tests/fuzz/oss-fuzz-build.sh

   1 #!/usr/bin/env bash
   2
   3 function in_oss_fuzz()
   4 {
   5     test -n "$FUZZING_ENGINE"
   6 }
   7
   8 echo "Running cryptsetup OSS-Fuzz build script."
   9 env
  10 set -ex
  11 PWD=$(pwd)
  12
  13 export LC_CTYPE=C.UTF-8
  14
  15 export SRC=${SRC:-$PWD/build}
  16 export OUT="${OUT:-$PWD/out}"
  17 export DEPS_PATH=$SRC/static_lib_deps
  18
  19 export PKG_CONFIG_PATH="$DEPS_PATH"/lib/pkgconfig
  20
  21 export CC=${CC:-clang}
  22 export CXX=${CXX:-clang++}
  23 export LIB_FUZZING_ENGINE="${LIB_FUZZING_ENGINE:--fsanitize=fuzzer}"
  24
  25 SANITIZER="${SANITIZER:-address -fsanitize-address-use-after-scope}"
  26 flags="-O1 -fno-omit-frame-pointer -gline-tables-only -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=$SANITIZER -fsanitize=fuzzer-no-link"
  27
  28 export CFLAGS="${CFLAGS:-$flags} -I$DEPS_PATH/include"
  29 export CXXFLAGS="${CXXFLAGS:-$flags} -I$DEPS_PATH/include"
  30 export LDFLAGS="${LDFLAGS-} -L$DEPS_PATH/lib"
  31
  32 ENABLED_FUZZERS=${ENABLED_FUZZERS:-crypt2_load_fuzz crypt2_load_ondisk_fuzz crypt2_load_proto_plain_json_fuzz}
  33
  34 mkdir -p $SRC
  35 mkdir -p $OUT
  36 mkdir -p $DEPS_PATH
  37 cd $SRC
  38
  39 LIBFUZZER_PATCH="$PWD/unpoison-mutated-buffers-from-libfuzzer.patch"
  40 in_oss_fuzz && LIBFUZZER_PATCH="$PWD/cryptsetup/tests/fuzz/unpoison-mutated-buffers-from-libfuzzer.patch"
  41
  42 in_oss_fuzz && apt-get update && apt-get install -y \
  43     make autoconf automake autopoint libtool pkg-config \
  44     sharutils gettext expect keyutils ninja-build \
  45     bison
  46
  47 [ ! -d zlib ]   && git clone --depth 1 https://github.com/madler/zlib.git
  48 [ ! -d xz ]     && git clone https://git.tukaani.org/xz.git
  49 [ ! -d json-c ] && git clone --depth 1 https://github.com/json-c/json-c.git
  50 [ ! -d lvm2 ]   && git clone --depth 1 https://sourceware.org/git/lvm2.git
  51 [ ! -d popt ]   && git clone --depth 1 https://github.com/rpm-software-management/popt.git
  52 [ ! -d libprotobuf-mutator ] && git clone --depth 1 https://github.com/google/libprotobuf-mutator.git \
  53                              && [ "$SANITIZER" == "memory" ] && ( cd libprotobuf-mutator; patch -p1 < $LIBFUZZER_PATCH )
  54 [ ! -d openssl ]    && git clone --depth 1 https://github.com/openssl/openssl
  55 [ ! -d util-linux ] && git clone --depth 1 https://github.com/util-linux/util-linux
  56 [ ! -d cryptsetup_fuzzing ] && git clone --depth 1 https://gitlab.com/cryptsetup/cryptsetup_fuzzing.git
  57
  58 cd openssl
  59 ./Configure --prefix="$DEPS_PATH" --libdir=lib no-shared no-module no-asm
  60 make build_generated
  61 make -j libcrypto.a
  62 make install_dev
  63 cd ..
  64
  65 cd util-linux
  66 ./autogen.sh
  67 ./configure --prefix="$DEPS_PATH" --enable-static --disable-shared -disable-all-programs --enable-libuuid --enable-libblkid
  68 make -j
  69 make install
  70 cd ..
  71
  72 cd zlib
  73 ./configure --prefix="$DEPS_PATH" --static
  74 make -j
  75 make install
  76 cd ..
  77
  78 cd xz
  79 ./autogen.sh --no-po4a
  80 ./configure --prefix="$DEPS_PATH" --enable-static --disable-shared
  81 make -j
  82 make install
  83 cd ..
  84
  85 cd json-c
  86 mkdir -p build
  87 rm -fr build/*
  88 cd build
  89 cmake .. -DCMAKE_INSTALL_PREFIX="$DEPS_PATH" -DBUILD_SHARED_LIBS=OFF -DBUILD_STATIC_LIBS=ON
  90 make -j
  91 make install
  92 cd ../..
  93
  94 cd lvm2
  95 ./configure --prefix="$DEPS_PATH" --enable-static_link --disable-udev_sync --enable-pkgconfig --disable-selinux
  96 make -j libdm.device-mapper
  97 # build of dmsetup.static is broken
  98 # make install_device-mapper
  99 cp ./libdm/ioctl/libdevmapper.a "$DEPS_PATH"/lib/
 100 cp ./libdm/libdevmapper.h "$DEPS_PATH"/include/
 101 cp ./libdm/libdevmapper.pc "$PKG_CONFIG_PATH"
 102 cd ..
 103
 104 cd popt
 105 # --no-undefined is incompatible with sanitizers
 106 sed -i -e 's/-Wl,--no-undefined //' src/CMakeLists.txt
 107 mkdir -p build
 108 rm -fr build/*
 109 cd build
 110 cmake .. -DCMAKE_INSTALL_PREFIX="$DEPS_PATH" -DBUILD_SHARED_LIBS=OFF
 111 make -j
 112 make install
 113 cd ../..
 114
 115 cd libprotobuf-mutator
 116 mkdir -p build
 117 rm -fr build/*
 118 cd build
 119 cmake .. -GNinja \
 120     -DCMAKE_INSTALL_PREFIX="$DEPS_PATH" \
 121     -DPKG_CONFIG_PATH="$PKG_CONFIG_PATH" \
 122     -DLIB_PROTO_MUTATOR_TESTING=OFF \
 123     -DLIB_PROTO_MUTATOR_DOWNLOAD_PROTOBUF=ON
 124 ninja
 125 ninja install
 126 cd external.protobuf;
 127 cp -Rf bin lib include "$DEPS_PATH";
 128 cd ../../..
 129
 130 if in_oss_fuzz; then
 131     mkdir -p cryptsetup/tests/fuzz/build
 132     ln -s ../../../../static_lib_deps cryptsetup/tests/fuzz/build/static_lib_deps
 133     cd cryptsetup
 134 else
 135     cd ../../..
 136 fi
 137 ./autogen.sh
 138 ./configure --enable-static --disable-asciidoc --disable-ssh-token --disable-udev --disable-selinux --with-crypto_backend=openssl --disable-shared --enable-fuzz-targets
 139 make clean
 140 make -j fuzz-targets
 141
 142 for fuzzer in $ENABLED_FUZZERS; do
 143     cp tests/fuzz/$fuzzer $OUT
 144     cp $SRC/cryptsetup_fuzzing/${fuzzer}_seed_corpus.zip $OUT
 145
 146     # optionally copy the dictionary if it exists
 147     if [ -e tests/fuzz/${fuzzer}.dict ]; then
 148         cp tests/fuzz/${fuzzer}.dict $OUT
 149     fi
 150 done
 151
 152 cd $PWD