Show More
| @@ -1,190 +1,190 | |||
|
|
1 | 1 | CC = clang |
|
|
2 | 2 | CXX = clang++ |
|
|
3 | 3 | |
|
|
4 | 4 | # By default, use our own standalone_fuzz_target_runner. |
|
|
5 | 5 | # This runner does no fuzzing, but simply executes the inputs |
|
|
6 | 6 | # provided via parameters. |
|
|
7 | 7 | # Run e.g. "make all LIB_FUZZING_ENGINE=/path/to/libFuzzer.a" |
|
|
8 | 8 | # to link the fuzzer(s) against a real fuzzing engine. |
|
|
9 | 9 | # |
|
|
10 | 10 | # OSS-Fuzz will define its own value for LIB_FUZZING_ENGINE. |
|
|
11 | 11 | LIB_FUZZING_ENGINE ?= standalone_fuzz_target_runner.o |
|
|
12 | 12 | |
|
|
13 | 13 | PYTHON_CONFIG ?= $$OUT/sanpy/bin/python-config |
|
|
14 | 14 | |
|
|
15 | 15 | CXXFLAGS += -Wno-deprecated-register |
|
|
16 | 16 | |
|
|
17 | all: bdiff mpatch xdiff | |
|
|
17 | all: standalone_fuzz_target_runner.o oss-fuzz | |
|
|
18 | 18 | |
|
|
19 | 19 | standalone_fuzz_target_runner.o: standalone_fuzz_target_runner.cc |
|
|
20 | 20 | |
|
|
21 | 21 | pyutil.o: pyutil.cc pyutil.h |
|
|
22 | 22 | $(CXX) $(CXXFLAGS) -g -O1 \ |
|
|
23 | 23 | `$(PYTHON_CONFIG) --cflags` \ |
|
|
24 | 24 | -I../../mercurial -c -o pyutil.o pyutil.cc |
|
|
25 | 25 | |
|
|
26 | 26 | bdiff.o: ../../mercurial/bdiff.c |
|
|
27 | 27 | $(CC) $(CFLAGS) -fsanitize=fuzzer-no-link,address -c -o bdiff.o \ |
|
|
28 | 28 | ../../mercurial/bdiff.c |
|
|
29 | 29 | |
|
|
30 | 30 | bdiff: bdiff.cc bdiff.o |
|
|
31 | 31 | $(CXX) $(CXXFLAGS) -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \ |
|
|
32 | 32 | -std=c++17 \ |
|
|
33 | 33 | -I../../mercurial bdiff.cc bdiff.o -o bdiff |
|
|
34 | 34 | |
|
|
35 | 35 | bdiff-oss-fuzz.o: ../../mercurial/bdiff.c |
|
|
36 | 36 | $(CC) $(CFLAGS) -c -o bdiff-oss-fuzz.o ../../mercurial/bdiff.c |
|
|
37 | 37 | |
|
|
38 | 38 | bdiff_fuzzer: bdiff.cc bdiff-oss-fuzz.o |
|
|
39 | 39 | $(CXX) $(CXXFLAGS) -std=c++17 -I../../mercurial bdiff.cc \ |
|
|
40 | 40 | bdiff-oss-fuzz.o $(LIB_FUZZING_ENGINE) -o \ |
|
|
41 | 41 | $$OUT/bdiff_fuzzer |
|
|
42 | 42 | |
|
|
43 | 43 | mpatch.o: ../../mercurial/mpatch.c |
|
|
44 | 44 | $(CC) -g -O1 -fsanitize=fuzzer-no-link,address -c -o mpatch.o \ |
|
|
45 | 45 | ../../mercurial/mpatch.c |
|
|
46 | 46 | |
|
|
47 | 47 | mpatch: CXXFLAGS += -std=c++17 |
|
|
48 | 48 | mpatch: mpatch.cc mpatch.o |
|
|
49 | 49 | $(CXX) $(CXXFLAGS) -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \ |
|
|
50 | 50 | -I../../mercurial mpatch.cc mpatch.o -o mpatch |
|
|
51 | 51 | |
|
|
52 | 52 | mpatch-oss-fuzz.o: ../../mercurial/mpatch.c |
|
|
53 | 53 | $(CC) $(CFLAGS) -c -o mpatch-oss-fuzz.o ../../mercurial/mpatch.c |
