• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#!/bin/bash
2# Copyright (c) 2016, Google Inc.
3#
4# Permission to use, copy, modify, and/or distribute this software for any
5# purpose with or without fee is hereby granted, provided that the above
6# copyright notice and this permission notice appear in all copies.
7#
8# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
11# SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
13# OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
14# CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15
16set -ex
17
18if [[ $# -ne 2 ]]; then
19  echo "Usage: $0 fuzzer_mode_build_dir no_fuzzer_mode_build_dir"
20  exit 1
21fi
22
23fuzzer_mode_build_dir=$1
24no_fuzzer_mode_build_dir=$2
25
26
27# Sanity-check the build directories.
28
29if ! grep -q '^FUZZ:' "$fuzzer_mode_build_dir/CMakeCache.txt"; then
30  echo "$fuzzer_mode_build_dir was not built with -DFUZZ=1"
31  exit 1
32fi
33
34if grep -q '^NO_FUZZER_MODE:' "$fuzzer_mode_build_dir/CMakeCache.txt"; then
35  echo "$fuzzer_mode_build_dir was built with -DNO_FUZZER_MODE=1"
36  exit 1
37fi
38
39if ! grep -q '^FUZZ:' "$no_fuzzer_mode_build_dir/CMakeCache.txt"; then
40  echo "$no_fuzzer_mode_build_dir was not built with -DFUZZ=1"
41  exit 1
42fi
43
44if ! grep -q '^NO_FUZZER_MODE:' "$no_fuzzer_mode_build_dir/CMakeCache.txt"; then
45  echo "$no_fuzzer_mode_build_dir was not built with -DNO_FUZZER_MODE=1"
46  exit 1
47fi
48
49
50# Sanity-check the current working directory.
51
52assert_directory() {
53  if [[ ! -d $1 ]]; then
54    echo "$1 not found."
55    exit 1
56  fi
57}
58
59assert_directory client_corpus
60assert_directory client_corpus_no_fuzzer_mode
61assert_directory server_corpus
62assert_directory server_corpus_no_fuzzer_mode
63assert_directory dtls_client_corpus
64assert_directory dtls_server_corpus
65
66
67# Gather new transcripts. Ignore errors in running the tests.
68
69fuzzer_mode_shim=$(readlink -f "$fuzzer_mode_build_dir/ssl/test/bssl_shim")
70no_fuzzer_mode_shim=$(readlink -f \
71    "$no_fuzzer_mode_build_dir/ssl/test/bssl_shim")
72
73fuzzer_mode_handshaker=$(readlink -f \
74    "$fuzzer_mode_build_dir/ssl/test/handshaker")
75no_fuzzer_mode_handshaker=$(readlink -f \
76    "$no_fuzzer_mode_build_dir/ssl/test/handshaker")
77
78fuzzer_mode_transcripts=$(mktemp -d '/tmp/boringssl-transcript-fuzzer-mode.XXXXXX')
79no_fuzzer_mode_transcripts=$(mktemp -d '/tmp/boringssl-transcript-no-fuzzer-mode.XXXXXX')
80
81echo Recording fuzzer-mode transcripts
82(cd ../ssl/test/runner/ && go test \
83    -shim-path "$fuzzer_mode_shim" \
84    -handshaker-path "$fuzzer_mode_handshaker" \
85    -transcript-dir "$fuzzer_mode_transcripts" \
86    -fuzzer \
87    -deterministic) || true
88
89echo Recording non-fuzzer-mode transcripts
90(cd ../ssl/test/runner/ && go test \
91    -shim-path "$no_fuzzer_mode_shim" \
92    -handshaker-path "$no_fuzzer_mode_handshaker" \
93    -transcript-dir "$no_fuzzer_mode_transcripts" \
94    -deterministic)
95
96
97# Minimize the existing corpora.
98
99minimize_corpus() {
100  local fuzzer="$1"
101  local corpus="$2"
102
103  echo "Minimizing ${corpus}"
104  mv "$corpus" "${corpus}_old"
105  mkdir "$corpus"
106  "$fuzzer" -max_len=50000 -merge=1 "$corpus" "${corpus}_old"
107  rm -Rf "${corpus}_old"
108}
109
110minimize_corpus "$fuzzer_mode_build_dir/fuzz/client" client_corpus
111minimize_corpus "$fuzzer_mode_build_dir/fuzz/server" server_corpus
112minimize_corpus "$no_fuzzer_mode_build_dir/fuzz/client" client_corpus_no_fuzzer_mode
113minimize_corpus "$no_fuzzer_mode_build_dir/fuzz/server" server_corpus_no_fuzzer_mode
114minimize_corpus "$fuzzer_mode_build_dir/fuzz/dtls_client" dtls_client_corpus
115minimize_corpus "$fuzzer_mode_build_dir/fuzz/dtls_server" dtls_server_corpus
116minimize_corpus "$fuzzer_mode_build_dir/fuzz/decode_client_hello_inner" decode_client_hello_inner_corpus
117
118
119# Incorporate the new transcripts.
120
121"$fuzzer_mode_build_dir/fuzz/client" -max_len=50000 -merge=1 client_corpus "${fuzzer_mode_transcripts}/tls/client"
122"$fuzzer_mode_build_dir/fuzz/server" -max_len=50000 -merge=1 server_corpus "${fuzzer_mode_transcripts}/tls/server"
123"$no_fuzzer_mode_build_dir/fuzz/client" -max_len=50000 -merge=1 client_corpus_no_fuzzer_mode "${no_fuzzer_mode_transcripts}/tls/client"
124"$no_fuzzer_mode_build_dir/fuzz/server" -max_len=50000 -merge=1 server_corpus_no_fuzzer_mode "${no_fuzzer_mode_transcripts}/tls/server"
125"$fuzzer_mode_build_dir/fuzz/dtls_client" -max_len=50000 -merge=1 dtls_client_corpus "${fuzzer_mode_transcripts}/dtls/client"
126"$fuzzer_mode_build_dir/fuzz/dtls_server" -max_len=50000 -merge=1 dtls_server_corpus "${fuzzer_mode_transcripts}/dtls/server"
127"$fuzzer_mode_build_dir/fuzz/decode_client_hello_inner" -max_len=50000 -merge=1 decode_client_hello_inner_corpus "${fuzzer_mode_transcripts}/decode_client_hello_inner"
128