google
diff --git a/‎projects/nodejs/Dockerfile‎
Lines changed: 12 additions & 4 deletions b/‎projects/nodejs/Dockerfile‎
Lines changed: 12 additions & 4 deletions
diff --git a/‎projects/nodejs/add_fuzzers_to_node_gyp.go‎
Lines changed: 220 additions & 0 deletions b/‎projects/nodejs/add_fuzzers_to_node_gyp.go‎
Lines changed: 220 additions & 0 deletions
diff --git a/‎projects/nodejs/build.sh‎
Lines changed: 60 additions & 62 deletions b/‎projects/nodejs/build.sh‎
Lines changed: 60 additions & 62 deletions
@@ -14,8 +14,16 @@
 #
 ################################################################################
 
-FROM gcr.io/oss-fuzz-base/base-builder@sha256:d34b94e3cf868e49d2928c76ddba41fd4154907a1a381b3a263fafffb7c3dce0
+FROM gcr.io/oss-fuzz-base/base-builder
 RUN apt-get update && apt-get install -y make flex bison build-essential
-RUN git clone --recursive --depth 1 https://github.com/AdamKorcz/node --branch=all-new-fuzzers
-WORKDIR $SRC
-COPY build.sh $SRC/
+RUN git clone --recursive --depth 1 https://github.com/nodejs/node
+RUN wget https://go.dev/dl/go1.24.5.linux-amd64.tar.gz \
+    && mkdir temp-go \
+    && mkdir mkdir /root/.go/ \
+    && rm -rf /root/.go/* \
+    && tar -C temp-go/ -xzf go1.24.5.linux-amd64.tar.gz \
+    && mv temp-go/go/* /root/.go/
+ENV PATH=$PATH:/root/.go/bin:$GOPATH/bin
+WORKDIR $SRC/node
+ADD fuzz_sources $SRC/fuzz_sources
+COPY *.sh *.cc *.h *add_fuzzers_to_node_gyp.go $SRC/
@@ -0,0 +1,220 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package main
+
+import (
+	"bufio"
+	"fmt"
+	"log"
+	"os"
+	"strings"
+)
+
+var (
+	template1 = `
+		{
+		  'target_name': '____TARGETNAME____',
+		  'type': 'executable',
+		  'dependencies': [
+		    '<(node_lib_target_name)',
+		    'deps/googletest/googletest.gyp:gtest_prod',
+		    'deps/histogram/histogram.gyp:histogram',
+		    'deps/uvwasi/uvwasi.gyp:uvwasi',
+		    'deps/ncrypto/ncrypto.gyp:ncrypto',
+		    'deps/nbytes/nbytes.gyp:nbytes',
+		    'tools/v8_gypfiles/abseil.gyp:abseil',
+		  ],
+		  'includes': [
+		    'node.gypi'
+		  ],
+		  'include_dirs': [
+		    'src',
+		    'tools/msvs/genfiles',
+		    'deps/v8/include',
+		    'deps/cares/include',
+		    'deps/uv/include',
+		    'deps/uvwasi/include',
+		    'test/cctest',
+		    'test/fuzzers',
+		  ],
+		  'defines': [
+		    'NODE_ARCH="<(target_arch)"',
+		    'NODE_PLATFORM="<(OS)"',
+		    'NODE_WANT_INTERNALS=1',
+		    'HAVE_OPENSSL=1',
+		    'NAPI_VERSION=10',
+		  ],
+		  'sources': [
+		    'src/node_snapshot_stub.cc',
+		    'test/fuzzers/fuzz_common.cc',
+		    'test/fuzzers/____TARGETNAME____.cc',
+		  ],
+		  'conditions': [
+		    ['OS=="linux"', {
+		      'ldflags': [ '-fsanitize=fuzzer' ]
+		    }],
+		    # Ensure that ossfuzz flag has been set and that we are on Linux
+		    [ 'OS!="linux" or ossfuzz!="true"', {
+		      'type': 'none',
+		    }],
+		    # Avoid excessive LTO
+		    ['enable_lto=="true"', {
+		      'ldflags': [ '-fno-lto' ],
+		    }],
+		  ],
+		},`
+	fuzzers = []string{
+		"fuzz_ClientHelloParser",
+		"fuzz_blob",
+		"fuzz_buffer_compare",
+		"fuzz_buffer_equals",
+		"fuzz_buffer_includes",
+		"fuzz_cipheriv",
+		"fuzz_createPrivateKeyDER",
+		"fuzz_createPrivateKeyJWK",
+		"fuzz_createPrivateKeyPEM",
+		"fuzz_diffieHellmanDER",
