1#!/bin/bash -eu 2# Copyright 2016 Google Inc. 3# 4# Licensed under the Apache License, Version 2.0 (the "License"); 5# you may not use this file except in compliance with the License. 6# You may obtain a copy of the License at 7# 8# http://www.apache.org/licenses/LICENSE-2.0 9# 10# Unless required by applicable law or agreed to in writing, software 11# distributed under the License is distributed on an "AS IS" BASIS, 12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13# See the License for the specific language governing permissions and 14# limitations under the License. 15# 16################################################################################ 17 18set -o errexit 19set -o nounset 20 21readonly FUZZER_DICTIONARIES=( 22 test/core/end2end/fuzzers/hpack.dictionary 23) 24 25readonly FUZZER_TARGETS=( 26 test/core/json:json_fuzzer 27 test/core/uri:uri_fuzzer_test 28 test/core/http:request_fuzzer 29 test/core/http:response_fuzzer 30 test/core/nanopb:fuzzer_response 31 test/core/nanopb:fuzzer_serverlist 32 test/core/slice:percent_decode_fuzzer 33 test/core/slice:percent_encode_fuzzer 34 test/core/transport/chttp2:hpack_parser_fuzzer 35 test/core/end2end/fuzzers:client_fuzzer 36 test/core/end2end/fuzzers:server_fuzzer 37 test/core/security:ssl_server_fuzzer 38 test/core/security:alts_credentials_fuzzer 39) 40 41# build grpc 42# Temporary hack, see https://github.com/google/oss-fuzz/issues/383 43readonly NO_VPTR='--copt=-fno-sanitize=vptr --linkopt=-fno-sanitize=vptr' 44 45# Copied from envoy's build.sh 46# Copy $CFLAGS and $CXXFLAGS into Bazel command-line flags, for both 47# compilation and linking. 48# 49# Some flags, such as `-stdlib=libc++`, generate warnings if used on a C source 50# file. Since the build runs with `-Werror` this will cause it to break, so we 51# use `--conlyopt` and `--cxxopt` instead of `--copt`. 52# 53readonly EXTRA_BAZEL_FLAGS="$( 54for f in ${CFLAGS}; do 55 echo "--conlyopt=${f}" "--linkopt=${f}" 56done 57for f in ${CXXFLAGS}; do 58 echo "--cxxopt=${f}" "--linkopt=${f}" 59done 60if [ "$SANITIZER" = "undefined" ] 61then 62 # Bazel uses clang to link binary, which does not link clang_rt ubsan library for C++ automatically. 63 # See issue: https://github.com/bazelbuild/bazel/issues/8777 64 echo "--linkopt=$(find $(llvm-config --libdir) -name libclang_rt.ubsan_standalone_cxx-x86_64.a | head -1)" 65fi 66)" 67 68tools/bazel build \ 69 --dynamic_mode=off \ 70 --spawn_strategy=standalone \ 71 --genrule_strategy=standalone \ 72 ${NO_VPTR} \ 73 --strip=never \ 74 --linkopt=-lc++ \ 75 --linkopt=-pthread \ 76 --copt=${LIB_FUZZING_ENGINE} \ 77 --linkopt=${LIB_FUZZING_ENGINE} \ 78 ${EXTRA_BAZEL_FLAGS} \ 79 ${FUZZER_TARGETS[@]} \ 80 --verbose_failures 81 82# Profiling with coverage requires that we resolve+copy all Bazel symlinks and 83# also remap everything under proc/self/cwd to correspond to Bazel build paths. 84if [ "${SANITIZER}" = 'coverage' ] 85then 86 # The build invoker looks for sources in $SRC, but it turns out that we need 87 # to not be buried under src/, paths are expected at out/proc/self/cwd by 88 # the profiler. 89 readonly REMAP_PATH="${OUT}/proc/self/cwd" 90 mkdir -p "${REMAP_PATH}" 91 rsync -av "${SRC}"/grpc/src "${REMAP_PATH}" 92 rsync -av "${SRC}"/grpc/test "${REMAP_PATH}" 93 # Remove filesystem loop manually. 94 rm -rf "${SRC}"/grpc/bazel-grpc/external/grpc 95 # Clean up symlinks with a missing referrant. 96 find "${SRC}"/grpc/bazel-grpc/external -follow -type l -ls -delete || echo 'Symlink cleanup soft fail' 97 rsync -avLk "${SRC}"/grpc/bazel-grpc/external "${REMAP_PATH}" 98 # For .h, and some generated artifacts, we need bazel-out/. Need to heavily 99 # filter out the build objects from bazel-out/. Also need to resolve symlinks, 100 # since they don't make sense outside the build container. 101 readonly RSYNC_FILTER_ARGS=( 102 '--include=*.h' 103 '--include=*.cc' 104 '--include=*.hpp' 105 '--include=*.cpp' 106 '--include=*.c' 107 '--include=*/' 108 '--exclude=*' 109 ) 110 rsync -avLk "${RSYNC_FILTER_ARGS[@]}" "${SRC}"/grpc/bazel-out "${REMAP_PATH}" 111 rsync -avLkR "${RSYNC_FILTER_ARGS[@]}" "${HOME}" "${OUT}" 112 rsync -avLkR "${RSYNC_FILTER_ARGS[@]}" /tmp "${OUT}" 113fi 114 115for target in "${FUZZER_TARGETS[@]}"; do 116 # replace : with / 117 fuzzer_name=${target/:/\/} 118 echo "Copying fuzzer $fuzzer_name" 119 cp "bazel-bin/$fuzzer_name" "$OUT/" 120done 121 122# Copy dictionaries and options files to $OUT/ 123for dict in "${FUZZER_DICTIONARIES[@]}"; do 124 cp "${dict}" "${OUT}/" 125done 126 127cp ${SRC}/grpc/tools/fuzzer/options/*.options "${OUT}/" 128 129# We don't have a consistent naming convention between fuzzer files and corpus 130# directories so we resort to hard coding zipping corpuses 131zip "${OUT}/json_fuzzer_seed_corpus.zip" test/core/json/corpus/* 132zip "${OUT}/uri_fuzzer_test_seed_corpus.zip" test/core/uri/uri_corpus/* 133zip "${OUT}/request_fuzzer_seed_corpus.zip" test/core/http/request_corpus/* 134zip "${OUT}/response_fuzzer_seed_corpus.zip" test/core/http/response_corpus/* 135zip "${OUT}/fuzzer_response_seed_corpus.zip" test/core/nanopb/corpus_response/* 136zip "${OUT}/fuzzer_serverlist_seed_corpus.zip" test/core/nanopb/corpus_serverlist/* 137zip "${OUT}/percent_decode_fuzzer_seed_corpus.zip" test/core/slice/percent_decode_corpus/* 138zip "${OUT}/percent_encode_fuzzer_seed_corpus.zip" test/core/slice/percent_encode_corpus/* 139zip "${OUT}/hpack_parser_fuzzer_seed_corpus.zip" test/core/transport/chttp2/hpack_parser_corpus/* 140zip "${OUT}/client_fuzzer_seed_corpus.zip" test/core/end2end/fuzzers/client_fuzzer_corpus/* 141zip "${OUT}/server_fuzzer_seed_corpus.zip" test/core/end2end/fuzzers/server_fuzzer_corpus/* 142zip "${OUT}/ssl_server_fuzzer_seed_corpus.zip" test/core/security/corpus/ssl_server_corpus/* 143zip "${OUT}/alts_credentials_fuzzer_seed_corpus.zip" test/core/security/corpus/alts_credentials_corpus/* 144