projects/grpc/build.sh - platform/external/oss-fuzz - Git at Google

 #!/bin/bash -eu
 # Copyright 2016 Google Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 ################################################################################

 set -o errexit
 set -o nounset

 readonly FUZZER_DICTIONARIES=(
   test/core/end2end/fuzzers/hpack.dictionary
 )

 readonly FUZZER_TARGETS=(
   test/core/json:json_fuzzer
   test/core/client_channel:uri_fuzzer_test
   test/core/http:request_fuzzer
   test/core/http:response_fuzzer
   test/core/nanopb:fuzzer_response
   test/core/nanopb:fuzzer_serverlist
   test/core/slice:percent_decode_fuzzer
   test/core/slice:percent_encode_fuzzer
   test/core/transport/chttp2:hpack_parser_fuzzer
   test/core/end2end/fuzzers:client_fuzzer
   test/core/end2end/fuzzers:server_fuzzer
   test/core/security:ssl_server_fuzzer
   test/core/security:alts_credentials_fuzzer
 )

 # build grpc
 # Temporary hack, see https://github.com/google/oss-fuzz/issues/383
 readonly NO_VPTR='--copt=-fno-sanitize=vptr --linkopt=-fno-sanitize=vptr'

 # Copied from envoy's build.sh
 # Copy $CFLAGS and $CXXFLAGS into Bazel command-line flags, for both
 # compilation and linking.
 #
 # Some flags, such as `-stdlib=libc++`, generate warnings if used on a C source
 # file. Since the build runs with `-Werror` this will cause it to break, so we
 # use `--conlyopt` and `--cxxopt` instead of `--copt`.
 #
 readonly EXTRA_BAZEL_FLAGS="$(
 for f in ${CFLAGS}; do
   echo "--conlyopt=${f}" "--linkopt=${f}"
 done
 for f in ${CXXFLAGS}; do
   echo "--cxxopt=${f}" "--linkopt=${f}"
 done
 if [ "$SANITIZER" = "undefined" ]
 then
   # Bazel uses clang to link binary, which does not link clang_rt ubsan library for C++ automatically.
   # See issue: https://github.com/bazelbuild/bazel/issues/8777
   echo "--linkopt=$(find $(llvm-config --libdir) -name libclang_rt.ubsan_standalone_cxx-x86_64.a | head -1)"
 fi
 )"

 tools/bazel build \
   --dynamic_mode=off \
   --spawn_strategy=standalone \
   --genrule_strategy=standalone \
   ${NO_VPTR} \
   --strip=never \
   --linkopt=-lc++ \
   --linkopt=-pthread \
   --copt=${LIB_FUZZING_ENGINE} \
   --linkopt=${LIB_FUZZING_ENGINE} \
   ${EXTRA_BAZEL_FLAGS} \
   ${FUZZER_TARGETS[@]} \
   --verbose_failures

 # Profiling with coverage requires that we resolve+copy all Bazel symlinks and
 # also remap everything under proc/self/cwd to correspond to Bazel build paths.
 if [ "${SANITIZER}" = 'coverage' ]
 then
   # The build invoker looks for sources in $SRC, but it turns out that we need
   # to not be buried under src/, paths are expected at out/proc/self/cwd by
   # the profiler.
   readonly REMAP_PATH="${OUT}/proc/self/cwd"
   mkdir -p "${REMAP_PATH}"
   rsync -av "${SRC}"/grpc/src "${REMAP_PATH}"
   rsync -av "${SRC}"/grpc/test "${REMAP_PATH}"
   # Remove filesystem loop manually.
   rm -rf "${SRC}"/grpc/bazel-grpc/external/grpc
   # Clean up symlinks with a missing referrant.
   find "${SRC}"/grpc/bazel-grpc/external -follow -type l -ls -delete || echo 'Symlink cleanup soft fail'
   rsync -avLk "${SRC}"/grpc/bazel-grpc/external "${REMAP_PATH}"
   # For .h, and some generated artifacts, we need bazel-out/. Need to heavily
   # filter out the build objects from bazel-out/. Also need to resolve symlinks,
   # since they don't make sense outside the build container.
   readonly RSYNC_FILTER_ARGS=(
     '--include=*.h'
     '--include=*.cc'
     '--include=*.hpp'
     '--include=*.cpp'
     '--include=*.c'
     '--include=*/'
     '--exclude=*'
   )
   rsync -avLk "${RSYNC_FILTER_ARGS[@]}" "${SRC}"/grpc/bazel-out "${REMAP_PATH}"
   rsync -avLkR "${RSYNC_FILTER_ARGS[@]}" "${HOME}" "${OUT}"
   rsync -avLkR "${RSYNC_FILTER_ARGS[@]}" /tmp "${OUT}"
 fi

 for target in "${FUZZER_TARGETS[@]}"; do
   # replace : with /
   fuzzer_name=${target/:/\/}
   echo "Copying fuzzer $fuzzer_name"
   cp "bazel-bin/$fuzzer_name" "$OUT/"
 done

