• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright 2016 Google Inc.
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7#      http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14#
15################################################################################
16
17# Using multi-stage build to copy some LLVM binaries needed in the runner image.
18FROM gcr.io/oss-fuzz-base/base-clang AS base-clang
19
20FROM gcr.io/oss-fuzz-base/base-image
21
22# Copy the binaries needed for code coverage and crash symbolization.
23COPY --from=base-clang /usr/local/bin/llvm-cov /usr/local/bin/
24COPY --from=base-clang /usr/local/bin/llvm-profdata /usr/local/bin/
25COPY --from=base-clang /usr/local/bin/llvm-symbolizer /usr/local/bin/
26
27RUN apt-get install -y \
28    binutils \
29    file \
30    fonts-dejavu \
31    git \
32    libc6-dev-i386 \
33    libcap2 \
34    python3 \
35    python3-pip \
36    wget \
37    zip
38
39RUN git clone https://chromium.googlesource.com/chromium/src/tools/code_coverage /opt/code_coverage
40RUN pip3 install -r /opt/code_coverage/requirements.txt
41
42COPY bad_build_check \
43    collect_dft \
44    coverage \
45    coverage_helper \
46    dataflow_tracer.py \
47    download_corpus \
48    minijail0 \
49    reproduce \
50    run_fuzzer \
51    run_minijail \
52    targets_list \
53    test_all \
54    test_one \
55    /usr/local/bin/
56
57# Default environment options for various sanitizers.
58# Note that these match the settings used in ClusterFuzz and
59# shouldn't be changed unless a corresponding change is made on
60# ClusterFuzz side as well.
61ENV ASAN_OPTIONS="alloc_dealloc_mismatch=0:allocator_may_return_null=1:allocator_release_to_os_interval_ms=500:check_malloc_usable_size=0:detect_container_overflow=1:detect_odr_violation=0:detect_leaks=1:detect_stack_use_after_return=1:fast_unwind_on_fatal=0:handle_abort=1:handle_segv=1:handle_sigill=1:max_uar_stack_size_log=16:print_scariness=1:quarantine_size_mb=10:strict_memcmp=1:strip_path_prefix=/workspace/:symbolize=1:use_sigaltstack=1"
62ENV MSAN_OPTIONS="print_stats=1:strip_path_prefix=/workspace/:symbolize=1"
63ENV UBSAN_OPTIONS="print_stacktrace=1:print_summary=1:silence_unsigned_overflow=1:strip_path_prefix=/workspace/:symbolize=1"
64ENV FUZZER_ARGS="-rss_limit_mb=2560 -timeout=25"
65ENV AFL_FUZZER_ARGS="-m none"
66