[mirror_lxc.git] / src / tests / oss-fuzz.sh

#!/bin/bash

set -ex

export LC_CTYPE=C.UTF-8

export CC=${CC:-clang}
export CXX=${CXX:-clang++}
clang_version="$($CC --version | sed -nr 's/.*version ([^ ]+?) .*/\1/p' | sed -r 's/-$//')"

SANITIZER=${SANITIZER:-address -fsanitize-address-use-after-scope}
flags="-O1 -fno-omit-frame-pointer -g -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=$SANITIZER"

clang_lib="/usr/lib64/clang/${clang_version}/lib/linux"
[ -d "$clang_lib" ] || clang_lib="/usr/lib/clang/${clang_version}/lib/linux"

export CFLAGS=${CFLAGS:-$flags}
export CXXFLAGS=${CXXFLAGS:-$flags}
export LDFLAGS=${LDFLAGS:--L${clang_lib}}

export OUT=${OUT:-$(pwd)/out}
mkdir -p $OUT

apt-get update -qq
apt-get install --yes --no-install-recommends \
    build-essential docbook2x doxygen git \
    wget xz-utils systemd-coredump pkgconf
apt-get remove --yes lxc-utils liblxc-common liblxc1 liblxc-dev

# make sure we have a new enough meson version
pip3 install meson ninja

# Sanitized build
meson setup san_build \
	-Dprefix=/usr \
	-Db_lundef=false \
	-Dtests=false \
	-Dpam-cgroup=false \
	-Dwerror=true \
	-Dtools=false \
	-Dcommands=false \
	-Dcapabilities=false \
	-Dapparmor=false \
	-Dopenssl=false \
	-Dselinux=false \
	-Dseccomp=false \
	-Db_lto=false \
	-Db_pie=false \
	-Dthread-safety=false \
	-Doss-fuzz=true
ninja -C san_build -v

for fuzz_target_source in src/tests/fuzz-lxc*.c; do
    fuzz_target_name=$(basename "$fuzz_target_source" ".c")
    cp "san_build/src/tests/$fuzz_target_name" "$OUT"
done

perl -lne 'if (/config_jump_table\[\]\s*=/../^}/) { /"([^"]+)"/ && print "$1=" }' src/lxc/confile.c >san_build/doc/examples/keys.conf
[[ -s san_build/doc/examples/keys.conf ]]

perl -lne 'if (/config_jump_table_net\[\]\s*=/../^}/) { /"([^"]+)"/ && print "lxc.net.$1=" }' src/lxc/confile.c >san_build/doc/examples/lxc-net-keys.conf
[[ -s san_build/doc/examples/lxc-net-keys.conf ]]

zip -r $OUT/fuzz-lxc-config-read_seed_corpus.zip san_build/doc/examples

mkdir fuzz-lxc-define-load_seed_corpus
perl -lne '/([^=]+)/ && print "printf $1= >fuzz-lxc-define-load_seed_corpus/$1"' san_build/doc/examples/{keys,lxc-net-keys}.conf | bash
zip -r $OUT/fuzz-lxc-define-load_seed_corpus.zip fuzz-lxc-define-load_seed_corpus
Commit	Line	Data
dec64820 EV	1	#!/bin/bash
	2
	3	set -ex
	4
3952fb45	5	export LC_CTYPE=C.UTF-8
745d6048	6
dec64820	7	export CC=${CC:-clang}
dec64820	8	export CXX=${CXX:-clang++}
3952fb45 CB	9	clang_version="$($CC --version \| sed -nr 's/.version ([^ ]+?) ./\1/p' \| sed -r 's/-$//')"
	10
	11	SANITIZER=${SANITIZER:-address -fsanitize-address-use-after-scope}
	12	flags="-O1 -fno-omit-frame-pointer -g -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=$SANITIZER"
	13
	14	clang_lib="/usr/lib64/clang/${clang_version}/lib/linux"
	15	[ -d "$clang_lib" ] \|\| clang_lib="/usr/lib/clang/${clang_version}/lib/linux"
	16
	17	export CFLAGS=${CFLAGS:-$flags}
	18	export CXXFLAGS=${CXXFLAGS:-$flags}
	19	export LDFLAGS=${LDFLAGS:--L${clang_lib}}
dec64820 EV	20
	21	export OUT=${OUT:-$(pwd)/out}
	22	mkdir -p $OUT
	23
0196c4df CB	24	apt-get update -qq
	25	apt-get install --yes --no-install-recommends \
	26	build-essential docbook2x doxygen git \
	27	wget xz-utils systemd-coredump pkgconf
	28	apt-get remove --yes lxc-utils liblxc-common liblxc1 liblxc-dev
	29
	30	# make sure we have a new enough meson version
	31	pip3 install meson ninja
	32
b8b31ab3 CB	33	# Sanitized build
	34	meson setup san_build \
	35	-Dprefix=/usr \
	36	-Db_lundef=false \
9fec9fef	37	-Dtests=false \
b8b31ab3 CB	38	-Dpam-cgroup=false \
	39	-Dwerror=true \
	40	-Dtools=false \
	41	-Dcommands=false \
	42	-Dcapabilities=false \
	43	-Dapparmor=false \
	44	-Dopenssl=false \
	45	-Dselinux=false \
cfa85da6 CB	46	-Dseccomp=false \
	47	-Db_lto=false \
	48	-Db_pie=false \
0c4549a3	49	-Dthread-safety=false \
cfa85da6 CB	50	-Doss-fuzz=true
cfa85da6 CB	51	ninja -C san_build -v
dec64820	52
e8694d9a EV	53	for fuzz_target_source in src/tests/fuzz-lxc*.c; do
e8694d9a EV	54	fuzz_target_name=$(basename "$fuzz_target_source" ".c")
8f7ba7c8	55	cp "san_build/src/tests/$fuzz_target_name" "$OUT"
e8694d9a	56	done
dec64820	57
8f7ba7c8 CB	58	perl -lne 'if (/config_jump_table\[\]\s*=/../^}/) { /"([^"]+)"/ && print "$1=" }' src/lxc/confile.c >san_build/doc/examples/keys.conf
8f7ba7c8 CB	59	[[ -s san_build/doc/examples/keys.conf ]]
593f13bf	60
8f7ba7c8 CB	61	perl -lne 'if (/config_jump_table_net\[\]\s*=/../^}/) { /"([^"]+)"/ && print "lxc.net.$1=" }' src/lxc/confile.c >san_build/doc/examples/lxc-net-keys.conf
8f7ba7c8 CB	62	[[ -s san_build/doc/examples/lxc-net-keys.conf ]]
593f13bf	63
8f7ba7c8	64	zip -r $OUT/fuzz-lxc-config-read_seed_corpus.zip san_build/doc/examples
e8694d9a EV	65
e8694d9a EV	66	mkdir fuzz-lxc-define-load_seed_corpus
8f7ba7c8	67	perl -lne '/([^=]+)/ && print "printf $1= >fuzz-lxc-define-load_seed_corpus/$1"' san_build/doc/examples/{keys,lxc-net-keys}.conf \| bash
e8694d9a	68	zip -r $OUT/fuzz-lxc-define-load_seed_corpus.zip fuzz-lxc-define-load_seed_corpus