1#!/bin/bash -eu 2# Copyright 2018 Google Inc. 3# 4# Licensed under the Apache License, Version 2.0 (the "License"); 5# you may not use this file except in compliance with the License. 6# You may obtain a copy of the License at 7# 8# http://www.apache.org/licenses/LICENSE-2.0 9# 10# Unless required by applicable law or agreed to in writing, software 11# distributed under the License is distributed on an "AS IS" BASIS, 12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13# See the License for the specific language governing permissions and 14# limitations under the License. 15# 16################################################################################ 17 18export CFLAGS="$CFLAGS" 19export CXXFLAGS="$CXXFLAGS" 20 21declare -r FUZZER_TARGETS_CC=$(find . -name *_fuzz_test.cc) 22declare -r FUZZER_TARGETS="$(for t in ${FUZZER_TARGETS_CC}; do echo "${t:2:-3}"; done)" 23 24FUZZER_DICTIONARIES="\ 25" 26 27# Copy $CFLAGS and $CXXFLAGS into Bazel command-line flags, for both 28# compilation and linking. 29# 30# Some flags, such as `-stdlib=libc++`, generate warnings if used on a C source 31# file. Since the build runs with `-Werror` this will cause it to break, so we 32# use `--conlyopt` and `--cxxopt` instead of `--copt`. 33# 34declare -r EXTRA_BAZEL_FLAGS="$( 35for f in ${CFLAGS}; do 36 echo "--conlyopt=${f}" "--linkopt=${f}" 37done 38for f in ${CXXFLAGS}; do 39 echo "--cxxopt=${f}" "--linkopt=${f}" 40done 41 42if [ "$SANITIZER" = "undefined" ] 43then 44 # Bazel uses clang to link binary, which does not link clang_rt ubsan library for C++ automatically. 45 # See issue: https://github.com/bazelbuild/bazel/issues/8777 46 echo "--linkopt=\"$(find $(llvm-config --libdir) -name libclang_rt.ubsan_standalone_cxx-x86_64.a | head -1)\"" 47fi 48)" 49 50declare BAZEL_BUILD_TARGETS="" 51declare BAZEL_CORPUS_TARGETS="" 52declare FILTERED_FUZZER_TARGETS="" 53for t in ${FUZZER_TARGETS} 54do 55 declare BAZEL_PATH="//"$(dirname "$t")":"$(basename "$t") 56 declare TAGGED=$(bazel query "attr('tags', 'no_fuzz', ${BAZEL_PATH})") 57 if [ -z "${TAGGED}" ] 58 then 59 FILTERED_FUZZER_TARGETS+="$t " 60 BAZEL_BUILD_TARGETS+="${BAZEL_PATH}_driverless " 61 BAZEL_CORPUS_TARGETS+="${BAZEL_PATH}_corpus_tar " 62 fi 63done 64 65# Build driverless libraries. 66bazel build --verbose_failures --dynamic_mode=off --spawn_strategy=standalone \ 67 --genrule_strategy=standalone --strip=never \ 68 --copt=-fno-sanitize=vptr --linkopt=-fno-sanitize=vptr \ 69 --define tcmalloc=disabled --define signal_trace=disabled \ 70 --define ENVOY_CONFIG_ASAN=1 --copt -D__SANITIZE_ADDRESS__ \ 71 --define force_libcpp=enabled --build_tag_filters=-no_asan \ 72 --linkopt=-lc++ --linkopt=-pthread ${EXTRA_BAZEL_FLAGS} \ 73 ${BAZEL_BUILD_TARGETS[*]} ${BAZEL_CORPUS_TARGETS[*]} 74 75# Profiling with coverage requires that we resolve+copy all Bazel symlinks and 76# also remap everything under proc/self/cwd to correspond to Bazel build paths. 77if [ "$SANITIZER" = "coverage" ] 78then 79 # The build invoker looks for sources in $SRC, but it turns out that we need 80 # to not be buried under src/, paths are expected at out/proc/self/cwd by 81 # the profiler. 82 declare -r REMAP_PATH="${OUT}/proc/self/cwd" 83 mkdir -p "${REMAP_PATH}" 84 # For .cc, we only really care about source/ today. 85 rsync -av "${SRC}"/envoy/source "${REMAP_PATH}" 86 rsync -av "${SRC}"/envoy/test "${REMAP_PATH}" 87 # Remove filesystem loop manually. 88 rm -rf "${SRC}"/envoy/bazel-envoy/external/envoy 89 # Clean up symlinks with a missing referrant. 90 find "${SRC}"/envoy/bazel-envoy/external -follow -type l -ls -delete || echo "Symlink cleanup soft fail" 91 rsync -avLk "${SRC}"/envoy/bazel-envoy/external "${REMAP_PATH}" 92 # For .h, and some generated artifacts, we need bazel-out/. Need to heavily 93 # filter out the build objects from bazel-out/. Also need to resolve symlinks, 94 # since they don't make sense outside the build container. 95 declare -r RSYNC_FILTER_ARGS=("--include" "*.h" "--include" "*.cc" "--include" \ 96 "*.hpp" "--include" "*.cpp" "--include" "*.c" "--include" "*/" "--exclude" "*") 97 rsync -avLk "${RSYNC_FILTER_ARGS[@]}" "${SRC}"/envoy/bazel-out "${REMAP_PATH}" 98 rsync -avLkR "${RSYNC_FILTER_ARGS[@]}" "${HOME}" "${OUT}" 99 rsync -avLkR "${RSYNC_FILTER_ARGS[@]}" /tmp "${OUT}" 100fi 101 102# Copy out test driverless binaries from bazel-bin/. 103for t in ${FILTERED_FUZZER_TARGETS} 104do 105 TARGET_BASE="$(expr "$t" : '.*/\(.*\)_fuzz_test')" 106 TARGET_DRIVERLESS=bazel-bin/"${t}"_driverless 107 echo "Copying fuzzer $t" 108 cp "${TARGET_DRIVERLESS}" "${OUT}"/"${TARGET_BASE}"_fuzz_test 109done 110 111# Zip up related test corpuses. 112# TODO(htuch): just use the .tar directly when 113# https://github.com/google/oss-fuzz/issues/1918 is fixed. 114CORPUS_UNTAR_PATH="${PWD}"/_tmp_corpus 115for t in ${FILTERED_FUZZER_TARGETS} 116do 117 echo "Extracting and zipping fuzzer $t corpus" 118 rm -rf "${CORPUS_UNTAR_PATH}" 119 mkdir -p "${CORPUS_UNTAR_PATH}" 120 tar -C "${CORPUS_UNTAR_PATH}" -xvf bazel-bin/"${t}"_corpus_tar.tar 121 TARGET_BASE="$(expr "$t" : '.*/\(.*\)_fuzz_test')" 122 # There may be *.dict files in this folder that need to be moved into the OUT dir. 123 find "${CORPUS_UNTAR_PATH}" -type f -name *.dict -exec mv -n {} "${OUT}"/ \; 124 zip "${OUT}/${TARGET_BASE}"_fuzz_test_seed_corpus.zip \ 125 "${CORPUS_UNTAR_PATH}"/* 126done 127rm -rf "${CORPUS_UNTAR_PATH}" 128 129# Copy dictionaries and options files to $OUT/ 130for d in $FUZZER_DICTIONARIES; do 131 cp "$d" "${OUT}"/ 132done 133 134# Cleanup bazel- symlinks to avoid oss-fuzz trying to copy out of the build 135# cache. 136rm -f bazel-* 137