1#!/bin/bash -eu 2# Copyright 2019 Google Inc. 3# 4# Licensed under the Apache License, Version 2.0 (the "License"); 5# you may not use this file except in compliance with the License. 6# You may obtain a copy of the License at 7# 8# http://www.apache.org/licenses/LICENSE-2.0 9# 10# Unless required by applicable law or agreed to in writing, software 11# distributed under the License is distributed on an "AS IS" BASIS, 12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13# See the License for the specific language governing permissions and 14# limitations under the License. 15# 16################################################################################ 17 18# Because Pillow's "./setup.py build_ext --inplace" does not work with custom CC and CFLAGS, 19# it is necessary to build in the following manner: 20# 21# Build CPython without instrumentation/sanitization 22# Build Pillow in a virtualenv based on uninstrumented and unsanitized CPython. Log the build steps to build.sh 23# Build CPython with instrumentation/sanitization 24# Rewrite build.sh to compile Pillow based on CPython with instrumentation/sanitization 25# 26# Why not build Pillow directly with a virtualenv based on instrumented CPython? 27# Because the virtualenv will inherit CC and CFLAGS of the instrumented CPython, and that will fail. 28 29cd $SRC/ 30tar zxf v3.8.1.tar.gz 31cd cpython-3.8.1/ 32 33# Ignore memory leaks from python scripts invoked in the build 34export ASAN_OPTIONS="detect_leaks=0" 35export MSAN_OPTIONS="halt_on_error=0:exitcode=0:report_umrs=0" 36 37# Remove -pthread from CFLAGS, this trips up ./configure 38# which thinks pthreads are available without any CLI flags 39CFLAGS=${CFLAGS//"-pthread"/} 40 41FLAGS=() 42case $SANITIZER in 43 address) 44 FLAGS+=("--with-address-sanitizer") 45 ;; 46 memory) 47 FLAGS+=("--with-memory-sanitizer") 48 # installing ensurepip takes a while with MSAN instrumentation, so 49 # we disable it here 50 FLAGS+=("--without-ensurepip") 51 # -msan-keep-going is needed to allow MSAN's halt_on_error to function 52 FLAGS+=("CFLAGS=-mllvm -msan-keep-going=1") 53 ;; 54 undefined) 55 FLAGS+=("--with-undefined-behavior-sanitizer") 56 ;; 57esac 58 59export CPYTHON_INSTALL_PATH=$OUT/cpython-install 60rm -rf $CPYTHON_INSTALL_PATH 61mkdir $CPYTHON_INSTALL_PATH 62 63export CPYTHON_UNINSTRUMENTED_INSTALL_PATH=$OUT/cpython-install 64rm -rf $CPYTHON_UNINSTRUMENTED_INSTALL_PATH 65mkdir $CPYTHON_UNINSTRUMENTED_INSTALL_PATH 66 67cd $SRC/ 68tar zxf v3.8.1.tar.gz 69 70# Compile uninstrumented CPython 71cp -R $SRC/cpython-3.8.1/ $SRC/cpython-3.8.1-uninstrumented 72cd $SRC/cpython-3.8.1-uninstrumented 73CFLAGS="" CXXFLAGS="" ./configure --prefix=$CPYTHON_UNINSTRUMENTED_INSTALL_PATH 74CFLAGS="" CXXFLAGS="" make -j$(nproc) 75CFLAGS="" CXXFLAGS="" make install 76 77# Compile instrumented CPython 78cd $SRC/cpython-3.8.1/ 79cp $SRC/oss-fuzz-fuzzers/pillow/python_coverage.h Python/ 80 81# Patch the interpreter to record code coverage 82sed -i '1 s/^.*$/#include "python_coverage.h"/g' Python/ceval.c 83sed -i 's/case TARGET\(.*\): {/\0\nfuzzer_record_code_coverage(f->f_code, f->f_lasti);/g' Python/ceval.c 84 85./configure "${FLAGS[@]}" --prefix=$CPYTHON_INSTALL_PATH 86make -j$(nproc) 87make install 88 89# Compile Pillow fuzzers 90cd $SRC/oss-fuzz-fuzzers/pillow 91rm $CPYTHON_INSTALL_PATH/lib/python3.8/lib-dynload/_tkinter*.so 92make 93cp $SRC/oss-fuzz-fuzzers/pillow/fuzzer-loadimg $OUT/ 94cp $SRC/oss-fuzz-fuzzers/pillow/loadimg.py $OUT/ 95 96# Create venv for Pillow compilation 97$CPYTHON_UNINSTRUMENTED_INSTALL_PATH/bin/python3 -m venv $SRC/venv 98source $SRC/venv/bin/activate 99 100# Compile Pillow 101cd $SRC/pillow 102CFLAGS="" CXXFLAGS="" ./setup.py build_ext --inplace >build.sh 103grep "^\(gcc\|x86_64-linux-gnu-gcc\|clang\) " build.sh | sed 's/^\(gcc\|x86_64-linux-gnu-gcc\|clang\) /$CC $CFLAGS /g' | sed 's/-DPILLOW_VERSION="\([^"]\+\)"/-DPILLOW_VERSION="\\"\1\\""/g' >build2.sh 104bash build2.sh 105cp -R $SRC/pillow $OUT/ 106cp /usr/lib/x86_64-linux-gnu/libjpeg.so.8 $OUT/ 107cp /usr/lib/x86_64-linux-gnu/libtiff.so.5 $OUT/ 108cp /usr/lib/x86_64-linux-gnu/libjbig.so.0 $OUT/ 109cp /usr/lib/x86_64-linux-gnu/libwebp.so.5 $OUT/ 110cp /usr/lib/x86_64-linux-gnu/libwebpmux.so.1 $OUT/ 111cp /usr/lib/x86_64-linux-gnu/libwebpdemux.so.1 $OUT/ 112cp $SRC/oss-fuzz-fuzzers/pillow/corpus.zip $OUT/fuzzer-loadimg_seed_corpus.zip 113