Google Git
Sign in
android / platform / external / oss-fuzz / b71f347e2b5f207fc409083fc9a0a89b60a9be6a / . / infra / base-images / base-builder
tree: 99fd992f4efbe973b9d6c25dbb0adf261c6fbbba [path history] [tgz]
  1. test_data/
  2. bisect_clang.py
  3. bisect_clang_test.py
  4. compile
  5. compile_afl
  6. compile_dataflow
  7. compile_honggfuzz
  8. compile_libfuzzer
  9. detect_repo.py
  10. detect_repo_test.py
  11. Dockerfile
  12. precompile_honggfuzz
  13. README.md
  14. srcmap
  15. write_labels.py
infra/base-images/base-builder/README.md

base-builder

Abstract base image for libfuzzer builders.

Every project image supports multiple commands that can be invoked through docker after the image is built:

Supported Commands

CommandDescription
compile (default)build all fuzz targets
/bin/bashdrop into shell, execute compile script to start build.

Build Configuration

A single build image can build same set of fuzzers in many configurations. The configuration is picked through one or more environment variables.

Env VariableDescription
$SANITIZER ("address")Specifies predefined sanitizer configuration to use. address or memory or undefined.
$SANITIZER_FLAGSSpecify compiler sanitizer flags directly. Overrides $SANITIZER.
$COVERAGE_FLAGSSpecify compiler flags to use for fuzzer feedback coverage.
$BUILD_UIDUser id to use while building fuzzers.

Examples

  • building sqlite3 fuzzer with UBSan (SANITIZER=undefined):

Image Files Layout

LocationEnvDescription
/out/$OUTDirectory to store build artifacts (fuzz targets, dictionaries, options files, seed corpus archives).
/src/$SRCDirectory to checkout source files
/work/$WORKDirectory for storing intermediate files
/usr/lib/libFuzzingEngine.a$LIB_FUZZING_ENGINELocation of prebuilt fuzzing engine library (e.g. libFuzzer ) that needs to be linked with all fuzz targets.

While files layout is fixed within a container, the environment variables are provided to be able to write retargetable scripts.

Compiler Flags

You must use special compiler flags to build your project and fuzz targets. These flags are provided in following environment variables:

Env VariableDescription
$CCThe C compiler binary.
$CXX, $CCCThe C++ compiler binary.
$CFLAGSC compiler flags.
$CXXFLAGSC++ compiler flags.

Most well-crafted build scripts will automatically use these variables. If not, pass them manually to the build tool.

Child Image Interface

Sources

Child image has to checkout all sources that it needs to compile fuzz targets into $SRC directory. When the image is executed, a directory could be mounted on top of these with local checkouts using docker run -v $HOME/my_project:/src/my_project ....

Other Required Files

Following files have to be added by child images:

File LocationDescription
$SRC/build.shbuild script to build the project and its fuzz targets