1#!/bin/bash -eu 2# Copyright 2019 Google Inc. 3# 4# Licensed under the Apache License, Version 2.0 (the "License"); 5# you may not use this file except in compliance with the License. 6# You may obtain a copy of the License at 7# 8# http://www.apache.org/licenses/LICENSE-2.0 9# 10# Unless required by applicable law or agreed to in writing, software 11# distributed under the License is distributed on an "AS IS" BASIS, 12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13# See the License for the specific language governing permissions and 14# limitations under the License. 15# 16################################################################################ 17 18# build dependencies statically 19( 20tar -xvzf pcre2-10.36.tar.gz 21cd pcre2-10.36 22./configure --disable-shared 23make -j$(nproc) clean 24make -j$(nproc) all 25make -j$(nproc) install 26) 27 28tar -xvzf lz4-1.9.2.tar.gz 29cd lz4-1.9.2 30make liblz4.a 31cp lib/liblz4.a /usr/local/lib/ 32cp lib/lz4*.h /usr/local/include/ 33cd .. 34 35tar -xvzf jansson-2.12.tar.gz 36cd jansson-2.12 37./configure --disable-shared 38make -j$(nproc) 39make install 40cd .. 41 42tar -xvzf libpcap-1.9.1.tar.gz 43cd libpcap-1.9.1 44./configure --disable-shared 45make -j$(nproc) 46make install 47cd .. 48 49cd fuzzpcap 50mkdir build 51cd build 52cmake .. 53make install 54cd ../.. 55 56cd libyaml 57./bootstrap 58./configure --disable-shared 59make -j$(nproc) 60make install 61cd .. 62 63export CARGO_BUILD_TARGET="x86_64-unknown-linux-gnu" 64# cf https://github.com/google/sanitizers/issues/1389 65export MSAN_OPTIONS=strict_memcmp=false 66 67#we did not put libhtp there before so that cifuzz does not remove it 68mv libhtp suricata/ 69# build project 70cd suricata 71sh autogen.sh 72#run configure with right options 73if [ "$SANITIZER" = "address" ] 74then 75 export RUSTFLAGS="$RUSTFLAGS -Cpasses=sancov-module -Cllvm-args=-sanitizer-coverage-level=4 -Cllvm-args=-sanitizer-coverage-trace-compares -Cllvm-args=-sanitizer-coverage-inline-8bit-counters -Cllvm-args=-sanitizer-coverage-pc-table -Clink-dead-code -Cllvm-args=-sanitizer-coverage-stack-depth -Ccodegen-units=1" 76fi 77./src/tests/fuzz/oss-fuzz-configure.sh 78make -j$(nproc) 79 80./src/suricata --list-app-layer-protos | tail -n +2 | while read i; do cp src/fuzz_applayerparserparse $OUT/fuzz_applayerparserparse_$i; done 81 82cp src/fuzz_* $OUT/ 83 84# dictionaries 85./src/suricata --list-keywords | grep "\- " | sed 's/- //' | awk '{print "\""$0"\""}' > $OUT/fuzz_siginit.dict 86 87echo \"SMB\" > $OUT/fuzz_applayerparserparse_smb.dict 88 89# build corpuses 90# default configuration file 91zip -r $OUT/fuzz_confyamlloadstring_seed_corpus.zip suricata.yaml 92# rebuilds rules corpus with only one rule by file 93unzip ../emerging.rules.zip 94cd rules 95cat *.rules > $OUT/fuzz.rules 96i=0 97mkdir corpus 98# quiet output for commands 99set +x 100cat *.rules | while read l; do echo $l > corpus/$i.rule; i=$((i+1)); done 101set -x 102zip -q -r $OUT/fuzz_siginit_seed_corpus.zip corpus 103cd ../../suricata-verify 104 105# corpus with single files 106find . -name "*.pcap" | xargs zip -r $OUT/fuzz_decodepcapfile_seed_corpus.zip 107find . -name "*.yaml" | xargs zip -r $OUT/fuzz_confyamlloadstring_seed_corpus.zip 108find . -name "*.rules" | xargs zip -r $OUT/fuzz_siginit_seed_corpus.zip 109 110# corpus using both rule and pcap as in suricata-verify 111cd tests 112i=0 113mkdir corpus 114set +x 115ls | grep -v corpus | while read t; do 116cat $t/*.rules > corpus/$i || true; echo -ne '\0' >> corpus/$i; cat $t/*.pcap >> corpus/$i || true; i=$((i+1)); 117done 118set -x 119zip -q -r $OUT/fuzz_sigpcap_seed_corpus.zip corpus 120rm -Rf corpus 121mkdir corpus 122set +x 123ls | grep -v corpus | while read t; do 124grep -v "#" $t/*.rules | head -1 | cut -d "(" -f2 | cut -d ")" -f1 > corpus/$i || true; echo -ne '\0' >> corpus/$i; fpc_bin $t/*.pcap >> corpus/$i || rm corpus/$i; i=$((i+1)); 125echo -ne '\0' >> corpus/$i; python3 $SRC/fuzzpcap/tcptofpc.py $t/*.pcap >> corpus/$i || rm corpus/$i; i=$((i+1)); 126done 127set -x 128zip -q -r $OUT/fuzz_sigpcap_aware_seed_corpus.zip corpus 129echo "\"FPC0\"" > $OUT/fuzz_sigpcap_aware.dict 130rm -Rf corpus 131mkdir corpus 132set +x 133ls | grep -v corpus | while read t; do 134fpc_bin $t/*.pcap >> corpus/$i || rm corpus/$i; i=$((i+1)); 135python3 $SRC/fuzzpcap/tcptofpc.py $t/*.pcap >> corpus/$i || rm corpus/$i; i=$((i+1)); 136done 137set -x 138zip -q -r $OUT/fuzz_predefpcap_aware_seed_corpus.zip corpus 139echo "\"FPC0\"" > $OUT/fuzz_predefpcap_aware.dict 140