From 9dfeb81d08cd5883c9dc1aaecaf0ce03f2812efc Mon Sep 17 00:00:00 2001 From: Douglas Bagnall Date: Thu, 15 Oct 2020 14:34:04 +1300 Subject: fuzz/oss-fuzz/build_samba: fetch fuzz seeds There is a git repository at https://gitlab.com/samba-team/samba-fuzz-seeds that contains the seeds. When the master branch of that repository is updated, a CI job runs that creates a zip file of all the seeds as an artifact. That zip file is downloaded and unpacked by oss_fuzz/build_samba. The contents of that zip are further zips that contain the seeds for each fuzzing binary; these are placed next to the binaries in the manner that oss-fuzz expects. That is, beside 'fuzz_foo', we put 'fuzz_foo_seed_corpus.zip' which contains a pile of fuzz_foo seeds. There may be times when a new fuzz target does not have a seed corpus, and times when a removed fuzz target leaves behind a seed corpus. This is OK, so we don't insist on an exact match between the target names and the zip names, only that there is some overlap. Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett Autobuild-User(master): Andrew Bartlett Autobuild-Date(master): Wed Oct 21 03:47:35 UTC 2020 on sn-devel-184 --- lib/fuzzing/oss-fuzz/build_samba.sh | 11 +++++++++++ lib/fuzzing/oss-fuzz/check_build.sh | 16 ++++++++++++++++ 2 files changed, 27 insertions(+) (limited to 'lib/fuzzing/oss-fuzz') diff --git a/lib/fuzzing/oss-fuzz/build_samba.sh b/lib/fuzzing/oss-fuzz/build_samba.sh index ff382e22a25..b27c7b7d5c8 100755 --- a/lib/fuzzing/oss-fuzz/build_samba.sh +++ b/lib/fuzzing/oss-fuzz/build_samba.sh @@ -110,4 +110,15 @@ do # Truncate the original binary to save space echo -n > $x + done + +# Grap the seeds dictionary from github and put the seed zips in place +# beside their executables. + +wget https://gitlab.com/samba-team/samba-fuzz-seeds/-/jobs/artifacts/master/download?job=zips \ + -O seeds.zip + +# We might not have unzip, but we do have python +$PYTHON -mzipfile -e seeds.zip $OUT +rm -f seeds.zip diff --git a/lib/fuzzing/oss-fuzz/check_build.sh b/lib/fuzzing/oss-fuzz/check_build.sh index cc69cf26418..b971d2c1bb0 100755 --- a/lib/fuzzing/oss-fuzz/check_build.sh +++ b/lib/fuzzing/oss-fuzz/check_build.sh @@ -13,8 +13,15 @@ OUT=$1 # build_samba.sh will have put a non-zero number of fuzzers here. If # there are none, this will fail as it becomes literally fuzz_* + +seeds_found=no + for bin in $OUT/fuzz_* do + # we only want to look at the elf files, not the zips + if [ ${bin%_seed_corpus.zip} != $bin ]; then + continue + fi # Confirm that the chrpath was reset to lib/ in the same directory # as the binary chrpath -l $bin | grep 'RUNPATH=$ORIGIN/lib' @@ -22,4 +29,13 @@ do # Confirm that we link to at least some libraries in this # directory (shows that the libraries were found and copied). ldd $bin | grep "$OUT/lib" + + if [ -f ${bin}_seed_corpus.zip ]; then + seeds_found=yes + fi done + +if [ $seeds_found = no ]; then + echo "no seed zip files were found!" + exit 1 +fi -- cgit v1.2.1