+		"fuzz_diffieHellmanJWK",
+		"fuzz_diffieHellmanPEM",
+		"fuzz_fs_write_open_read",
+		"fuzz_fs_write_read_append",
+		"fuzz_httpparser1",
+		"fuzz_path_basename",
+		"fuzz_path_dirname",
+		"fuzz_path_extname",
+		"fuzz_path_format",
+		"fuzz_path_isAbsolute",
+		"fuzz_path_join",
+		"fuzz_path_normalize",
+		"fuzz_path_parse",
+		"fuzz_path_relative",
+		"fuzz_path_resolve",
+		"fuzz_path_toNamespacedPath",
+		"fuzz_querystring_parse",
+		"fuzz_quic_token",
+		"fuzz_sign_verify",
+		"fuzz_stream1",
+		"fuzz_string_decoder",
+		"fuzz_strings",
+		"fuzz_tls_socket_request",
+		"fuzz_v8_deserialize",
+		"fuzz_x509",
+		"fuzz_zlib_brotliCompress",
+		"fuzz_zlib_brotliDecompress",
+		"fuzz_zlib_createBrotliDecompress",
+		"fuzz_zlib_gzip_createUnzip",
+	}
+)
+
+func createGypTargetEntry(fuzzerName string) string {
+	templ := template1
+	templWithTargetName := strings.ReplaceAll(templ, "____TARGETNAME____", fuzzerName)
+	return templWithTargetName
+}
+
+func main() {
+	if len(os.Args) < 3 {
+		fmt.Println("Usage: go run main.go <inputfile> <outputfile>")
+		return
+	}
+
+	inputFile := os.Args[1]
+	outputFile := os.Args[2]
+
+	in, err := os.Open(inputFile)
+	if err != nil {
+		log.Fatalf("Failed to open input file: %v", err)
+	}
+	defer in.Close()
+
+	out, err := os.Create(outputFile)
+	if err != nil {
+		log.Fatalf("Failed to create output file: %v", err)
+	}
+	defer out.Close()
+
+	scanner := bufio.NewScanner(in)
+	writer := bufio.NewWriter(out)
+
+	var ignore bool
+
+	for scanner.Scan() {
+		line := scanner.Text()
+
+		// Remove existing fuzzers in the original node.gyp
+		if !ignore && line == "    { # fuzz_env" {
+			ignore = true
+			continue
+		} else if ignore && line == "    }, # fuzz_env" {
+			ignore = false
+			continue
+		} else if !ignore && line == "    { # fuzz_ClientHelloParser.cc" {
+			ignore = true
+			continue
+		} else if ignore && line == "    }, # fuzz_ClientHelloParser.cc" {
+			ignore = false
+			continue
+		} else if !ignore && line == "    { # fuzz_url" {
+			ignore = true
+			continue
+		} else if ignore && line == "    }, # fuzz_url" {
+			ignore = false
+			continue
+		} else if !ignore && line == "    { # fuzz_strings" {
+			ignore = true
+			continue
+		} else if ignore && line == "    }, # fuzz_strings" {
+			ignore = false
+			continue
+		}
+		if ignore {
+			continue
+		}
+
+		var stringToAppend string
+		appendTargetsNow := line == "  'targets': ["
+		// add new line unless we are adding the fuzzers
+		// since the fuzzer template already has new line
+		if appendTargetsNow {
+			stringToAppend = line
+		} else {
+			stringToAppend = line + "\n"
+		}
+		_, err := writer.WriteString(stringToAppend)
+		if err != nil {
+			log.Fatalf("Failed to write line: %v", err)
+		}
+
+		// Check for the special line
+		if appendTargetsNow {
+			for _, fuzzer := range fuzzers {
+				fmt.Println("appending ", fuzzer)
+				_, err := writer.WriteString(createGypTargetEntry(fuzzer))
+				if err != nil {
+					log.Fatalf("Failed to write injected line: %v", err)
+				}
+			}
+		}
+	}
+
+	if err := scanner.Err(); err != nil {
+		log.Fatalf("Error reading input file: %v", err)
+	}
+
+	if err := writer.Flush(); err != nil {
+		log.Fatalf("Error flushing output: %v", err)
