diff --git a/.clusterfuzzlite/build.sh b/.clusterfuzzlite/build.sh index 0a1662bfd8..7f0ac71752 100755 --- a/.clusterfuzzlite/build.sh +++ b/.clusterfuzzlite/build.sh @@ -1,6 +1,9 @@ -#!/bin/bash -eu +#!/bin/bash -# https://reports.kea.isc.org/new-fuzzer.html +# SC2156 (warning): Injecting filenames is fragile and insecure. Use parameters. +# shellcheck disable=SC2156 + +set -eu script_path="$(dirname "$(readlink -f "${0}")")" cd "${script_path}/.." @@ -13,43 +16,43 @@ install_kea() { export PATH="/usr/lib/ccache:$PATH" export KEA_BUILD_DIR="${KEA_BUILD_DIR-/builds/isc-projects/kea}" - cxxflags= - autoreconf -i - if test "${SANITIZER}" = 'none'; then - cxxflags="${cxxflags} -fno-sanitize=all" - enable_fuzzing='--enable-fuzzing' - else - cxxflags="${cxxflags} -fsanitize=${SANITIZER}" - enable_fuzzing='--enable-fuzzing=ci' - fi + cxxflags='-gdwarf-4' + export CXX='g++' export CXXFLAGS="${cxxflags}" - export LDFLAGS='-L/usr/lib/gcc/x86_64-linux-gnu/9 -lstdc++fs' - if ! ./configure --enable-boost-headers-only --prefix='/opt/kea' "${enable_fuzzing}" --with-gtest=/usr/src/googletest/googletest; then - printf './configure failed. Here is config.log:\n' - cat config.log + export LDFLAGS="${cxxflags}" + if ! meson setup build --prefix "${OUT}" -D b_lundef=false -D "b_sanitize=${SANITIZER}" -D fuzz=enabled -D tests=enabled; then + printf 'meson setup failed. Here is meson-log.txt:\n' + cat build/meson-logs/meson-log.txt return 1 fi - make -j "$(nproc)" - make install + meson compile -C build + meson install -C build + + echo "${OUT}/lib" | sudo tee /etc/ld.so.conf.d/kea.conf + echo "${OUT}/lib/x86_64-linux-gnu" | sudo tee /etc/ld.so.conf.d/kea.conf + ldconfig + sudo ldconfig # Copy internal libraries. - # SC2156 (warning): Injecting filenames is fragile and insecure. Use parameters. - # shellcheck disable=SC2156 - find "/opt/kea/lib" -mindepth 1 -maxdepth 1 -not -type d -exec sh -c "cp {} ${KEA_BUILD_DIR}" ';' + find "${OUT}/lib/" -name 'libkea-*.so*' + find "${OUT}/lib/" -name 'libkea-*.so*' -exec sh -c "cp {} ${KEA_BUILD_DIR}" ';' + find "${OUT}/lib/" -name 'libkea-*.so*' -exec sh -c "cp {} ${OUT}" ';' + find "${OUT}/lib/" -name 'libkea-*.so*' -exec sh -c "cp {} /lib/x86_64-linux-gnu/" ';' # Copy the binaries. for fuzzer in fuzz_config_kea_dhcp4 fuzz_http_endpoint_kea_dhcp4 fuzz_packets_kea_dhcp4 fuzz_unix_socket_kea_dhcp4 \ fuzz_config_kea_dhcp6 fuzz_http_endpoint_kea_dhcp6 fuzz_packets_kea_dhcp6 fuzz_unix_socket_kea_dhcp6 \ ; do - cp "/opt/kea/sbin/${fuzzer}" "${OUT}/${fuzzer}" - # copy all required libraries - echo "ldd ${OUT}/${fuzzer}: " + cp "${OUT}/sbin/${fuzzer}" "${OUT}/${fuzzer}" + + # Display some information for debugging. ldd "${OUT}/${fuzzer}" - EXTENDED_PATH=$(readelf -d "${OUT}/${fuzzer}" | grep 'R.*PATH' | cut -d '[' -f 2 | cut -d ']' -f 1) - patchelf --set-rpath "/usr/lib/x86_64-linux-gnu:/lib/x86_64-linux-gnu:${EXTENDED_PATH}" "${OUT}/${fuzzer}" - readelf -d "${OUT}/${fuzzer}" | grep 'R.*PATH' || true + readelf -d "${OUT}/${fuzzer}" | grep -Ei 'R.*PATH' || true + + # Copy all required libraries, although we want to specifically target external libraries. for i in $(ldd "${OUT}/${fuzzer}" | cut -f 2 | cut -d ' ' -f 3); do cp "${i}" "${KEA_BUILD_DIR}" + cp "${i}" "${OUT}" done done } diff --git a/compiler-checks/fuzzing-with-clusterfuzzlite.cc b/compiler-checks/fuzzing-with-clusterfuzzlite.cc index 6346e2d268..1d2c068595 100644 --- a/compiler-checks/fuzzing-with-clusterfuzzlite.cc +++ b/compiler-checks/fuzzing-with-clusterfuzzlite.cc @@ -1,3 +1,9 @@ +#include + int main() { - return 1; + if (getenv("CIFUZZ") && getenv("FUZZING_ENGINE") && getenv("FUZZING_LANGUAGE")) { + return 0; + } else { + return 1; + } } diff --git a/fuzz/meson.build b/fuzz/meson.build index 62d388eb9e..fa6c491cae 100644 --- a/fuzz/meson.build +++ b/fuzz/meson.build @@ -49,16 +49,11 @@ install_input = configure_file( ) meson.add_install_script(install_input) -fuzz_sources = ['fuzz.cc', 'fuzz.h'] +fuzz_sources = ['fuzz.cc', 'fuzz.h', 'main.cc'] cpp_flags = [ f'-DKEA_LFC_INSTALLATION="@KEA_LFC_INSTALLED@"', f'-DKEA_LFC_SOURCES="@KEA_LFC_BUILT@"', ] -if FUZZING_WITH_CLUSTERFUZZLITE - cpp_flags += ['-fsanitize=fuzzer', '-gdwarf-4'] -else - fuzz_sources += ['main.cc'] -endif includes = [include_directories('.')] + INCLUDES diff --git a/meson.build b/meson.build index b9ce5a019f..894244ce44 100644 --- a/meson.build +++ b/meson.build @@ -460,7 +460,6 @@ if MYSQL_DEP.found() conf_data.set('HAVE_MYSQL_GET_OPTION', result.returncode() == 0) endif -# TODO: implement when integrating with CI result = cpp.run( fs.read('compiler-checks/fuzzing-with-clusterfuzzlite.cc'), name: 'FUZZING_WITH_CLUSTERFUZZLITE',