1#!/bin/bash 2set -eux 3 4SANITIZER=${SANITIZER:-address} 5flags="-O1 -fno-omit-frame-pointer -g -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=$SANITIZER -fsanitize=fuzzer-no-link" 6 7export CC=${CC:-clang} 8export CFLAGS=${CFLAGS:-$flags} 9 10export CXX=${CXX:-clang++} 11export CXXFLAGS=${CXXFLAGS:-$flags} 12 13cd "$(dirname -- "$0")/.." 14 15export OUT=${OUT:-"$(pwd)/out"} 16mkdir -p "$OUT" 17 18export LIB_FUZZING_ENGINE=${LIB_FUZZING_ENGINE:--fsanitize=fuzzer} 19 20# libelf is compiled with _FORTIFY_SOURCE by default and it 21# isn't compatible with MSan. It was borrowed 22# from https://github.com/google/oss-fuzz/pull/7422 23if [[ "$SANITIZER" == memory ]]; then 24 CFLAGS+=" -U_FORTIFY_SOURCE" 25 CXXFLAGS+=" -U_FORTIFY_SOURCE" 26fi 27 28# The alignment check is turned off by default on OSS-Fuzz/CFLite so it should be 29# turned on explicitly there. It was borrowed from 30# https://github.com/google/oss-fuzz/pull/7092 31if [[ "$SANITIZER" == undefined ]]; then 32 additional_ubsan_checks=alignment 33 UBSAN_FLAGS="-fsanitize=$additional_ubsan_checks -fno-sanitize-recover=$additional_ubsan_checks" 34 CFLAGS+=" $UBSAN_FLAGS" 35 CXXFLAGS+=" $UBSAN_FLAGS" 36fi 37 38# Ideally libbelf should be built using release tarballs available 39# at https://sourceware.org/elfutils/ftp/. Unfortunately sometimes they 40# fail to compile (for example, elfutils-0.185 fails to compile with LDFLAGS enabled 41# due to https://bugs.gentoo.org/794601) so let's just point the script to 42# commits referring to versions of libelf that actually can be built 43rm -rf elfutils 44git clone git://sourceware.org/git/elfutils.git 45( 46cd elfutils 47git checkout e9f3045caa5c4498f371383e5519151942d48b6d 48git log --oneline -1 49 50# ASan isn't compatible with -Wl,--no-undefined: https://github.com/google/sanitizers/issues/380 51find -name Makefile.am | xargs sed -i 's/,--no-undefined//' 52 53# ASan isn't compatible with -Wl,-z,defs either: 54# https://clang.llvm.org/docs/AddressSanitizer.html#usage 55sed -i 's/^\(ZDEFS_LDFLAGS=\).*/\1/' configure.ac 56 57if [[ "$SANITIZER" == undefined ]]; then 58 # That's basicaly what --enable-sanitize-undefined does to turn off unaligned access 59 # elfutils heavily relies on on i386/x86_64 but without changing compiler flags along the way 60 sed -i 's/\(check_undefined_val\)=[0-9]/\1=1/' configure.ac 61fi 62 63autoreconf -i -f 64if ! ./configure --enable-maintainer-mode --disable-debuginfod --disable-libdebuginfod \ 65 CC="$CC" CFLAGS="-Wno-error $CFLAGS" CXX="$CXX" CXXFLAGS="-Wno-error $CXXFLAGS" LDFLAGS="$CFLAGS"; then 66 cat config.log 67 exit 1 68fi 69 70make -C config -j$(nproc) V=1 71make -C lib -j$(nproc) V=1 72make -C libelf -j$(nproc) V=1 73) 74 75make -C src BUILD_STATIC_ONLY=y V=1 clean 76make -C src -j$(nproc) CFLAGS="-I$(pwd)/elfutils/libelf $CFLAGS" BUILD_STATIC_ONLY=y V=1 77 78$CC $CFLAGS -Isrc -Iinclude -Iinclude/uapi -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -c fuzz/bpf-object-fuzzer.c -o bpf-object-fuzzer.o 79$CXX $CXXFLAGS $LIB_FUZZING_ENGINE bpf-object-fuzzer.o src/libbpf.a "$(pwd)/elfutils/libelf/libelf.a" -l:libz.a -o "$OUT/bpf-object-fuzzer" 80 81cp fuzz/bpf-object-fuzzer_seed_corpus.zip "$OUT" 82