 # Copy dictionaries and options files to $OUT/
 for dict in "${FUZZER_DICTIONARIES[@]}"; do
   cp "${dict}" "${OUT}/"
 done

 cp ${SRC}/grpc/tools/fuzzer/options/*.options "${OUT}/"

 # We don't have a consistent naming convention between fuzzer files and corpus
 # directories so we resort to hard coding zipping corpuses
 zip "${OUT}/json_fuzzer_seed_corpus.zip" test/core/json/corpus/*
 zip "${OUT}/uri_fuzzer_test_seed_corpus.zip" test/core/client_channel/uri_corpus/*
 zip "${OUT}/request_fuzzer_seed_corpus.zip" test/core/http/request_corpus/*
 zip "${OUT}/response_fuzzer_seed_corpus.zip" test/core/http/response_corpus/*
 zip "${OUT}/fuzzer_response_seed_corpus.zip" test/core/nanopb/corpus_response/*
 zip "${OUT}/fuzzer_serverlist_seed_corpus.zip" test/core/nanopb/corpus_serverlist/*
 zip "${OUT}/percent_decode_fuzzer_seed_corpus.zip" test/core/slice/percent_decode_corpus/*
 zip "${OUT}/percent_encode_fuzzer_seed_corpus.zip" test/core/slice/percent_encode_corpus/*
 zip "${OUT}/hpack_parser_fuzzer_seed_corpus.zip" test/core/transport/chttp2/hpack_parser_corpus/*
 zip "${OUT}/client_fuzzer_seed_corpus.zip" test/core/end2end/fuzzers/client_fuzzer_corpus/*
 zip "${OUT}/server_fuzzer_seed_corpus.zip" test/core/end2end/fuzzers/server_fuzzer_corpus/*
 zip "${OUT}/ssl_server_fuzzer_seed_corpus.zip" test/core/security/corpus/ssl_server_corpus/*
 zip "${OUT}/alts_credentials_fuzzer_seed_corpus.zip" test/core/security/corpus/alts_credentials_corpus/*
	#!/bin/bash -eu
	# Copyright 2016 Google Inc.
	#
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.
	#
	################################################################################

	set -o errexit
	set -o nounset

	readonly FUZZER_DICTIONARIES=(
	test/core/end2end/fuzzers/hpack.dictionary
	)

	readonly FUZZER_TARGETS=(
	test/core/json:json_fuzzer
	test/core/client_channel:uri_fuzzer_test
	test/core/http:request_fuzzer
	test/core/http:response_fuzzer
	test/core/nanopb:fuzzer_response
	test/core/nanopb:fuzzer_serverlist
	test/core/slice:percent_decode_fuzzer
	test/core/slice:percent_encode_fuzzer
	test/core/transport/chttp2:hpack_parser_fuzzer
	test/core/end2end/fuzzers:client_fuzzer
	test/core/end2end/fuzzers:server_fuzzer
	test/core/security:ssl_server_fuzzer
	test/core/security:alts_credentials_fuzzer
	)

	# build grpc
	# Temporary hack, see https://github.com/google/oss-fuzz/issues/383
	readonly NO_VPTR='--copt=-fno-sanitize=vptr --linkopt=-fno-sanitize=vptr'

	# Copied from envoy's build.sh
	# Copy $CFLAGS and $CXXFLAGS into Bazel command-line flags, for both
	# compilation and linking.
	#
	# Some flags, such as `-stdlib=libc++`, generate warnings if used on a C source
	# file. Since the build runs with `-Werror` this will cause it to break, so we
	# use `--conlyopt` and `--cxxopt` instead of `--copt`.
	#
	readonly EXTRA_BAZEL_FLAGS="$(
	for f in ${CFLAGS}; do
	echo "--conlyopt=${f}" "--linkopt=${f}"
	done
	for f in ${CXXFLAGS}; do
	echo "--cxxopt=${f}" "--linkopt=${f}"
	done
	if [ "$SANITIZER" = "undefined" ]
	then
	# Bazel uses clang to link binary, which does not link clang_rt ubsan library for C++ automatically.
	# See issue: https://github.com/bazelbuild/bazel/issues/8777
	echo "--linkopt=$(find $(llvm-config --libdir) -name libclang_rt.ubsan_standalone_cxx-x86_64.a \| head -1)"
	fi
	)"

	tools/bazel build \
	--dynamic_mode=off \
	--spawn_strategy=standalone \
	--genrule_strategy=standalone \
	${NO_VPTR} \
	--strip=never \
	--linkopt=-lc++ \
	--linkopt=-pthread \
	--copt=${LIB_FUZZING_ENGINE} \
	--linkopt=${LIB_FUZZING_ENGINE} \
	${EXTRA_BAZEL_FLAGS} \
	${FUZZER_TARGETS[@]} \
	--verbose_failures

