[libxslt] Start with integration (#2320)

Integrate the first fuzz targets from libxslt.

2 files changed, 87 insertions, 0 deletions

diff --git a/projects/libxslt/Dockerfile b/projects/libxslt/Dockerfile
new file mode 100644
index 00000000..b020aeb7
--- /dev/null
+++ b/projects/libxslt/Dockerfile
@@ -0,0 +1,28 @@
+# Copyright 2019 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder
+MAINTAINER wellnhofer@aevum.de
+
+# Note that we don't use the system libxml2 but a custom instrumented build.
+# libgcrypt is required for the crypto extensions of libexslt.
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    make autoconf automake libtool pkg-config \
+    libgcrypt-dev
+RUN git clone --depth 1 https://gitlab.gnome.org/GNOME/libxml2.git
+RUN git clone --depth 1 https://gitlab.gnome.org/GNOME/libxslt.git
+WORKDIR libxslt
+COPY build.sh $SRC/
diff --git a/projects/libxslt/build.sh b/projects/libxslt/build.sh
new file mode 100755
index 00000000..9da615d3
--- /dev/null
+++ b/projects/libxslt/build.sh
@@ -0,0 +1,59 @@
+#!/bin/bash -eu
+#
+# Copyright 2019 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+if [ "$SANITIZER" = undefined ]; then
+    export CFLAGS="$CFLAGS -fno-sanitize=unsigned-integer-overflow,float-divide-by-zero"
+    export CXXFLAGS="$CXXFLAGS -fno-sanitize=unsigned-integer-overflow,float-divide-by-zero"
+fi
+
+cd ../libxml2
+./autogen.sh --without-python --disable-shared
+make -j$(nproc) V=1
+
+cd ../libxslt
+if [ "$SANITIZER" = memory ]; then
+    # This would require an instrumented libgcrypt build.
+    CRYPTO_CONF=--without-crypto
+    CRYPTO_LIBS=
+else
+    CRYPTO_CONF=--with-crypto
+    CRYPTO_LIBS=-lgcrypt
+fi
+./autogen.sh --without-python $CRYPTO_CONF --disable-shared \
+    --with-libxml-src=../libxml2
+make -j$(nproc) V=1
+
+for fuzzer in xpath xslt; do
+    # Compile as C
+    $CC $CFLAGS \
+        -I. -I../libxml2/include \
+        -c tests/fuzz/$fuzzer.c \
+        -o tests/fuzz/$fuzzer.o \
+    # Link with $CXX
+    $CXX $CXXFLAGS \
+        tests/fuzz/$fuzzer.o \
+        -o $OUT/$fuzzer \
+        -lFuzzingEngine \
+        libexslt/.libs/libexslt.a libxslt/.libs/libxslt.a \
+        ../libxml2/.libs/libxml2.a \
+        $CRYPTO_LIBS
+
+    zip -j $OUT/${fuzzer}_seed_corpus.zip tests/fuzz/seed/$fuzzer/*
+done
+
+cp tests/fuzz/*.dict tests/fuzz/*.xml $OUT/