+	}
+}
@@ -14,6 +14,17 @@
 # limitations under the License.
 #
 ################################################################################
+rm $SRC/node/test/fuzzers/*
+cp $SRC/fuzz_sources/* $SRC/node/test/fuzzers/
+
+# Add the fuzzers to node.gyp
+mkdir $SRC/modify-node-gyp
+cd $SRC/modify-node-gyp
+go mod init modify-node-gyp
+mv $SRC/add_fuzzers_to_node_gyp.go ./main.go
+go run main.go $SRC/node/node.gyp /tmp/updated-node.gyp
+mv /tmp/updated-node.gyp $SRC/node/node.gyp
+
 cd $SRC/node
 
 # Coverage build takes very long and time outs in the CI which blocks changes. Ignore Coverage build in OSS-Fuzz CI for now:
@@ -31,75 +42,62 @@ if [[ "$SANITIZER" = coverage ]]; then
 fi
 
 # Build node
+export CXXFLAGS="$CXXFLAGS -std=c++20 -stdlib=libc++"
+export GN_ARGS='use_custom_libcxx=true'
 export LDFLAGS="$CXXFLAGS"
+export LDFLAGS="$LDFLAGS -stdlib=libc++"
 export LD="$CXX"
 ./configure --with-ossfuzz
 
 # Ensure we build with few processors if memory gets exhausted
 if [[ "$SANITIZER" = coverage ]]; then
-	for mrkpath in \
-        	fuzz_buffer_includes.target.mk \
-        	fuzz_buffer_equals.target.mk \
-        	fuzz_buffer_compare.target.mk \
-        	fuzz_blob.target.mk \
-        	fuzz_zlib_gzip_createUnzip.target.mk \
-	        fuzz_zlib_createBrotliDecompress.target.mk \
-	        fuzz_zlib_brotliDecompress.target.mk \
-	        fuzz_zlib_brotliCompress.target.mk \
-	        fuzz_string_decoder.target.mk \
-	        fuzz_querystring_parse.target.mk \
-	        fuzz_path_join.target.mk \
-	        fuzz_stream1.target.mk \
-	        fuzz_strings.target.mk \
-	        fuzz_diffieHellmanPEM.target.mk \
-	        fuzz_createPrivateKeyPEM.target.mk \
-	        fuzz_createPrivateKeyDER.target.mk \
-	        fuzz_path_extname.target.mk \
-	        fuzz_path_normalize.target.mk \
-	        fuzz_path_relative.target.mk \
-	        fuzz_createPrivateKeyJWK.target.mk \
-	        fuzz_path_format.target.mk \
-	        fuzz_ClientHelloParser.target.mk \
-	        fuzz_diffieHellmanJWK.target.mk \
-	        fuzz_path_basename.target.mk \
-	        fuzz_path_isAbsolute.target.mk \
-       		fuzz_tls_socket_request.target.mk \
-	        fuzz_diffieHellmanDER.target.mk \
-    		fuzz_path_toNamespacedPath.target.mk \
-        	fuzz_path_parse.target.mk \
-        	fuzz_httpparser1.target.mk \
-        	fuzz_path_dirname.target.mk \
-        	fuzz_x509.target.mk \
-        	fuzz_fs_write_read_append.target.mk \
-        	fuzz_sign_verify.target.mk \
-        	fuzz_path_resolve.target.mk \
-        	fuzz_fs_write_open_read.target.mk \
-        	libnode.target.mk
