Add glue to oss-fuzz

arthurscchan · arthurscchan · commit 71dbc2cb4d74 · 2024-11-15T23:51:31.000Z
Signed-off-by: Arthur Chan &lt;arthur.chan@adalogics.com&gt;
diff --git a/oss_fuzz_integration/build_all_custom_images.sh b/oss_fuzz_integration/build_all_custom_images.sh
@@ -53,5 +53,6 @@ if [[ -z ${CLOUD_BUILD_ENV:+dummy} ]]; then
   docker build -t gcr.io/oss-fuzz-base/base-builder infra/base-images/base-builder
   docker build -t gcr.io/oss-fuzz-base/base-runner infra/base-images/base-runner
   docker build -t gcr.io/oss-fuzz-base/base-builder-python infra/base-images/base-builder-python
-  docker build -t gcr.io/oss-fuzz-base/base-builder-python infra/base-images/base-builder-jvm
+  docker build -t gcr.io/oss-fuzz-base/base-builder-jvm infra/base-images/base-builder-jvm
+  docker build -t gcr.io/oss-fuzz-base/base-builder-rust infra/base-images/base-builder-rust
 fi
diff --git a/oss_fuzz_integration/build_post_processing.sh b/oss_fuzz_integration/build_post_processing.sh
@@ -44,4 +44,5 @@ cd oss-fuzz
 docker build -t gcr.io/oss-fuzz-base/base-builder infra/base-images/base-builder
 docker build -t gcr.io/oss-fuzz-base/base-builder-python infra/base-images/base-builder-python
 docker build -t gcr.io/oss-fuzz-base/base-builder-jvm infra/base-images/base-builder-jvm
+docker build -t gcr.io/oss-fuzz-base/base-builder-rust infra/base-images/base-builder-rust
 docker build -t gcr.io/oss-fuzz-base/base-runner infra/base-images/base-runner
diff --git a/oss_fuzz_integration/oss-fuzz-patches.diff b/oss_fuzz_integration/oss-fuzz-patches.diff
@@ -33,3 +33,87 @@ index 8f6486896..b4f50ac36 100644
  RUN /root/checkout_build_install_llvm.sh
  RUN rm /root/checkout_build_install_llvm.sh
  
+diff --git a/infra/base-images/base-builder/compile b/infra/base-images/base-builder/compile
+index d9077510f..5baa138a6 100755
+--- a/infra/base-images/base-builder/compile
++++ b/infra/base-images/base-builder/compile
+@@ -20,6 +20,7 @@ echo "---------------------------------------------------------------"
+ sysctl -w vm.mmap_rnd_bits=28
+ 
+ OSS_FUZZ_ON_DEMAND="${OSS_FUZZ_ON_DEMAND:-0}"
++RUST_SANITIZER=$SANITIZER
+ 
+ if [ "$FUZZING_LANGUAGE" = "jvm" ]; then
+   if [ "$FUZZING_ENGINE" != "libfuzzer" ] && [ "$FUZZING_ENGINE" != "wycheproof" ]; then
+@@ -66,6 +67,13 @@ if [ "$FUZZING_LANGUAGE" = "python" ]; then
+   fi
+ fi
+ 
++if [ "$FUZZING_LANGUAGE" = "rust" ]; then
++  if [ "$SANITIZER" = "introspector" ]; then
++    # introspector sanitizer flag will cause cargo build failed, remove it temporary and store it in separate variable
++    export SANITIZER=address
++  fi
++fi
++
+ if [ -z "${SANITIZER_FLAGS-}" ]; then
+   FLAGS_VAR="SANITIZER_FLAGS_${SANITIZER}"
+   export SANITIZER_FLAGS=${!FLAGS_VAR-}
+@@ -111,7 +119,7 @@ fi
+ # use RUSTFLAGS.
+ # FIXME: Support code coverage once support is in.
+ # See https://github.com/rust-lang/rust/issues/34701.
+-if [ "$SANITIZER" != "undefined" ] && [ "$SANITIZER" != "coverage" ] && [ "$SANITIZER" != "none" ] && [ "$ARCHITECTURE" != 'i386' ]; then
++if [ "$SANITIZER" != "undefined" ] && [ "$SANITIZER" != "coverage" ] && [ "$SANITIZER" != "none" ] && [ "$RUST_SANITIZER" != "introspector" ] && [ "$ARCHITECTURE" != 'i386' ]; then
+   export RUSTFLAGS="--cfg fuzzing -Zsanitizer=${SANITIZER} -Cdebuginfo=1 -Cforce-frame-pointers"
+ else
+   export RUSTFLAGS="--cfg fuzzing -Cdebuginfo=1 -Cforce-frame-pointers"
+@@ -188,7 +196,7 @@ EOF
+   export CXXFLAGS="$CXXFLAGS -fno-sanitize=leak"
+ fi
+ 
+-if [ "$SANITIZER" = "introspector" ]; then
++if [ "$SANITIZER" = "introspector" ] || [ "$RUST_SANITIZER" = "introspector" ]; then
+   export AR=llvm-ar
+   export NM=llvm-nm
+   export RANLIB=llvm-ranlib
+@@ -280,7 +288,7 @@ else
+   fi
+ fi
+ 
+-if [ "$SANITIZER" = "introspector" ]; then
++if [ "$SANITIZER" = "introspector" ] || [ "$RUST_SANITIZER" = "introspector" ]; then
+   unset CXXFLAGS
+   unset CFLAGS
+   export G_ANALYTICS_TAG="G-8WTFM1Y62J"
+@@ -295,6 +303,21 @@ if [ "$SANITIZER" = "introspector" ]; then
+     mkdir -p $SRC/my-fi-data
+     find $OUT/ -name *.data -exec mv {} $SRC/my-fi-data/ \;
+     find $OUT/ -name *.data.yaml -exec mv {} $SRC/my-fi-data/ \;
++  elif [ "$FUZZING_LANGUAGE" = "rust" ]; then
++    echo "GOING rust route"
++
++    # Run the rust frontend
++    pushd /fuzz-introspector/frontends/rust/rust_function_analyser
++    cargo run -- $SRC
++
++    # Move files temporarily to fix workflow of other languages.
++    mkdir -p $SRC/my-fi-data
++    find ./ -name "*.data" -exec mv {} $SRC/my-fi-data/ \;
++    find ./ -name "*.data.yaml" -exec mv {} $SRC/my-fi-data/ \;
++    popd
++
++    # Restore the sanitizer flag for rust
++    export SANITIZER="introspector"
+   fi
+ 
+   mkdir -p $SRC/inspector
+@@ -336,7 +359,7 @@ if [ "$SANITIZER" = "introspector" ]; then
+     python3 /fuzz-introspector/src/main.py report $REPORT_ARGS
+     cp -rf $SRC/inspector $OUT/inspector
+   else
+-    # C/C++
++    # C/C++/Rust
+ 
+     # Correlate fuzzer binaries to fuzz-introspector's raw data
+     python3 /fuzz-introspector/src/main.py correlate --binaries_dir=$OUT/
