From d59421ca8e0cdcd489de01d172c6f40abda51181 Mon Sep 17 00:00:00 2001 From: wren romano Date: Mon, 12 Sep 2016 12:55:23 -0700 Subject: [PATCH 1/4] docs/new_library.md: DRYing the commands for making new library directories --- docs/new_library.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/new_library.md b/docs/new_library.md index cbb34d61864a..f1fada76c902 100644 --- a/docs/new_library.md +++ b/docs/new_library.md @@ -23,8 +23,8 @@ To create a new directory for a library: ```bash $ cd /path/to/oss-fuzz/checkout -$ python scripts/helper.py generate name_of_the_library $ export LIB_NAME=name_of_the_library +$ python scripts/helper.py generate $LIB_NAME ``` This script automatically creates these 3 files for you to fill in. From 8048f473aa7159d9732b7eda6edbfbd40b5f0ecb Mon Sep 17 00:00:00 2001 From: wren romano Date: Mon, 12 Sep 2016 12:56:19 -0700 Subject: [PATCH 2/4] adding re2 --- re2/Dockerfile | 21 ++++++++++++ re2/Jenkinsfile | 23 +++++++++++++ re2/build.sh | 51 +++++++++++++++++++++++++++ re2/re2.options | 2 ++ re2/re2_fuzzer.cc | 87 +++++++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 184 insertions(+) create mode 100644 re2/Dockerfile create mode 100644 re2/Jenkinsfile create mode 100755 re2/build.sh create mode 100644 re2/re2.options create mode 100644 re2/re2_fuzzer.cc diff --git a/re2/Dockerfile b/re2/Dockerfile new file mode 100644 index 000000000000..291762acac5a --- /dev/null +++ b/re2/Dockerfile @@ -0,0 +1,21 @@ +# Copyright 2016 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM ossfuzz/base-libfuzzer +MAINTAINER wrengr@chromium.org +RUN apt-get install -y make autoconf automake libtool + +CMD /src/oss-fuzz/re2/build.sh diff --git a/re2/Jenkinsfile b/re2/Jenkinsfile new file mode 100644 index 000000000000..689fab06f806 --- /dev/null +++ b/re2/Jenkinsfile @@ -0,0 +1,23 @@ +// Copyright 2016 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +def libfuzzerBuild = fileLoader.fromGit('infra/libfuzzer-pipeline.groovy', + 'https://github.com/google/oss-fuzz.git', + 'master', null, '') + +libfuzzerBuild { + git = "https://code.googlesource.com/re2" +} diff --git a/re2/build.sh b/re2/build.sh new file mode 100755 index 000000000000..535c11ac4dd3 --- /dev/null +++ b/re2/build.sh @@ -0,0 +1,51 @@ +#!/bin/bash -eu +# Copyright 2016 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +cd /src/re2 + +function _start() { echo -e "\n\033[1;33m➜\033[0m \033[1m$*\033[0m"; } +function _success() { echo -e "\033[1;32m✔\033[0m \033[1m$*\033[0m"; } +function _failure() { echo -e "\n\033[1;31m✖\033[0m \033[1m$*\033[0m"; } + +function _try() { + _start "$*" + $@ + if [ $? -eq 0 ]; then + _success "$*" + else + _failure "$*" + exit $? + fi +} + +# Build the re2 library. +_try make clean +# We don't make everything, since one of the targets doesn't use $CXXFLAGS +# properly, which causes problems compiling. This target is all we really +# need for our fuzzer. +_try make obj/libre2.a +# TODO(wrengr): the test target has the same issue as the all target did. +_try make test +_try make install +_try make testinstall + + +# Build our fuzzers +_try $CXX $CXXFLAGS -std=c++11 -I. \ + /src/oss-fuzz/re2/re2_fuzzer.cc -o /out/re2_fuzzer \ + /work/libfuzzer/*.o ./obj/libre2.a $LDFLAGS + diff --git a/re2/re2.options b/re2/re2.options new file mode 100644 index 000000000000..ea2785e1104a --- /dev/null +++ b/re2/re2.options @@ -0,0 +1,2 @@ +[libfuzzer] +max_len = 32 diff --git a/re2/re2_fuzzer.cc b/re2/re2_fuzzer.cc new file mode 100644 index 000000000000..9c16462a24d8 --- /dev/null +++ b/re2/re2_fuzzer.cc @@ -0,0 +1,87 @@ +// Copyright (c) 2016 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include +#include + +#include + +#include "re2/re2.h" +#include "util/logging.h" + +using std::string; + +void Test(const string& buffer, const string& pattern, + const RE2::Options& options) { + RE2 re(pattern, options); + if (!re.ok()) + return; + + string m1, m2; + int i1, i2; + double d1; + + if (re.NumberOfCapturingGroups() == 0) { + RE2::FullMatch(buffer, re); + RE2::PartialMatch(buffer, re); + } else if (re.NumberOfCapturingGroups() == 1) { + RE2::FullMatch(buffer, re, &m1); + RE2::PartialMatch(buffer, re, &i1); + } else if (re.NumberOfCapturingGroups() == 2) { + RE2::FullMatch(buffer, re, &i1, &i2); + RE2::PartialMatch(buffer, re, &m1, &m2); + } + + re2::StringPiece input(buffer); + RE2::Consume(&input, re, &m1); + RE2::FindAndConsume(&input, re, &d1); + string