|
|
54 | 54 | |
|
|
55 | 55 | mpatch_fuzzer: mpatch.cc mpatch-oss-fuzz.o |
|
|
56 | 56 | $(CXX) $(CXXFLAGS) -std=c++17 -I../../mercurial mpatch.cc \ |
|
|
57 | 57 | mpatch-oss-fuzz.o $(LIB_FUZZING_ENGINE) -o \ |
|
|
58 | 58 | $$OUT/mpatch_fuzzer |
|
|
59 | 59 | |
|
|
60 | 60 | mpatch_corpus.zip: |
|
|
61 | 61 | python mpatch_corpus.py $$OUT/mpatch_fuzzer_seed_corpus.zip |
|
|
62 | 62 | |
|
|
63 | 63 | x%.o: ../../mercurial/thirdparty/xdiff/x%.c ../../mercurial/thirdparty/xdiff/*.h |
|
|
64 | 64 | $(CC) -g -O1 -fsanitize=fuzzer-no-link,address -c \ |
|
|
65 | 65 | -o $@ \ |
|
|
66 | 66 | $< |
|
|
67 | 67 | |
|
|
68 | 68 | xdiff: CXXFLAGS += -std=c++17 |
|
|
69 | 69 | xdiff: xdiff.cc xdiffi.o xprepare.o xutils.o |
|
|
70 | 70 | $(CXX) $(CXXFLAGS) -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \ |
|
|
71 | 71 | -I../../mercurial xdiff.cc \ |
|
|
72 | 72 | xdiffi.o xprepare.o xutils.o -o xdiff |
|
|
73 | 73 | |
|
|
74 | 74 | fuzz-x%.o: ../../mercurial/thirdparty/xdiff/x%.c ../../mercurial/thirdparty/xdiff/*.h |
|
|
75 | 75 | $(CC) $(CFLAGS) -c \ |
|
|
76 | 76 | -o $@ \ |
|
|
77 | 77 | $< |
|
|
78 | 78 | |
|
|
79 | 79 | xdiff_fuzzer: xdiff.cc fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o |
|
|
80 | 80 | $(CXX) $(CXXFLAGS) -std=c++17 -I../../mercurial xdiff.cc \ |
|
|
81 | 81 | fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o \ |
|
|
82 | 82 | $(LIB_FUZZING_ENGINE) -o $$OUT/xdiff_fuzzer |
|
|
83 | 83 | |
|
|
84 | 84 | manifest.o: ../../mercurial/cext/manifest.c |
|
|
85 | 85 | $(CC) $(CFLAGS) `$(PYTHON_CONFIG) --cflags` \ |
|
|
86 | 86 | -I../../mercurial \ |
|
|
87 | 87 | -c -o manifest.o ../../mercurial/cext/manifest.c |
|
|
88 | 88 | |
|
|
89 | 89 | charencode.o: ../../mercurial/cext/charencode.c |
|
|
90 | 90 | $(CC) $(CFLAGS) `$(PYTHON_CONFIG) --cflags` \ |
|
|
91 | 91 | -I../../mercurial \ |
|
|
92 | 92 | -c -o charencode.o ../../mercurial/cext/charencode.c |
|
|
93 | 93 | |
|
|
94 | 94 | parsers.o: ../../mercurial/cext/parsers.c |
|
|
95 | 95 | $(CC) $(CFLAGS) `$(PYTHON_CONFIG) --cflags` \ |
|
|
96 | 96 | -I../../mercurial \ |
|
|
97 | 97 | -c -o parsers.o ../../mercurial/cext/parsers.c |
|
|
98 | 98 | |
|
|
99 | 99 | dirs.o: ../../mercurial/cext/dirs.c |
|
|
100 | 100 | $(CC) $(CFLAGS) `$(PYTHON_CONFIG) --cflags` \ |
|
|
101 | 101 | -I../../mercurial \ |
|
|
102 | 102 | -c -o dirs.o ../../mercurial/cext/dirs.c |
|
|
103 | 103 | |
|
|
104 | 104 | pathencode.o: ../../mercurial/cext/pathencode.c |
|
|
105 | 105 | $(CC) $(CFLAGS) `$(PYTHON_CONFIG) --cflags` \ |
|
|
106 | 106 | -I../../mercurial \ |
|
|
