Snap for 5925869 from b223a125bbe2725e316160373227f0df38198658 to sdk-release
Change-Id: If611764effcfaa115716eb9c2863a5957e367872
diff --git a/CleanSpec.mk b/CleanSpec.mk
new file mode 100644
index 0000000..1a1f660
--- /dev/null
+++ b/CleanSpec.mk
@@ -0,0 +1,51 @@
+# Copyright (C) 2007 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# If you don't need to do a full clean build but would like to touch
+# a file or delete some intermediate files, add a clean step to the end
+# of the list. These steps will only be run once, if they haven't been
+# run before.
+#
+# E.g.:
+# $(call add-clean-step, touch -c external/sqlite/sqlite3.h)
+# $(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/STATIC_LIBRARIES/libz_intermediates)
+#
+# Always use "touch -c" and "rm -f" or "rm -rf" to gracefully deal with
+# files that are missing or have been moved.
+#
+# Use $(PRODUCT_OUT) to get to the "out/target/product/blah/" directory.
+# Use $(OUT_DIR) to refer to the "out" directory.
+#
+# If you need to re-do something that's already mentioned, just copy
+# the command and add it to the bottom of the list. E.g., if a change
+# that you made last week required touching a file and a change you
+# made today requires touching the same file, just copy the old
+# touch step and add it to the end of the list.
+#
+# *****************************************************************
+# NEWER CLEAN STEPS MUST BE AT THE END OF THE LIST ABOVE THE BANNER
+# *****************************************************************
+
+# For example:
+#$(call add-clean-step, rm -rf $(OUT_DIR)/target/common/obj/APPS/AndroidTests_intermediates)
+#$(call add-clean-step, rm -rf $(OUT_DIR)/target/common/obj/JAVA_LIBRARIES/core_intermediates)
+#$(call add-clean-step, find $(OUT_DIR) -type f -name "IGTalkSession*" -print0 | xargs -0 rm -f)
+#$(call add-clean-step, rm -rf $(PRODUCT_OUT)/data/*)
+
+$(call add-clean-step, rm -rf $(TARGET_OUT_OPTIONAL_EXECUTABLES)/sanitizer-status)
+
+# ******************************************************************
+# NEWER CLEAN STEPS MUST BE AT THE END OF THE LIST ABOVE THIS BANNER
+# ******************************************************************
diff --git a/OWNERS b/OWNERS
index ab8a4e4..96f0a09 100644
--- a/OWNERS
+++ b/OWNERS
@@ -1,5 +1,14 @@
-# Default code reviewers picked from top 3 or more developers.
-# Please update this list if you find better candidates.
-riggle@google.com
+# Code owners for various security-related things on Android.
+
+# Sanitizers
+mitchp@google.com
+eugenis@google.com
+
+# Haiku members (fuzzing-on-Android)
+hamzeh@google.com
+ispo@google.com
+kalder@google.com
+
+# ASA
olorin@google.com
danielaustin@google.com
diff --git a/example_fuzzer/Android.bp b/example_fuzzer/Android.bp
deleted file mode 100644
index 2aa4bdf..0000000
--- a/example_fuzzer/Android.bp
+++ /dev/null
@@ -1,7 +0,0 @@
-cc_fuzz {
- name: "example_fuzzer",
- srcs: [
- "example_fuzzer.cpp",
- ],
- host_supported: true,
-}
diff --git a/fuzzing/example_fuzzer/Android.bp b/fuzzing/example_fuzzer/Android.bp
new file mode 100644
index 0000000..e7c7a00
--- /dev/null
+++ b/fuzzing/example_fuzzer/Android.bp
@@ -0,0 +1,17 @@
+cc_fuzz {
+ name: "example_fuzzer",
+ srcs: [
+ "example_fuzzer.cpp",
+ ],
+ host_supported: true,
+
+ // The advanced features below allow you to package your corpus and
+ // dictionary files during building. You can find more information about
+ // these features at:
+ // - Corpus: https://llvm.org/docs/LibFuzzer.html#corpus
+ // - Dictionaries: https://llvm.org/docs/LibFuzzer.html#dictionaries
+ // These features are not required for fuzzing, but are highly recommended
+ // to gain extra coverage.