tmp1(buffer); + RE2::Replace(&tmp1, re, "zz"); + string tmp2(buffer); + RE2::GlobalReplace(&tmp2, re, "xx"); + RE2::QuoteMeta(re2::StringPiece(pattern)); +} + +// Entry point for LibFuzzer. +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + if (size < 1) + return 0; + + RE2::Options options; + + size_t options_randomizer = 0; + for (size_t i = 0; i < size; i++) + options_randomizer += data[i]; + + if (options_randomizer & 1) + options.set_encoding(RE2::Options::EncodingLatin1); + + options.set_posix_syntax(options_randomizer & 2); + options.set_longest_match(options_randomizer & 4); + options.set_literal(options_randomizer & 8); + options.set_never_nl(options_randomizer & 16); + options.set_dot_nl(options_randomizer & 32); + options.set_never_capture(options_randomizer & 64); + options.set_case_sensitive(options_randomizer & 128); + options.set_perl_classes(options_randomizer & 256); + options.set_word_boundary(options_randomizer & 512); + options.set_one_line(options_randomizer & 1024); + + options.set_log_errors(false); + + const char* data_input = reinterpret_cast(data); + { + string pattern(data_input, size); + string buffer(data_input, size); + Test(buffer, pattern, options); + } + + if (size >= 3) { + string pattern(data_input, size / 3); + string buffer(data_input + size / 3, size - size / 3); + Test(buffer, pattern, options); + } + + return 0; +} From 2f883db78d4f33862767ee8d79fa6e525c598da9 Mon Sep 17 00:00:00 2001 From: wren romano Date: Mon, 12 Sep 2016 13:20:18 -0700 Subject: [PATCH 3/4] re2/build.sh: got things working despide CXXFLAGS issues --- re2/build.sh | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/re2/build.sh b/re2/build.sh index 535c11ac4dd3..ac79ca5bc308 100755 --- a/re2/build.sh +++ b/re2/build.sh @@ -32,19 +32,20 @@ function _try() { fi } -# Build the re2 library. + +# First, build the re2 library. +# N.B., we don't follow the standard incantation for building re2 +# (i.e., `make && make test && make install && make testinstall`), +# because some of the targets doesn't use $CXXFLAGS properly, which +# causes compilation to fail. The obj/libre2.a target is all we +# really need for our fuzzer, so that's all we build. Hopefully +# this won't cause the fuzzer to fail erroneously due to not running +# upstream's tests first to be sure things compiled correctly. _try make clean -# We don't make everything, since one of the targets doesn't use $CXXFLAGS -# properly, which causes problems compiling. This target is all we really -# need for our fuzzer. _try make obj/libre2.a -# TODO(wrengr): the test target has the same issue as the all target did. -_try make test -_try make install -_try make testinstall -# Build our fuzzers +# Second, build our fuzzers. _try $CXX $CXXFLAGS -std=c++11 -I. \ /src/oss-fuzz/re2/re2_fuzzer.cc -o /out/re2_fuzzer \ /work/libfuzzer/*.o ./obj/libre2.a $LDFLAGS From 4eb74efebc86c2e06aab43e261062fb0f861b20c Mon Sep 17 00:00:00 2001 From: wren romano Date: Mon, 12 Sep 2016 13:21:33 -0700 Subject: [PATCH 4/4] re2/build.sh: removed debugging output stuff We may want to reintroduce it to make the build process prettier and easier to debug; but we should do it for all the libraries we're fuzzing, not just this one. --- re2/build.sh | 22 +++------------------- 1 file changed, 3 insertions(+), 19 deletions(-) diff --git a/re2/build.sh b/re2/build.sh index ac79ca5bc308..27bc60799d7d 100755 --- a/re2/build.sh +++ b/re2/build.sh @@ -17,22 +17,6 @@ cd /src/re2 -function _start() { echo -e "\n\033[1;33m➜\033[0m \033[1m$*\033[0m"; } -function _success() { echo -e "\033[1;32m✔\033[0m \033[1m$*\033[0m"; } -function _failure() { echo -e "\n\033[1;31m✖\033[0m \033[1m$*\033[0m"; } - -function _try() { - _start "$*" - $@ - if [ $? -eq 0 ]; then - _success "$*" - else - _failure "$*" - exit $? - fi -} - - # First, build the re2 library. # N.B., we don't follow the standard incantation for building re2 # (i.e., `make && make test && make install && make testinstall`), @@ -41,12 +25,12 @@ function _try() { # really need for our fuzzer, so that's all we build. Hopefully # this won't cause the fuzzer to fail erroneously due to not running # upstream's tests first to be sure things compiled correctly. -_try make clean -_try make obj/libre2.a +make clean +make obj/libre2.a # Second, build our fuzzers. -_try $CXX $CXXFLAGS -std=c++11 -I. \ +$CXX $CXXFLAGS -std=c++11 -I. \ /src/oss-fuzz/re2/re2_fuzzer.cc -o /out/re2_fuzzer \ /work/libfuzzer/*.o ./obj/libre2.a $LDFLAGS