107 | 107 | -c -o pathencode.o ../../mercurial/cext/pathencode.c |
|
|
108 | 108 | |
|
|
109 | 109 | revlog.o: ../../mercurial/cext/revlog.c |
|
|
110 | 110 | $(CC) $(CFLAGS) `$(PYTHON_CONFIG) --cflags` \ |
|
|
111 | 111 | -I../../mercurial \ |
|
|
112 | 112 | -c -o revlog.o ../../mercurial/cext/revlog.c |
|
|
113 | 113 | |
|
|
114 | 114 | dirs_fuzzer: dirs.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o |
|
|
115 | 115 | $(CXX) $(CXXFLAGS) `$(PYTHON_CONFIG) --cflags` \ |
|
|
116 | 116 | -Wno-register -Wno-macro-redefined \ |
|
|
117 | 117 | -I../../mercurial dirs.cc \ |
|
|
118 | 118 | manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o \ |
|
|
119 | 119 | $(LIB_FUZZING_ENGINE) `$(PYTHON_CONFIG) --ldflags` \ |
|
|
120 | 120 | -o $$OUT/dirs_fuzzer |
|
|
121 | 121 | |
|
|
122 | 122 | fncache_fuzzer: fncache.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o |
|
|
123 | 123 | $(CXX) $(CXXFLAGS) `$(PYTHON_CONFIG) --cflags` \ |
|
|
124 | 124 | -Wno-register -Wno-macro-redefined \ |
|
|
125 | 125 | -I../../mercurial fncache.cc \ |
|
|
126 | 126 | manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o \ |
|
|
127 | 127 | $(LIB_FUZZING_ENGINE) `$(PYTHON_CONFIG) --ldflags` \ |
|
|
128 | 128 | -o $$OUT/fncache_fuzzer |
|
|
129 | 129 | |
|
|
130 | 130 | jsonescapeu8fast_fuzzer: jsonescapeu8fast.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o |
|
|
131 | 131 | $(CXX) $(CXXFLAGS) `$(PYTHON_CONFIG) --cflags` \ |
|
|
132 | 132 | -Wno-register -Wno-macro-redefined \ |
|
|
133 | 133 | -I../../mercurial jsonescapeu8fast.cc \ |
|
|
134 | 134 | manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o \ |
|
|
135 | 135 | $(LIB_FUZZING_ENGINE) `$(PYTHON_CONFIG) --ldflags` \ |
|
|
136 | 136 | -o $$OUT/jsonescapeu8fast_fuzzer |
|
|
137 | 137 | |
|
|
138 | 138 | manifest_corpus.zip: |
|
|
139 | 139 | python manifest_corpus.py $$OUT/manifest_fuzzer_seed_corpus.zip |
|
|
140 | 140 | |
|
|
141 | 141 | manifest_fuzzer: manifest.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o |
|
|
142 | 142 | $(CXX) $(CXXFLAGS) `$(PYTHON_CONFIG) --cflags` \ |
|
|
143 | 143 | -Wno-register -Wno-macro-redefined \ |
|
|
144 | 144 | -I../../mercurial manifest.cc \ |
|
|
145 | 145 | manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o \ |
|
|
146 | 146 | $(LIB_FUZZING_ENGINE) `$(PYTHON_CONFIG) --ldflags` \ |
|
|
147 | 147 | -o $$OUT/manifest_fuzzer |
|
|
148 | 148 | |
|
|
149 | 149 | revlog_fuzzer: revlog.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o |
|
|
150 | 150 | $(CXX) $(CXXFLAGS) `$(PYTHON_CONFIG) --cflags` \ |
|
|