-	do
-        	echo "sed'ing ${mrkpath}"
-        	sed -i 's/BUILDTYPE))/BUILDTYPE)) -fprofile-instr-generate -fcoverage-mapping/g' "$SRC/node/out/${mrkpath}"
-	done
-	make -j 3 || make -j1
+    for mrkpath in \
+        fuzz_buffer_includes.target.mk \
+        fuzz_buffer_equals.target.mk \
+        fuzz_buffer_compare.target.mk \
+        fuzz_blob.target.mk \
+        fuzz_zlib_gzip_createUnzip.target.mk \
+        fuzz_zlib_createBrotliDecompress.target.mk \
+        fuzz_zlib_brotliDecompress.target.mk \
+        fuzz_zlib_brotliCompress.target.mk \
+        fuzz_string_decoder.target.mk \
+        fuzz_querystring_parse.target.mk \
+        fuzz_path_join.target.mk \
+        fuzz_stream1.target.mk \
+        fuzz_strings.target.mk \
+        fuzz_diffieHellmanPEM.target.mk \
+        fuzz_createPrivateKeyPEM.target.mk \
+        fuzz_createPrivateKeyDER.target.mk \
+        fuzz_path_extname.target.mk \
+        fuzz_path_normalize.target.mk \
+        fuzz_path_relative.target.mk \
+        fuzz_createPrivateKeyJWK.target.mk \
+        fuzz_path_format.target.mk \
+        fuzz_ClientHelloParser.target.mk \
+        fuzz_diffieHellmanJWK.target.mk \
+        fuzz_path_basename.target.mk \
+        fuzz_path_isAbsolute.target.mk \
+        fuzz_tls_socket_request.target.mk \
+        fuzz_diffieHellmanDER.target.mk \
+        fuzz_path_toNamespacedPath.target.mk \
+        fuzz_path_parse.target.mk \
+        fuzz_httpparser1.target.mk \
+        fuzz_path_dirname.target.mk \
+        fuzz_x509.target.mk \
+        fuzz_fs_write_read_append.target.mk \
+        fuzz_sign_verify.target.mk \
+        fuzz_path_resolve.target.mk \
+        fuzz_fs_write_open_read.target.mk \
+        libnode.target.mk
+    do
+        echo "sed'ing ${mrkpath}"
+        sed -i 's/BUILDTYPE))/BUILDTYPE)) -fprofile-instr-generate -fcoverage-mapping/g' "$SRC/node/out/${mrkpath}"
+    done
+    make -j3 || make -j1
 else
-	make -j$(nproc) || make -j1
+        make -j$(nproc) || make -j1
 fi
 
-# Copy all fuzzers to OUT folder 
-cp out/Release/fuzz_* ${OUT}/
-
-# Create seed for fuzz_env
-mkdir fuzz_env_seed
-find ./test -name '*.js' -exec cp {} ./fuzz_env_seed/ \;
-cd fuzz_env_seed
-# Remove small files:
-find -size -5k -delete
-# Remove large files:
-find -size +30k -delete
-zip $OUT/fuzz_env_seed_corpus.zip ./*
-# Add more seeds
-cd $SRC/node/test/fuzzers/seed/fuzz_env
-zip $OUT/fuzz_env_seed_corpus.zip ./*
-
-cd $SRC/node/test/fuzzers/seed/fuzz_x509
-zip $OUT/fuzz_x509_seed_corpus.zip ./*
+# Move all fuzzers to OUT folder 
+mv out/Release/fuzz_* ${OUT}/