[gentoo-commits] proj/pax-utils:master commit in: /

Fri, 16 Apr 2021 12:26:58 -0700 

commit:     d56b0a6dd878cd451ee258844fd70c2099cd19bd
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Sat Mar  4 23:45:43 2017 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Fri Apr 16 19:21:59 2021 +0000
URL:        https://gitweb.gentoo.org/proj/pax-utils.git/commit/?id=d56b0a6d

fuzz: add basic framework for using libFuzzer

By itself, this commit doesn't do anything useful.  We have to update
each tool to hook into libFuzzer, so we'll do that in follow up commits.

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

 Makefile  | 20 +++++++++++++++++++-
 paxinc.h  |  6 ++++++
 porting.h |  5 +++++
 3 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 8a54faf..8e7b183 100644
--- a/Makefile
+++ b/Makefile
@@ -102,12 +102,30 @@ debug: clean
 analyze: clean
        scan-build $(MAKE) all
 
-fuzz: clean
+fuzz:
+       @echo "Pick a fuzzer backend:"
+       @echo "$$ make afl-fuzz"
+       @echo "$$ make libfuzzer"
+       @false
+
+afl-fuzz: clean
        $(MAKE) AFL_HARDEN=1 CC=afl-gcc all
        @rm -rf findings
        @printf '\nNow run:\n%s\n' \
                "afl-fuzz -t 100 -i tests/fuzz/small/ -o findings/ ./scanelf -s 
'*' -axetrnibSDIYZB @@"
 
+# Not all objects support libfuzzer.
+LIBFUZZER_TARGETS =
+LIBFUZZER_FLAGS = \
+       -fsanitize=fuzzer \
+       -fsanitize-coverage=edge
+libfuzzer: clean
+       $(MAKE) \
+               CC="clang" \
+               CFLAGS="-g3 -ggdb $(call check_compiler_many,$(DEBUG_FLAGS)) 
$(LIBFUZZER_FLAGS)" \
+               CPPFLAGS="-DPAX_UTILS_LIBFUZZ=1" \
+               $(LIBFUZZER_TARGETS)
+
 compile.c = $(CC) $(CFLAGS) $(CPPFLAGS) $(CPPFLAGS-$<) -o $@ -c $<
 
 ifeq ($(V),)

diff --git a/paxinc.h b/paxinc.h
index 6d433b9..620ad68 100644
--- a/paxinc.h
+++ b/paxinc.h
@@ -108,6 +108,12 @@ const char *strfileperms(const char *fname);
 #define PTR_ALIGN_DOWN(base, size) 
((__typeof__(base))ALIGN_DOWN((uintptr_t)(base), (size)))
 #define PTR_ALIGN_UP(base, size)   ((__typeof__(base))ALIGN_UP  
((uintptr_t)(base), (size)))
 
+/* Support for libFuzzer: http://llvm.org/docs/LibFuzzer.html */
+#if PAX_UTILS_LIBFUZZ
+int LLVMFuzzerInitialize(__unused__ int *argc, __unused__ char ***argv);
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+#endif
+
 /* helper functions for showing errors */
 extern const char *NORM, *RED, *YELLOW;
 void color_init(bool disable);

diff --git a/porting.h b/porting.h
index 17bbbbc..c4f5fc6 100644
--- a/porting.h
+++ b/porting.h
@@ -94,6 +94,11 @@
 # define PAX_UTILS_CLEANUP 0
 #endif
 
+/* Support for libFuzzer: https://llvm.org/docs/LibFuzzer.html */
+#ifndef PAX_UTILS_LIBFUZZ
+# define PAX_UTILS_LIBFUZZ 0
+#endif
+
 /* Few arches can safely do unaligned accesses */
 #if defined(__cris__) || \
     defined(__i386__) || \

Reply via email to