+ corpus: ["corpus/*"],
+ dictionary: "example_fuzzer.dict",
+}
diff --git a/example_fuzzer/README.md b/fuzzing/example_fuzzer/README.md
similarity index 100%
rename from example_fuzzer/README.md
rename to fuzzing/example_fuzzer/README.md
diff --git a/fuzzing/example_fuzzer/corpus/8f9f618d47e1546e24e47eb9cf9160c2b5488306 b/fuzzing/example_fuzzer/corpus/8f9f618d47e1546e24e47eb9cf9160c2b5488306
new file mode 100644
index 0000000..836cf90
--- /dev/null
+++ b/fuzzing/example_fuzzer/corpus/8f9f618d47e1546e24e47eb9cf9160c2b5488306
Binary files differ
diff --git a/fuzzing/example_fuzzer/corpus/902d246adaa6f7d743643c751884ea1d912b4950 b/fuzzing/example_fuzzer/corpus/902d246adaa6f7d743643c751884ea1d912b4950
new file mode 100644
index 0000000..a8095ae
--- /dev/null
+++ b/fuzzing/example_fuzzer/corpus/902d246adaa6f7d743643c751884ea1d912b4950
@@ -0,0 +1 @@
+8g
\ No newline at end of file
diff --git a/fuzzing/example_fuzzer/corpus/95e3b6e7c3b8a064b2ea6cf3ea31dcbb30a1fb18 b/fuzzing/example_fuzzer/corpus/95e3b6e7c3b8a064b2ea6cf3ea31dcbb30a1fb18
new file mode 100644
index 0000000..9fe685c
--- /dev/null
+++ b/fuzzing/example_fuzzer/corpus/95e3b6e7c3b8a064b2ea6cf3ea31dcbb30a1fb18
@@ -0,0 +1 @@
+Æ7g
\ No newline at end of file
diff --git a/fuzzing/example_fuzzer/corpus/bc90c2fcdc92dc9a8a791800b52027f7482eea44 b/fuzzing/example_fuzzer/corpus/bc90c2fcdc92dc9a8a791800b52027f7482eea44
new file mode 100644
index 0000000..4fd0aed
--- /dev/null
+++ b/fuzzing/example_fuzzer/corpus/bc90c2fcdc92dc9a8a791800b52027f7482eea44
@@ -0,0 +1 @@
+g44gg
diff --git a/fuzzing/example_fuzzer/corpus/c0a0ad26a634840c67a210fefdda76577b03a111 b/fuzzing/example_fuzzer/corpus/c0a0ad26a634840c67a210fefdda76577b03a111
new file mode 100644
index 0000000..2f9031f
--- /dev/null
+++ b/fuzzing/example_fuzzer/corpus/c0a0ad26a634840c67a210fefdda76577b03a111
@@ -0,0 +1 @@
+Hi!
\ No newline at end of file
diff --git a/fuzzing/example_fuzzer/corpus/c4ea21bb365bbeeaf5f2c654883e56d11e43c44e b/fuzzing/example_fuzzer/corpus/c4ea21bb365bbeeaf5f2c654883e56d11e43c44e
new file mode 100644
index 0000000..25cb955
--- /dev/null
+++ b/fuzzing/example_fuzzer/corpus/c4ea21bb365bbeeaf5f2c654883e56d11e43c44e
@@ -0,0 +1 @@
+�
\ No newline at end of file
diff --git a/fuzzing/example_fuzzer/corpus/c586fc26e9f2e97ffd7df1e780ef5782ad0a40bc b/fuzzing/example_fuzzer/corpus/c586fc26e9f2e97ffd7df1e780ef5782ad0a40bc
new file mode 100644
index 0000000..67c680d
--- /dev/null
+++ b/fuzzing/example_fuzzer/corpus/c586fc26e9f2e97ffd7df1e780ef5782ad0a40bc
@@ -0,0 +1 @@
+g8744gg
diff --git a/fuzzing/example_fuzzer/corpus/d78c4164b4f861fb55bc47e15a623b2fa49a69a8 b/fuzzing/example_fuzzer/corpus/d78c4164b4f861fb55bc47e15a623b2fa49a69a8
new file mode 100644
index 0000000..96518b0
--- /dev/null
