From 8429adec27235fd11ab908a1982abfe484b6f407 Mon Sep 17 00:00:00 2001 From: davkor Date: Thu, 21 May 2020 20:54:26 +0100 Subject: [PATCH 1/8] Nodejs initial integration. --- projects/nodejs/Dockerfile | 25 ++++++++ projects/nodejs/build.sh | 121 +++++++++++++++++++++++++++++++++++ projects/nodejs/fuzz_url.cc | 15 +++++ projects/nodejs/project.yaml | 3 + 4 files changed, 164 insertions(+) create mode 100644 projects/nodejs/Dockerfile create mode 100755 projects/nodejs/build.sh create mode 100644 projects/nodejs/fuzz_url.cc diff --git a/projects/nodejs/Dockerfile b/projects/nodejs/Dockerfile new file mode 100644 index 000000000000..e4a3299d685f --- /dev/null +++ b/projects/nodejs/Dockerfile @@ -0,0 +1,25 @@ +# Copyright 2020 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM gcr.io/oss-fuzz-base/base-builder +MAINTAINER david@adalogics.com +RUN apt-get update && apt-get install -y make +RUN apt-get install -y flex bison build-essential +RUN git clone --recursive --depth 1 https://github.com/nodejs/node +WORKDIR $SRC +COPY build.sh $SRC/ + +COPY fuzz_url.cc $SRC/ diff --git a/projects/nodejs/build.sh b/projects/nodejs/build.sh new file mode 100755 index 000000000000..f8cb67803803 --- /dev/null +++ b/projects/nodejs/build.sh @@ -0,0 +1,121 @@ +cd node + +# Step 1) build all dependencies with non-fuzzer flags. +# Afterwards we will build the specific nodejs core using the +# correct fuzzer flags. +# Save original flags +ORIG_CFLAGS=$CFLAGS +ORIG_CXXFLAGS=$CXXFLAGS + +export CXXFLAGS="-stdlib=libc++" +export CFLAGS="" +export LDFLAGS="-stdlib=libc++" +export LD="clang++" +./configure +make -j4 + +export CXXFLAGS=${ORIG_CXXFLAGS} +export CFLAGS=${ORIG_CFLAGS} + +# Step 2) build libnode with correct fuzzer flags +CMDS='-DV8_DEPRECATION_WARNINGS ' +CMDS+='-DV8_IMMINENT_DEPRECATION_WARNINGS ' +CMDS+='-D__STDC_FORMAT_MACROS ' +CMDS+='-DOPENSSL_NO_PINSHARED ' +CMDS+='-DOPENSSL_THREADS ' +CMDS+='-DNODE_ARCH="x64" ' +CMDS+='-DNODE_PLATFORM="linux" ' +CMDS+='-DNODE_WANT_INTERNALS=1 ' +CMDS+='-DHAVE_OPENSSL=1 ' +CMDS+='-DHAVE_INSPECTOR=1 ' +CMDS+='-D__POSIX__ ' +CMDS+='-DNODE_HAVE_I18N_SUPPORT=1 ' + +# Include flags +INCLUDES='-I../src ' +INCLUDES+='-I../tools/msvs/genfiles ' +INCLUDES+='-I../deps/v8/include ' +INCLUDES+='-I../deps/cares/include ' +INCLUDES+='-I../deps/uv/include ' +INCLUDES+='-I../deps/uvwasi/include ' +INCLUDES+='-I../test/cctest ' +INCLUDES+='-I../deps/histogram/src ' +INCLUDES+='-I../deps/icu-small/source/i18n ' +INCLUDES+='-I../deps/icu-small/source/common ' +INCLUDES+='-I../deps/zlib ' +INCLUDES+='-I../deps/llhttp/include ' +INCLUDES+='-I../deps/nghttp2/lib/includes ' +INCLUDES+='-I../deps/brotli/c/include ' +INCLUDES+='-I../deps/openssl/openssl/include' + +cd $SRC/node/src +for target in *cc; +do + fname=${target:0:-3} + clang++ ${CXXFLAGS} -o $fname.o $fname.cc $CMDS $INCLUDES -pthread -fno-omit-frame-pointer -fno-rtti -fno-exceptions -std=gnu++1y -MMD -c || true + if test -f $fname.o; then + echo "Moving $fname" + mv $fname.o ../out/Release/obj.target/libnode/src/$fname.o + fi; +done + +# Create the static archive +cd ../out/Release/obj.target +rm -f ./libnode.a + +complete_libs="" +for target in ./libnode/src/api/*.o ./libnode/src/*.o ./libnode/gen/*.o ./libnode/src/large_pages/*.o ./libnode/src/inspector/*.o ./libnode/gen/src/node/inspector/protocol/*.o ./libnode/src/tracing/*.o +do + complete_libs="$complete_libs $target" +done +ar crsT ./libnode.a $complete_libs + + +# Step 3, compile and link the fuzzers +cd $SRC/node/src +mkdir fuzzers +cp ../../fuzz_url.cc ./fuzzers/ + +# Compile the fuzzer +clang++ -o fuzzers/fuzz_url.o fuzzers/fuzz_url.cc $CXXFLAGS $CMDS $INCLUDES -pthread -fno-omit-frame-pointer -fno-rtti -fno-exceptions -std=gnu++1y -MMD -c + + +# Link the fuzzer +cd $SRC/node/out + +GROUP_ARCHIVES="Release/obj.target/cctest/src/node_snapshot_stub.o " +GROUP_ARCHIVES+="Release/obj.target/cctest/src/node_code_cache_stub.o " +GROUP_ARCHIVES+="../src/fuzzers/fuzz_url.o " +GROUP_ARCHIVES+="Release/obj.target/libnode.a " +GROUP_ARCHIVES+="Release/obj.target/deps/histogram/libhistogram.a " +GROUP_ARCHIVES+="Release/obj.target/deps/uvwasi/libuvwasi.a " +GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_snapshot.a " +GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_libplatform.a " +GROUP_ARCHIVES+="Release/obj.target/tools/icu/libicui18n.a " +GROUP_ARCHIVES+="Release/obj.target/deps/zlib/libzlib.a " +GROUP_ARCHIVES+="Release/obj.target/deps/llhttp/libllhttp.a " +GROUP_ARCHIVES+="Release/obj.target/deps/cares/libcares.a " +GROUP_ARCHIVES+="Release/obj.target/deps/uv/libuv.a " +GROUP_ARCHIVES+="Release/obj.target/deps/nghttp2/libnghttp2.a " +GROUP_ARCHIVES+="Release/obj.target/deps/brotli/libbrotli.a " +GROUP_ARCHIVES+="Release/obj.target/deps/openssl/libopenssl.a " +GROUP_ARCHIVES+="Release/obj.target/tools/icu/libicuucx.a " +GROUP_ARCHIVES+="Release/obj.target/tools/icu/libicudata.a " +GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_base_without_compiler.a " +GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_libbase.a " +GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_libsampler.a " +GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_zlib.a " +GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_compiler.a " +GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_initializers.a" + +clang++ -o Release/fuzz_url $LIB_FUZZING_ENGINE $CXXFLAGS -rdynamic \ + -Wl,--whole-archive \ + Release/obj.target/deps/zlib/libzlib.a \ + Release/obj.target/deps/uv/libuv.a \ + Release/obj.target/tools/v8_gypfiles/libv8_snapshot.a \ + Release/obj.target/deps/openssl/libopenssl.a \ + -Wl,-z,noexecstack,-z,relro,-z,now \ + -Wl,--no-whole-archive -pthread \ + -Wl,--start-group $GROUP_ARCHIVES -latomic -lm -ldl -Wl,--end-group + +cp Release/fuzz_url $OUT/fuzz_url diff --git a/projects/nodejs/fuzz_url.cc b/projects/nodejs/fuzz_url.cc new file mode 100644 index 000000000000..630b3b1386a3 --- /dev/null +++ b/projects/nodejs/fuzz_url.cc @@ -0,0 +1,15 @@ +#include + +#include "env-inl.h" +#include "node_crypto.h" +#include "node_crypto_common.h" +#include "node.h" +#include "node_internals.h" +#include "node_url.h" +#include "string_bytes.h" + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + node::url::URL