[selinux] move the fuzz target and build script upstream (#6026)

to make it easier to reproduce and fix bugs locally

3 files changed, 2 insertions, 98 deletions

diff --git a/projects/selinux/Dockerfile b/projects/selinux/Dockerfile
index b62b4aeb..1c278d7c 100644
--- a/projects/selinux/Dockerfile
+++ b/projects/selinux/Dockerfile
@@ -30,4 +30,4 @@ RUN apt-get update && \
 	xmlto
 RUN git clone --depth 1 https://github.com/SELinuxProject/selinux
 WORKDIR selinux
-COPY build.sh *.c $SRC/
+COPY build.sh $SRC/
diff --git a/projects/selinux/build.sh b/projects/selinux/build.sh
index e2979ad7..0661536f 100755
--- a/projects/selinux/build.sh
+++ b/projects/selinux/build.sh
@@ -14,13 +14,4 @@
 # limitations under the License.
 #
 ################################################################################
-
-export DESTDIR=$(pwd)/DESTDIR
-export LDFLAGS="${LDFLAGS:-} $CFLAGS"
-
-find -name Makefile | xargs sed -i 's/,-z,defs//'
-make V=1 -j$(nproc) install
-
-$CC $CFLAGS -I$DESTDIR/usr/include -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -c -o secilc-fuzzer.o $SRC/secilc-fuzzer.c
-$CXX $CXXFLAGS $LIB_FUZZING_ENGINE secilc-fuzzer.o $DESTDIR/usr/lib/libsepol.a -o $OUT/secilc-fuzzer
-zip -r $OUT/secilc-fuzzer_seed_corpus.zip secilc/test
+./scripts/oss-fuzz.sh
diff --git a/projects/selinux/secilc-fuzzer.c b/projects/selinux/secilc-fuzzer.c
deleted file mode 100644
index c99df95a..00000000
--- a/projects/selinux/secilc-fuzzer.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
-# Copyright 2020 Google Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-################################################################################
-*/
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <stdint.h>
-#include <string.h>
-#include <getopt.h>
-#include <sys/stat.h>
-
-#include <sepol/cil/cil.h>
-#include <sepol/policydb.h>
-
-int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
-	enum cil_log_level log_level = CIL_ERR;
-	struct sepol_policy_file *pf = NULL;
-	FILE *dev_null = NULL;
-	int target = SEPOL_TARGET_SELINUX;
-	int disable_dontaudit = 0;
-	int multiple_decls = 0;
-	int disable_neverallow = 0;
-	int preserve_tunables = 0;
-	int policyvers = POLICYDB_VERSION_MAX;
-	int mls = -1;
-	int attrs_expand_generated = 0;
-	struct cil_db *db = NULL;
-	sepol_policydb_t *pdb = NULL;
-
-	cil_set_log_level(log_level);
-
-	cil_db_init(&db);
-	cil_set_disable_dontaudit(db, disable_dontaudit);
-	cil_set_multiple_decls(db, multiple_decls);
-	cil_set_disable_neverallow(db, disable_neverallow);
-	cil_set_preserve_tunables(db, preserve_tunables);
-	cil_set_mls(db, mls);
-	cil_set_target_platform(db, target);
-	cil_set_policy_version(db, policyvers);
-	cil_set_attrs_expand_generated(db, attrs_expand_generated);
-
-	if (cil_add_file(db, "fuzz", data, size) != SEPOL_OK)
-		goto exit;
-
-	if (cil_compile(db) != SEPOL_OK)
-		goto exit;
-
-	if (cil_build_policydb(db, &pdb) != SEPOL_OK)
-		goto exit;
-
-	if (sepol_policydb_optimize(pdb) != SEPOL_OK)
-		goto exit;
-
-	dev_null = fopen("/dev/null", "w");
-	if (dev_null == NULL)
-		goto exit;
-
-	if (sepol_policy_file_create(&pf) != 0)
-		goto exit;
-
-	sepol_policy_file_set_fp(pf, dev_null);
-
-	if (sepol_policydb_write(pdb, pf) != 0)
-		goto exit;
-exit:
-	if (dev_null != NULL)
-		fclose(dev_null);
-
-	cil_db_destroy(&db);
-	sepol_policydb_free(pdb);
-	sepol_policy_file_free(pf);
-	return 0;
-}