151 | 151 | -Wno-register -Wno-macro-redefined \ |
|
|
152 | 152 | -I../../mercurial revlog.cc \ |
|
|
153 | 153 | manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o \ |
|
|
154 | 154 | $(LIB_FUZZING_ENGINE) `$(PYTHON_CONFIG) --ldflags` \ |
|
|
155 | 155 | -o $$OUT/revlog_fuzzer |
|
|
156 | 156 | |
|
|
157 | 157 | revlog_corpus.zip: |
|
|
158 | 158 | python revlog_corpus.py $$OUT/revlog_fuzzer_seed_corpus.zip |
|
|
159 | 159 | |
|
|
160 | 160 | dirstate_fuzzer: dirstate.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o |
|
|
161 | 161 | $(CXX) $(CXXFLAGS) `$(PYTHON_CONFIG) --cflags` \ |
|
|
162 | 162 | -Wno-register -Wno-macro-redefined \ |
|
|
163 | 163 | -I../../mercurial dirstate.cc \ |
|
|
164 | 164 | manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o \ |
|
|
165 | 165 | $(LIB_FUZZING_ENGINE) `$(PYTHON_CONFIG) --ldflags` \ |
|
|
166 | 166 | -o $$OUT/dirstate_fuzzer |
|
|
167 | 167 | |
|
|
168 | 168 | dirstate_corpus.zip: |
|
|
169 | 169 | python dirstate_corpus.py $$OUT/dirstate_fuzzer_seed_corpus.zip |
|
|
170 | 170 | |
|
|
171 | 171 | fm1readmarkers_fuzzer: fm1readmarkers.cc manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o |
|
|
172 | 172 | $(CXX) $(CXXFLAGS) `$(PYTHON_CONFIG) --cflags` \ |
|
|
173 | 173 | -Wno-register -Wno-macro-redefined \ |
|
|
174 | 174 | -I../../mercurial fm1readmarkers.cc \ |
|
|
175 | 175 | manifest.o charencode.o parsers.o dirs.o pathencode.o revlog.o pyutil.o \ |
|
|
176 | 176 | $(LIB_FUZZING_ENGINE) `$(PYTHON_CONFIG) --ldflags` \ |
|
|
177 | 177 | -o $$OUT/fm1readmarkers_fuzzer |
|
|
178 | 178 | |
|
|
179 | 179 | fm1readmarkers_corpus.zip: |
|
|
180 | 180 | python fm1readmarkers_corpus.py $$OUT/fm1readmarkers_fuzzer_seed_corpus.zip |
|
|
181 | 181 | |
|
|
182 | 182 | clean: |
|
|
183 | 183 | $(RM) *.o *_fuzzer \ |
|
|
184 | 184 | bdiff \ |
|
|
185 | 185 | mpatch \ |
|
|
186 | 186 | xdiff |
|
|
187 | 187 | |
|
|
188 | 188 | oss-fuzz: bdiff_fuzzer mpatch_fuzzer mpatch_corpus.zip xdiff_fuzzer dirs_fuzzer fncache_fuzzer jsonescapeu8fast_fuzzer manifest_fuzzer manifest_corpus.zip revlog_fuzzer revlog_corpus.zip dirstate_fuzzer dirstate_corpus.zip fm1readmarkers_fuzzer fm1readmarkers_corpus.zip |
|
|
189 | 189 | |
|
|
190 | 190 | .PHONY: all clean oss-fuzz |
| @@ -1,46 +1,64 | |||
|
|
1 | 1 | #require test-repo |
|
|
2 | 2 | |
|
|
3 | 3 | $ cd $TESTDIR/../contrib/fuzz |
|
|
4 | $ OUT=$TESTTMP ; export OUT | |
|
|
4 | 5 | |
|
|
5 | 6 | which(1) could exit nonzero, but that's fine because we'll still end |
|
|
6 | 7 | up without a valid executable, so we don't need to check $? here. |
|
|
7 | 8 | |
