diff options
-rwxr-xr-x | infra/base-images/base-builder/compile | 19 | ||||
-rwxr-xr-x | infra/base-images/base-runner/test_all | 6 | ||||
-rwxr-xr-x | projects/ujson/build.sh | 12 |
3 files changed, 33 insertions, 4 deletions
diff --git a/infra/base-images/base-builder/compile b/infra/base-images/base-builder/compile index cdbbfe0a..8dcee8ca 100755 --- a/infra/base-images/base-builder/compile +++ b/infra/base-images/base-builder/compile @@ -22,6 +22,21 @@ if [ "$SANITIZER" = "dataflow" ] && [ "$FUZZING_ENGINE" != "dataflow" ]; then exit 1 fi +if [ "$FUZZING_LANGUAGE" = "python" ]; then + if [ "$FUZZING_ENGINE" != "libfuzzer" ]; then + echo "ERROR: Python projects can be fuzzed with libFuzzer engine only." + exit 1 + fi + if [ "$SANITIZER" != "address" ]; then + echo "ERROR: Python projects can be fuzzed with AddressSanitizer only." + exit 1 + fi + if [ "$ARCHITECTURE" != "x86_64" ]; then + echo "ERROR: Python projects can be fuzzed on x86_64 architecture only." + exit 1 + fi +fi + if [ -z "${SANITIZER_FLAGS-}" ]; then FLAGS_VAR="SANITIZER_FLAGS_${SANITIZER}" export SANITIZER_FLAGS=${!FLAGS_VAR-} @@ -90,6 +105,10 @@ echo "---------------------------------------------------------------" BUILD_CMD="bash -eux $SRC/build.sh" +if [ "$FUZZING_LANGUAGE" = "python" ]; then + cp $(find $(llvm-config --libdir) -name "libclang_rt.asan-x86_64.so") $OUT/ +fi + # We need to preserve source code files for generating a code coverage report. # We need exact files that were compiled, so copy both $SRC and $WORK dirs. COPY_SOURCES_CMD="cp -rL --parents $SRC $WORK /usr/include /usr/local/include $GOPATH $OUT" diff --git a/infra/base-images/base-runner/test_all b/infra/base-images/base-runner/test_all index d2ddea66..a4fb58cd 100755 --- a/infra/base-images/base-runner/test_all +++ b/infra/base-images/base-runner/test_all @@ -47,8 +47,10 @@ export OUT=$TMP_FUZZER_DIR # Main loop that iterates through all fuzz targets and runs the check. for FUZZER_BINARY in $(find $TMP_FUZZER_DIR -maxdepth 1 -executable -type f); do - if file "$FUZZER_BINARY" | grep -v ELF > /dev/null 2>&1; then - continue + if [ "$FUZZING_LANGUAGE" != "python" ]; then + if file "$FUZZER_BINARY" | grep -v ELF > /dev/null 2>&1; then + continue + fi fi # Continue if not a fuzz target. diff --git a/projects/ujson/build.sh b/projects/ujson/build.sh index 7a6bf52e..9717f7e4 100755 --- a/projects/ujson/build.sh +++ b/projects/ujson/build.sh @@ -15,10 +15,18 @@ # ################################################################################ -# Build and install the project package. +# Build and install project (using current CFLAGS, CXXFLAGS). pip3 install . # Build fuzzers in $OUT. for fuzzer in $(find $SRC -name '*_fuzzer.py'); do - pyinstaller --distpath $OUT --onefile $fuzzer + fuzzer_basename=$(basename -s .py $fuzzer) + fuzzer_package=${fuzzer_basename}.pkg + pyinstaller --distpath $OUT --onefile --name $fuzzer_package $fuzzer + + # Create execution wrapper. + echo "#/bin/sh +# LLVMFuzzerTestOneInput for fuzzer detection. +LD_PRELOAD=\$(dirname "\$0")/libclang_rt.asan-x86_64.so \$(dirname "\$0")/$fuzzer_package \$@" > $OUT/$fuzzer_basename + chmod u+x $OUT/$fuzzer_basename done |