	# Profiling with coverage requires that we resolve+copy all Bazel symlinks and
	# also remap everything under proc/self/cwd to correspond to Bazel build paths.
	if [ "${SANITIZER}" = 'coverage' ]
	then
	# The build invoker looks for sources in $SRC, but it turns out that we need
	# to not be buried under src/, paths are expected at out/proc/self/cwd by
	# the profiler.
	readonly REMAP_PATH="${OUT}/proc/self/cwd"
	mkdir -p "${REMAP_PATH}"
	rsync -av "${SRC}"/grpc/src "${REMAP_PATH}"
	rsync -av "${SRC}"/grpc/test "${REMAP_PATH}"
	# Remove filesystem loop manually.
	rm -rf "${SRC}"/grpc/bazel-grpc/external/grpc
	# Clean up symlinks with a missing referrant.
	find "${SRC}"/grpc/bazel-grpc/external -follow -type l -ls -delete \|\| echo 'Symlink cleanup soft fail'
	rsync -avLk "${SRC}"/grpc/bazel-grpc/external "${REMAP_PATH}"
	# For .h, and some generated artifacts, we need bazel-out/. Need to heavily
	# filter out the build objects from bazel-out/. Also need to resolve symlinks,
	# since they don't make sense outside the build container.
	readonly RSYNC_FILTER_ARGS=(
	'--include=*.h'
	'--include=*.cc'
	'--include=*.hpp'
	'--include=*.cpp'
	'--include=*.c'
	'--include=*/'
	'--exclude=*'
	)
	rsync -avLk "${RSYNC_FILTER_ARGS[@]}" "${SRC}"/grpc/bazel-out "${REMAP_PATH}"
	rsync -avLkR "${RSYNC_FILTER_ARGS[@]}" "${HOME}" "${OUT}"
	rsync -avLkR "${RSYNC_FILTER_ARGS[@]}" /tmp "${OUT}"
	fi

	for target in "${FUZZER_TARGETS[@]}"; do
	# replace : with /
	fuzzer_name=${target/:/\/}
	echo "Copying fuzzer $fuzzer_name"
	cp "bazel-bin/$fuzzer_name" "$OUT/"
	done

	# Copy dictionaries and options files to $OUT/
	for dict in "${FUZZER_DICTIONARIES[@]}"; do
	cp "${dict}" "${OUT}/"
	done

	cp ${SRC}/grpc/tools/fuzzer/options/*.options "${OUT}/"

	# We don't have a consistent naming convention between fuzzer files and corpus
	# directories so we resort to hard coding zipping corpuses
	zip "${OUT}/json_fuzzer_seed_corpus.zip" test/core/json/corpus/*
	zip "${OUT}/uri_fuzzer_test_seed_corpus.zip" test/core/client_channel/uri_corpus/*
	zip "${OUT}/request_fuzzer_seed_corpus.zip" test/core/http/request_corpus/*
	zip "${OUT}/response_fuzzer_seed_corpus.zip" test/core/http/response_corpus/*
	zip "${OUT}/fuzzer_response_seed_corpus.zip" test/core/nanopb/corpus_response/*
	zip "${OUT}/fuzzer_serverlist_seed_corpus.zip" test/core/nanopb/corpus_serverlist/*
	zip "${OUT}/percent_decode_fuzzer_seed_corpus.zip" test/core/slice/percent_decode_corpus/*
	zip "${OUT}/percent_encode_fuzzer_seed_corpus.zip" test/core/slice/percent_encode_corpus/*
	zip "${OUT}/hpack_parser_fuzzer_seed_corpus.zip" test/core/transport/chttp2/hpack_parser_corpus/*
	zip "${OUT}/client_fuzzer_seed_corpus.zip" test/core/end2end/fuzzers/client_fuzzer_corpus/*
	zip "${OUT}/server_fuzzer_seed_corpus.zip" test/core/end2end/fuzzers/server_fuzzer_corpus/*
	zip "${OUT}/ssl_server_fuzzer_seed_corpus.zip" test/core/security/corpus/ssl_server_corpus/*
	zip "${OUT}/alts_credentials_fuzzer_seed_corpus.zip" test/core/security/corpus/alts_credentials_corpus/*