+++ b/fuzzing/example_fuzzer/corpus/d78c4164b4f861fb55bc47e15a623b2fa49a69a8
@@ -0,0 +1 @@
+gjna8a2873g
diff --git a/example_fuzzer/example_fuzzer.cpp b/fuzzing/example_fuzzer/example_fuzzer.cpp
similarity index 100%
rename from example_fuzzer/example_fuzzer.cpp
rename to fuzzing/example_fuzzer/example_fuzzer.cpp
diff --git a/fuzzing/example_fuzzer/example_fuzzer.dict b/fuzzing/example_fuzzer/example_fuzzer.dict
new file mode 100644
index 0000000..3857b7e
--- /dev/null
+++ b/fuzzing/example_fuzzer/example_fuzzer.dict
@@ -0,0 +1,2 @@
+"H"
+"Hi"
diff --git a/fuzzing/orphans/OWNERS b/fuzzing/orphans/OWNERS
new file mode 100644
index 0000000..c7bd45b
--- /dev/null
+++ b/fuzzing/orphans/OWNERS
@@ -0,0 +1,4 @@
+hamzeh@google.com
+ispo@google.com
+kalder@google.com
+mitchp@google.com
diff --git a/fuzzing/orphans/libexif/Android.bp b/fuzzing/orphans/libexif/Android.bp
new file mode 100644
index 0000000..e68788d
--- /dev/null
+++ b/fuzzing/orphans/libexif/Android.bp
@@ -0,0 +1,10 @@
+cc_fuzz {
+ name: "libexif_fuzzer",
+ srcs: [
+ "libexif_fuzzer.cpp",
+ ],
+ shared_libs: [
+ "libexif",
+ ],
+ host_supported: false,
+}
diff --git a/fuzzing/orphans/libexif/corpus/Canon_MakerNote_variant_type_1.jpg b/fuzzing/orphans/libexif/corpus/Canon_MakerNote_variant_type_1.jpg
new file mode 100644
index 0000000..1eb37d0
--- /dev/null
+++ b/fuzzing/orphans/libexif/corpus/Canon_MakerNote_variant_type_1.jpg
Binary files differ
diff --git a/fuzzing/orphans/libexif/corpus/Fuji_MakerNote_variant_type_1.jpg b/fuzzing/orphans/libexif/corpus/Fuji_MakerNote_variant_type_1.jpg
new file mode 100644
index 0000000..75e0371
--- /dev/null
+++ b/fuzzing/orphans/libexif/corpus/Fuji_MakerNote_variant_type_1.jpg
Binary files differ
diff --git a/fuzzing/orphans/libexif/corpus/Olympus_MakerNote_variant_type_2.jpg b/fuzzing/orphans/libexif/corpus/Olympus_MakerNote_variant_type_2.jpg
new file mode 100644
index 0000000..461d613
--- /dev/null
+++ b/fuzzing/orphans/libexif/corpus/Olympus_MakerNote_variant_type_2.jpg
Binary files differ
diff --git a/fuzzing/orphans/libexif/corpus/Olympus_MakerNote_variant_type_3.jpg b/fuzzing/orphans/libexif/corpus/Olympus_MakerNote_variant_type_3.jpg
new file mode 100644
index 0000000..42498e2
--- /dev/null
+++ b/fuzzing/orphans/libexif/corpus/Olympus_MakerNote_variant_type_3.jpg
Binary files differ
diff --git a/fuzzing/orphans/libexif/corpus/Olympus_MakerNote_variant_type_4.jpg b/fuzzing/orphans/libexif/corpus/Olympus_MakerNote_variant_type_4.jpg
new file mode 100644
index 0000000..233ff78
--- /dev/null
+++ b/fuzzing/orphans/libexif/corpus/Olympus_MakerNote_variant_type_4.jpg
Binary files differ
diff --git a/fuzzing/orphans/libexif/corpus/Olympus_MakerNote_variant_type_5.jpg b/fuzzing/orphans/libexif/corpus/Olympus_MakerNote_variant_type_5.jpg
new file mode 100644
