Google Git
Sign in
fuchsia / third_party / boringssl / 8a5354ab3ae7c7833d364db003581ea5a3055cbf^! / .
commit8a5354ab3ae7c7833d364db003581ea5a3055cbf[log] [tgz]
authorAaron Green <aarongreen@google.com>Tue Sep 04 18:06:53 2018 -0700
committerAaron Green <aarongreen@google.com>Mon Nov 05 11:54:03 2018 -0800
treee7cbcf89c0dc2989314613b70f6135bf45e4aa0e
parentbe149d2f3abdb503bb6d69659a07b31c58d8c92f [diff]
Add upstream fuzzers

This CL adds the upstream fuzzers into BUILD.gn

SEC-44 #comment Use BoringSSL as an example

Tests: Manually ran fuzzers

Change-Id: I903a5640378e58d648da438221bfce0f79ef6dfb

diff --git a/BUILD.gn b/BUILD.gn
index 8a8a3bb..c89ece8 100644
--- a/BUILD.gn
+++ b/BUILD.gn

@@ -3,6 +3,7 @@
 # found in the LICENSE file.
 
 import("//build/cpp/sdk_shared_library.gni")
+import("//build/fuzzing/fuzzer.gni")
 import("//build/package.gni")
 import("BUILD.generated.gni")
 import("BUILD.generated_tests.gni")
@@ -43,6 +44,15 @@
   sources = crypto_sources
   public = crypto_headers
   public_configs = [ ":boringssl_config" ]
+  is_fuzzer = false
+  foreach (config, configs) {
+    if (config == "//build/config/sanitizers:fuzzer") {
+      is_fuzzer = true
+    }
+  }
+  if (is_fuzzer) {
+    configs += [ ":fuzz_config" ]
+  }
   configs += [ ":internal_config" ]
   if (is_fuchsia) {
     include_base = "//third_party/boringssl/src/include"
@@ -179,6 +189,36 @@
 }
 
 ################################################################################
+# Fuzzers
+
+# Explicitly remove the arm_cpuinfo fuzzer, which tests Linux-specific routines
+if (is_fuchsia) {
+  fuzzers -= [ "arm_cpuinfo" ]
+}
+
+foreach(fuzzer, fuzzers) {
+  fuzz_target("${fuzzer}_fuzzer") {
+    visibility = [ ":*" ]
+    sources = ["src/fuzz/${fuzzer}.cc"]
+    configs += [ ":fuzz_config", ]
+    deps = [
+      ":crypto",
+      ":ssl",
+    ]
+    corpora = [ get_path_info("src/fuzz/${fuzzer}_corpus", "abspath") ]
+  }
+}
+
+fuzz_package("boringssl_fuzzers") {
+  targets = []
+  foreach(fuzzer, fuzzers) {
+    targets += [":${fuzzer}_fuzzer"]
+  }
+  sanitizers = [ "asan", "ubsan" ]
+}
+
+
+################################################################################
 # Configs
 config("boringssl_config") {
   include_dirs = [ "src/include" ]
@@ -218,3 +258,13 @@
   ]
   configs = [ ":internal_config" ]
 }
+
+config("fuzz_config") {
+  visibility = [ ":*" ]
+  # BoringSSL explicitly decided against using the common LLVM fuzzing macro:
+  # https://boringssl-review.googlesource.com/c/boringssl/+/31244
+  defines = [
+    "BORINGSSL_UNSAFE_DETERMINISTIC_MODE",
+  ]
+  configs = [ ":internal_config" ]
+}

diff --git a/fuzzer.cmx b/fuzzer.cmx
new file mode 100644
index 0000000..722e6de
--- /dev/null
+++ b/fuzzer.cmx

@@ -0,0 +1,5 @@
+{
+    "sandbox": {
+        "features": [ "root-ssl-certificates" ]
+    }
+}