|
|
8 | 9 | $ if which gmake >/dev/null 2>&1; then |
|
|
9 | 10 | > MAKE=gmake |
|
|
10 | 11 | > else |
|
|
11 | 12 | > MAKE=make |
|
|
12 | 13 | > fi |
|
|
13 | 14 | |
|
|
14 | 15 | $ havefuzz() { |
|
|
15 | 16 | > cat > $TESTTMP/dummy.cc <<EOF |
|
|
16 | 17 | > #include <stdlib.h> |
|
|
17 | 18 | > #include <stdint.h> |
|
|
18 | 19 | > int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { return 0; } |
|
|
19 | 20 | > int main(int argc, char **argv) { |
|
|
20 | 21 | > const char data[] = "asdf"; |
|
|
21 | 22 | > return LLVMFuzzerTestOneInput((const uint8_t *)data, 4); |
|
|
22 | 23 | > } |
|
|
23 | 24 | > EOF |
|
|
24 | 25 | > $CXX $TESTTMP/dummy.cc -o $TESTTMP/dummy \ |
|
|
25 | 26 | > -fsanitize=fuzzer-no-link,address || return 1 |
|
|
26 | 27 | > } |
|
|
27 | 28 | |
|
|
28 | 29 | #if clang-libfuzzer |
|
|
29 | 30 | $ CXX=clang++ havefuzz || exit 80 |
|
|
30 | $ $MAKE -s clean all | |
|
|
31 | $ $MAKE -s clean all PYTHON_CONFIG=`which python-config` | |
|
|
31 | 32 | #endif |
|
|
32 | 33 | #if no-clang-libfuzzer clang-6.0 |
|
|
33 | 34 | $ CXX=clang++-6.0 havefuzz || exit 80 |
|
|
34 | $ $MAKE -s clean all CC=clang-6.0 CXX=clang++-6.0 | |
|
|
35 | $ $MAKE -s clean all CC=clang-6.0 CXX=clang++-6.0 PYTHON_CONFIG=`which python-config` | |
|
|
35 | 36 | #endif |
|
|
36 | 37 | #if no-clang-libfuzzer no-clang-6.0 |
|
|
37 | 38 | $ exit 80 |
|
|
38 | 39 | #endif |
|
|
39 | 40 | |
|
|
40 | Just run the fuzzers for five seconds each to verify it works at all. | |
|
|
41 | $ ./bdiff -max_total_time 5 | |
|
|
42 | $ ./mpatch -max_total_time 5 | |
|
|
43 | $ ./xdiff -max_total_time 5 | |
|
|
41 | $ cd $TESTTMP | |
|
|
42 | ||
|
|
43 | Run each fuzzer using dummy.cc as a fake input, to make sure it runs | |
|
|
44 | at all. In the future we should instead unpack the corpus for each | |
|
|
45 | fuzzer and use that instead. | |
|
|
46 | ||
|
|
47 | $ for fuzzer in `ls *_fuzzer | sort` ; do | |
|
|
48 | > echo run $fuzzer... | |
|
|
49 | > ./$fuzzer dummy.cc > /dev/null 2>&1 | |
|
|
50 | > done | |
|
|
51 | run bdiff_fuzzer... | |
|
|
52 | run dirs_fuzzer... | |
|
|
53 | run dirstate_fuzzer... | |
|
|
54 | run fm1readmarkers_fuzzer... | |
|
|
55 | run fncache_fuzzer... | |
|
|
56 | run jsonescapeu8fast_fuzzer... | |
|
|
57 | run manifest_fuzzer... | |
|
|
58 | run mpatch_fuzzer... | |
|
|
59 | run revlog_fuzzer... | |
|
|
60 | run xdiff_fuzzer... | |
|
|
44 | 61 | |
|
|
45 | 62 | Clean up. |
|
|
63 | $ cd $TESTDIR/../contrib/fuzz | |
|
|
46 | 64 | $ $MAKE -s clean |
General Comments 0
You need to be logged in to leave comments.
Login now