index 0000000..f083f75
--- /dev/null
+++ b/fuzzing/orphans/libexif/corpus/Olympus_MakerNote_variant_type_5.jpg
Binary files differ
diff --git a/fuzzing/orphans/libexif/corpus/Pentax_MakerNote_variant_type_2.jpg b/fuzzing/orphans/libexif/corpus/Pentax_MakerNote_variant_type_2.jpg
new file mode 100644
index 0000000..0ef0ef2
--- /dev/null
+++ b/fuzzing/orphans/libexif/corpus/Pentax_MakerNote_variant_type_2.jpg
Binary files differ
diff --git a/fuzzing/orphans/libexif/corpus/Pentax_MakerNote_variant_type_3.jpg b/fuzzing/orphans/libexif/corpus/Pentax_MakerNote_variant_type_3.jpg
new file mode 100644
index 0000000..d93b86f
--- /dev/null
+++ b/fuzzing/orphans/libexif/corpus/Pentax_MakerNote_variant_type_3.jpg
Binary files differ
diff --git a/fuzzing/orphans/libexif/corpus/Pentax_MakerNote_variant_type_4.jpg b/fuzzing/orphans/libexif/corpus/Pentax_MakerNote_variant_type_4.jpg
new file mode 100644
index 0000000..297ea1c
--- /dev/null
+++ b/fuzzing/orphans/libexif/corpus/Pentax_MakerNote_variant_type_4.jpg
Binary files differ
diff --git a/fuzzing/orphans/libexif/libexif_fuzzer.cpp b/fuzzing/orphans/libexif/libexif_fuzzer.cpp
new file mode 100644
index 0000000..c010bbe
--- /dev/null
+++ b/fuzzing/orphans/libexif/libexif_fuzzer.cpp
@@ -0,0 +1,65 @@
+#include <libexif/exif-data.h>
+#include <libexif/exif-loader.h>
+#include <stddef.h>
+#include <stdlib.h>
+
+/* Extract all MakerNote tags */
+static void mnote_dump(ExifData *data) {
+ ExifMnoteData *mn = exif_data_get_mnote_data(data);
+ if (mn) {
+ int num = exif_mnote_data_count(mn);
+
+ /* Loop through all MakerNote tags */
+ for (int i = 0; i < num; ++i) {
+ char buf[1024];
+ exif_mnote_data_get_value(mn, i, buf, sizeof(buf));
+ }
+ }
+}
+
+static void dump_value(ExifEntry *entry, void *) {
+ char buf[1024];
+ exif_entry_get_value(entry, buf, sizeof(buf));
+}
+
+static void data_func(ExifContent *content, void *) {
+ exif_content_foreach_entry(content, dump_value, NULL);
+}
+
+/* This is like exif_data_dump but without writing to stdout */
+static void data_dump(ExifData *data) {
+ exif_data_foreach_content(data, data_func, NULL);
+}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+ // Parse tags using (ultimately) exif_data_load_data()
+ auto image = exif_data_new_from_data(data, size);
+ if (image) {
+ // Exercise the EXIF tag manipulation code
+ exif_data_get_mnote_data(image);
+ data_dump(image);
+ mnote_dump(image);
+ unsigned char *buf;
+ unsigned int sz;
+ exif_data_save_data(image, &buf, &sz);
+ free(buf);
+ exif_data_fix(image);
+ exif_data_unref(image);
+ }
+
+ // Parse tags again, but using exif_loader_write(), which is a separate
+ // parser. There is no need to fuzz the parsed ExifData again, since it will
+ // be identical to what has been loaded (and fuzzed) above.
