' $OUT/$bin
|
||||||
|
|
||||||
# Truncate the original binary to save space
|
# Truncate the original binary to save space
|
||||||
|
@ -23,12 +23,21 @@ do
|
|||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
# Confirm that the chrpath was reset to lib/ in the same directory
|
# Confirm that the chrpath was reset to lib/ in the same directory
|
||||||
# as the binary
|
# as the binary. RPATH (not RUNPATH) is critical, otherwise
|
||||||
chrpath -l $bin | grep 'RUNPATH=$ORIGIN/lib'
|
# libraries used by libraries won't be found on the oss-fuzz
|
||||||
|
# target host, but is only possible with clang or ld.bfd on Ubuntu
|
||||||
|
# 16.04 (this script is only run on that).
|
||||||
|
chrpath -l $bin | grep 'RPATH=$ORIGIN/lib'
|
||||||
|
|
||||||
# Confirm that we link to at least some libraries in this
|
# Confirm that we link to at least some libraries in this
|
||||||
# directory (shows that the libraries were found and copied).
|
# directory (shows that the libraries were found and copied).
|
||||||
ldd $bin | grep "$OUT/lib"
|
ldd $bin | grep "$OUT/lib"
|
||||||
|
num_libs=$(ldd $bin | grep -v ld-linux | grep -v linux-vdso | grep -v "$OUT/lib"| wc -l)
|
||||||
|
|
||||||
|
if [ 0$num_libs -ne 0 ]; then
|
||||||
|
echo "some libraries not linked to $ORIGIN/lib, oss-fuzz will fail!"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
if [ -f ${bin}_seed_corpus.zip ]; then
|
if [ -f ${bin}_seed_corpus.zip ]; then
|
||||||
seeds_found=yes
|
seeds_found=yes
|
||||||
|
@ -651,7 +651,7 @@ tasks = {
|
|||||||
"samba-fuzz": [
|
"samba-fuzz": [
|
||||||
# build the fuzzers (static) via the oss-fuzz script
|
# build the fuzzers (static) via the oss-fuzz script
|
||||||
("fuzzers-mkdir-prefix", "mkdir -p ${PREFIX_DIR}"),
|
("fuzzers-mkdir-prefix", "mkdir -p ${PREFIX_DIR}"),
|
||||||
("fuzzers-build", "OUT=${PREFIX_DIR} LIB_FUZZING_ENGINE= SANITIZER=address CXX= CFLAGS= ./lib/fuzzing/oss-fuzz/build_samba.sh --enable-afl"),
|
("fuzzers-build", "OUT=${PREFIX_DIR} LIB_FUZZING_ENGINE= SANITIZER=address CXX= CFLAGS= ADDITIONAL_LDFLAGS='-fuse-ld=bfd' ./lib/fuzzing/oss-fuzz/build_samba.sh --enable-afl"),
|
||||||
("fuzzers-check", "./lib/fuzzing/oss-fuzz/check_build.sh ${PREFIX_DIR}")
|
("fuzzers-check", "./lib/fuzzing/oss-fuzz/check_build.sh ${PREFIX_DIR}")
|
||||||
],
|
],
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user