+ ExifLoader *loader = exif_loader_new();
+ if (!loader) {
+ return 0;
+ }
+ exif_loader_write(loader, const_cast<unsigned char *>(data), size);
+ image = exif_loader_get_data(loader);
+ if (image) {
+ exif_data_unref(image);
+ }
+ exif_loader_unref(loader);
+
+ return 0;
+}
diff --git a/sanitizer-status/Android.bp b/sanitizer-status/Android.bp
new file mode 100644
index 0000000..86501df
--- /dev/null
+++ b/sanitizer-status/Android.bp
@@ -0,0 +1,37 @@
+cc_defaults {
+ name: "sanitizer-status_defaults",
+
+ c_std: "c11",
+ cflags: [
+ "-Wall",
+ "-Werror",
+ "-O0",
+ ],
+}
+
+sanitizer_status_library_shared {
+ name: "libsanitizer-status",
+ defaults: ["sanitizer-status_defaults"],
+
+ srcs: ["sanitizer-status.c"],
+}
+
+cc_binary {
+ name: "sanitizer-status",
+ defaults: ["sanitizer-status_defaults"],
+
+ srcs: ["main.c"],
+ shared_libs: ["libsanitizer-status"],
+}
+
+bootstrap_go_package {
+ name: "soong-sanitizer_status",
+ pkgPath: "android/soong/security/santizers_status",
+ deps: [
+ "blueprint",
+ "soong-android",
+ "soong-cc",
+ ],
+ srcs: ["sanitizer-status.go"],
+ pluginFor: ["soong_build"],
+}
diff --git a/sanitizer-status/MODULE_LICENSE_APACHE2 b/sanitizer-status/MODULE_LICENSE_APACHE2
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/sanitizer-status/MODULE_LICENSE_APACHE2
diff --git a/sanitizer-status/NOTICE b/sanitizer-status/NOTICE
new file mode 100644
index 0000000..c5b1efa
--- /dev/null
+++ b/sanitizer-status/NOTICE
@@ -0,0 +1,190 @@
+
+ Copyright (c) 2005-2008, The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
diff --git a/sanitizer-status/main.c b/sanitizer-status/main.c
new file mode 100644
index 0000000..2186ccd
--- /dev/null
+++ b/sanitizer-status/main.c
@@ -0,0 +1,5 @@
+int sanitizer_status(int argc, char** argv);
+
+int main(int argc, char** argv) {
+ return sanitizer_status(argc, argv);
+}
diff --git a/sanitizer-status/sanitizer-status.c b/sanitizer-status/sanitizer-status.c
new file mode 100644
index 0000000..41af3f8
--- /dev/null
+++ b/sanitizer-status/sanitizer-status.c
@@ -0,0 +1,220 @@
+/*
+ * Copyright (C) 2008 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <errno.h>
+#include <error.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <limits.h>
+#include <paths.h>
+#include <pwd.h>
+#include <stdbool.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+
+// crashes if built with -fsanitize=address
+void test_crash_malloc() {
+ volatile char* heap = malloc(32);
+ heap[32] = heap[32];
+ printf("ASAN: Heap Test Failed\n");
+}
+
+// crashes if built with -fsanitize=address
+void test_crash_stack() {
+ volatile char stack[32];
+ volatile char* p_stack = stack;
+ p_stack[32] = p_stack[32];
+ printf("ASAN: Stack Test Failed\n");
+}
+
+int data_asan_exists() {
+ int fd = open("/data/asan", O_DIRECTORY | O_PATH | O_CLOEXEC, 0);
+ if(fd < 0) {
+ printf("ASAN: Missing /data/asan\n");
+ return 1;
+ }
+ close(fd);
+ return 0;
+}
+
+// crashes if built with -fsanitize=memory
+void test_msan_crash_stack() {
+ volatile int stack[10];
+ stack[5] = 0;
+ if (stack[0]) {
+ stack[0] = 1;
+ }
+ printf("MSAN: Stack Test Failed\n");
+}
+
+// crashes if built with -fsanitize=integer
+void test_integer_overflow() {
+ size_t max = (size_t)-1;
+ max++;
+ printf("UBSAN: Integer Overflow Test Failed\n");
+}
+
+// returns 0 if kcov is enabled
+int test_kcov() {
+ const char* kcov_file = "/sys/kernel/debug/kcov";
+ int fd = open(kcov_file, O_RDWR);
+ if (fd == -1) {
+ printf("KCOV: Could not open %s\n", kcov_file);
+ return 1;
+ }
+ close(fd);
+ return 0;
+}
+
+// returns 0 if kasan was compiled in
+int test_kasan() {
+ // rely on the exit status of grep to propagate
+ if (system("gzip -d < /proc/config.gz | grep CONFIG_KASAN=y >/dev/null")) {
+ printf("KASAN: CONFIG_KASAN not in /proc/config.gz\n");
+ return 1;
+ }
+ return 0;
+}
+
+// executes a test that is expected to crash
+// returns 0 if the test crashes
+int test(void (*function)()) {
+ fflush(stdout);
+
+ pid_t child = fork();
+ int status = 0;
+
+ if (child == -1) {
+ perror("fork");
+ exit(1);
+ }
+
+ if (child == 0) {
+ // Silence the ASAN report that is generated
+ close(2);
+
+ // Invoke the target function. If it does not crash, terminate the process.
+ function();
+ exit(EXIT_SUCCESS);
+ }
+
+ // Wait for the child to either crash, or exit cleanly
+ while (child == waitpid(child, &status, 0)) {
+ if (!WIFEXITED(status))
+ continue;
+ if (WEXITSTATUS(status) == EXIT_SUCCESS)
+ return 1;
+ break;
+ }
+ return 0;
+}
+
+int have_option(const char* option, const char** argv, const int argc) {
+ for (int i = 1; i < argc; i++)
+ if (!strcmp(option, argv[i]))
+ return 1;
+ return 0;
+}
+
+int sanitizer_status(int argc, const char** argv) {
+ int test_everything = 0;
+ int failures = 0;
+
+ if (argc <= 1)
+ test_everything = 1;
+
+ if (test_everything || have_option("asan", argv, argc)) {
+ int asan_failures = 0;
+
+#if !defined(ANDROID_SANITIZE_ADDRESS) && !defined(ANDROID_SANITIZE_HWADDRESS)
+ asan_failures += 1;
+ printf("ASAN: Compiler flags failed!\n");
+#endif
+
+ asan_failures += test(test_crash_malloc);
+ asan_failures += test(test_crash_stack);
+ asan_failures += data_asan_exists();
+
+ if (!asan_failures)
+ printf("ASAN: OK\n");
+
+ failures += asan_failures;
+ }
+
+ if(test_everything || have_option("cov", argv, argc)) {
+ int cov_failures = 0;
+
+#ifndef ANDROID_SANITIZE_COVERAGE
+ printf("COV: Compiler flags failed!\n");
+ cov_failures += 1;
+#endif
+
+ if (!cov_failures)
+ printf("COV: OK\n");
+
+ failures += cov_failures;
+ }
+
+ if (test_everything || have_option("msan", argv, argc)) {
+ int msan_failures = 0;
+
+ msan_failures += test(test_msan_crash_stack);
+
+ if (!msan_failures)
+ printf("MSAN: OK\n");
+
+ failures += msan_failures;
+ }
+
+ if (test_everything || have_option("kasan", argv, argc)) {
+ int kasan_failures = 0;
+
+ kasan_failures += test_kasan();
+
+ if(!kasan_failures)
+ printf("KASAN: OK\n");
+
+ failures += kasan_failures;
+ }
+
+ if (test_everything || have_option("kcov", argv, argc)) {
+ int kcov_failures = 0;
+
+ kcov_failures += test_kcov();
+
+ if (!kcov_failures)
+ printf("KCOV: OK\n");
+
+ failures += kcov_failures;
+ }
+
+ if (test_everything || have_option("ubsan", argv, argc)) {
+ int ubsan_failures = 0;
+
+ ubsan_failures += test(test_integer_overflow);
+
+ if (!ubsan_failures)
+ printf("UBSAN: OK\n");
+
+ failures += ubsan_failures;
+ }
+
+ return failures > 0 ? EXIT_FAILURE : EXIT_SUCCESS;
+}
diff --git a/sanitizer-status/sanitizer-status.go b/sanitizer-status/sanitizer-status.go
new file mode 100644
index 0000000..2c75e9f
--- /dev/null
+++ b/sanitizer-status/sanitizer-status.go
@@ -0,0 +1,39 @@
+package sanitizer_status
+
+import (
+ "android/soong/android"
+ "android/soong/cc"
+)
+
+func init() {
+ android.RegisterModuleType("sanitizer_status_library_shared",
+ libraryFactory)
+}
+
+func libraryFactory() android.Module {
+ module := cc.LibrarySharedFactory()
+ android.AddLoadHook(module, loadHook)
+ return module
+}
+
+func loadHook(ctx android.LoadHookContext) {
+ type props struct {
+ Cflags []string
+ }
+
+ p := &props{}
+
+ sanitizers := ctx.Config().SanitizeDevice()
+
+ if android.InList("address", sanitizers) {
+ p.Cflags = append(p.Cflags, "-DANDROID_SANITIZE_ADDRESS=1")
+ }
+ if android.InList("hwaddress", sanitizers) {
+ p.Cflags = append(p.Cflags, "-DANDROID_SANITIZE_HWADDRESS=1")
+ }
+ if android.InList("coverage", sanitizers) {
+ p.Cflags = append(p.Cflags, "-DANDROID_SANITIZE_COVERAGE=1")
+ }
+
+ ctx.AppendProperties(p)
+}