url2((char*)data, size); + + return 0; +} diff --git a/projects/nodejs/project.yaml b/projects/nodejs/project.yaml index 80ca11e74f26..343a90391a27 100644 --- a/projects/nodejs/project.yaml +++ b/projects/nodejs/project.yaml @@ -1,2 +1,5 @@ homepage: "https://nodejs.org" primary_contact: "security@nodejs.org" +language: c++ +auto_ccs: + - "david@adalogics.com" From 40e3ac10a99ba2e34c131d9752a93664921ccc25 Mon Sep 17 00:00:00 2001 From: davkor Date: Thu, 21 May 2020 21:07:06 +0100 Subject: [PATCH 2/8] Added headers to fix Travis. --- projects/nodejs/build.sh | 16 ++++++++++++++++ projects/nodejs/fuzz_url.cc | 14 ++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/projects/nodejs/build.sh b/projects/nodejs/build.sh index f8cb67803803..d6524073de63 100755 --- a/projects/nodejs/build.sh +++ b/projects/nodejs/build.sh @@ -1,3 +1,19 @@ +#!/bin/bash -eu +# Copyright 2020 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ cd node # Step 1) build all dependencies with non-fuzzer flags. diff --git a/projects/nodejs/fuzz_url.cc b/projects/nodejs/fuzz_url.cc index 630b3b1386a3..24f5a904cd4a 100644 --- a/projects/nodejs/fuzz_url.cc +++ b/projects/nodejs/fuzz_url.cc @@ -1,3 +1,17 @@ +/* Copyright 2020 Google Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ #include #include "env-inl.h" From fd19b0761e1180f1282a71df010ce9e1fd1acc18 Mon Sep 17 00:00:00 2001 From: davkor Date: Sun, 7 Jun 2020 01:15:48 +0100 Subject: [PATCH 3/8] A lot of simplifications to build script. LDFLAGS is the key here. --- projects/nodejs/build.sh | 145 ++++++++---------------------------- projects/nodejs/fuzz_url.cc | 4 - 2 files changed, 31 insertions(+), 118 deletions(-) diff --git a/projects/nodejs/build.sh b/projects/nodejs/build.sh index d6524073de63..91748897c012 100755 --- a/projects/nodejs/build.sh +++ b/projects/nodejs/build.sh @@ -16,122 +16,39 @@ ################################################################################ cd node -# Step 1) build all dependencies with non-fuzzer flags. -# Afterwards we will build the specific nodejs core using the -# correct fuzzer flags. -# Save original flags -ORIG_CFLAGS=$CFLAGS -ORIG_CXXFLAGS=$CXXFLAGS - -export CXXFLAGS="-stdlib=libc++" -export CFLAGS="" -export LDFLAGS="-stdlib=libc++" +export LDFLAGS="-fsanitize=fuzzer-no-link -stdlib=libc++ -fsanitize=address" export LD="clang++" + ./configure make -j4 -export CXXFLAGS=${ORIG_CXXFLAGS} -export CFLAGS=${ORIG_CFLAGS} - -# Step 2) build libnode with correct fuzzer flags -CMDS='-DV8_DEPRECATION_WARNINGS ' -CMDS+='-DV8_IMMINENT_DEPRECATION_WARNINGS ' -CMDS+='-D__STDC_FORMAT_MACROS ' -CMDS+='-DOPENSSL_NO_PINSHARED ' -CMDS+='-DOPENSSL_THREADS ' -CMDS+='-DNODE_ARCH="x64" ' -CMDS+='-DNODE_PLATFORM="linux" ' -CMDS+='-DNODE_WANT_INTERNALS=1 ' -CMDS+='-DHAVE_OPENSSL=1 ' -CMDS+='-DHAVE_INSPECTOR=1 ' -CMDS+='-D__POSIX__ ' -CMDS+='-DNODE_HAVE_I18N_SUPPORT=1 ' - -# Include flags -INCLUDES='-I../src ' -INCLUDES+='-I../tools/msvs/genfiles ' -INCLUDES+='-I../deps/v8/include ' -INCLUDES+='-I../deps/cares/include ' -INCLUDES+='-I../deps/uv/include ' -INCLUDES+='-I../deps/uvwasi/include ' -INCLUDES+='-I../test/cctest ' -INCLUDES+='-I../deps/histogram/src ' -INCLUDES+='-I../deps/icu-small/source/i18n ' -INCLUDES+='-I../deps/icu-small/source/common ' -INCLUDES+='-I../deps/zlib ' -INCLUDES+='-I../deps/llhttp/include ' -INCLUDES+='-I../deps/nghttp2/lib/includes ' -INCLUDES+='-I../deps/brotli/c/include ' -INCLUDES+='-I../deps/openssl/openssl/include' - -cd $SRC/node/src -for target in *cc; -do - fname=${target:0:-3} - clang++ ${CXXFLAGS} -o $fname.o $fname.cc $CMDS $INCLUDES -pthread -fno-omit-frame-pointer -fno-rtti -fno-exceptions -std=gnu++1y -MMD -c || true - if test -f $fname.o; then - echo "Moving $fname" - mv $fname.o ../out/Release/obj.target/libnode/src/$fname.o - fi; -done - -# Create the static archive -cd ../out/Release/obj.target -rm -f ./libnode.a - -complete_libs="" -for target in ./libnode/src/api/*.o ./libnode/src/*.o ./libnode/gen/*.o ./libnode/src/large_pages/*.o ./libnode/src/inspector/*.o ./libnode/gen/src/node/inspector/protocol/*.o ./libnode/src/tracing/*.o -do - complete_libs="$complete_libs $target" -done -ar crsT ./libnode.a $complete_libs - - -# Step 3, compile and link the fuzzers -cd $SRC/node/src +# Build the fuzzer +cd src mkdir fuzzers -cp ../../fuzz_url.cc ./fuzzers/ - -# Compile the fuzzer -clang++ -o fuzzers/fuzz_url.o fuzzers/fuzz_url.cc $CXXFLAGS $CMDS $INCLUDES -pthread -fno-omit-frame-pointer -fno-rtti -fno-exceptions -std=gnu++1y -MMD -c - - -# Link the fuzzer -cd $SRC/node/out - -GROUP_ARCHIVES="Release/obj.target/cctest/src/node_snapshot_stub.o " -GROUP_ARCHIVES+="Release/obj.target/cctest/src/node_code_cache_stub.o " -GROUP_ARCHIVES+="../src/fuzzers/fuzz_url.o " -GROUP_ARCHIVES+="Release/obj.target/libnode.a " -GROUP_ARCHIVES+="Release/obj.target/deps/histogram/libhistogram.a " -GROUP_ARCHIVES+="Release/obj.target/deps/uvwasi/libuvwasi.a " -GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_snapshot.a " -GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_libplatform.a " -GROUP_ARCHIVES+="Release/obj.target/tools/icu/libicui18n.a " -GROUP_ARCHIVES+="Release/obj.target/deps/zlib/libzlib.a " -GROUP_ARCHIVES+="Release/obj.target/deps/llhttp/libllhttp.a " -GROUP_ARCHIVES+="Release/obj.target/deps/cares/libcares.a " -GROUP_ARCHIVES+="Release/obj.target/deps/uv/libuv.a " -GROUP_ARCHIVES+="Release/obj.target/deps/nghttp2/libnghttp2.a " -GROUP_ARCHIVES+="Release/obj.target/deps/brotli/libbrotli.a " -GROUP_ARCHIVES+="Release/obj.target/deps/openssl/libopenssl.a " -GROUP_ARCHIVES+="Release/obj.target/tools/icu/libicuucx.a " -GROUP_ARCHIVES+="Release/obj.target/tools/icu/libicudata.a " -GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_base_without_compiler.a " -GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_libbase.a " -GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_libsampler.a " -GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_zlib.a " -GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_compiler.a " -GROUP_ARCHIVES+="Release/obj.target/tools/v8_gypfiles/libv8_initializers.a" - -clang++ -o Release/fuzz_url $LIB_FUZZING_ENGINE $CXXFLAGS -rdynamic \ - -Wl,--whole-archive \ - Release/obj.target/deps/zlib/libzlib.a \ - Release/obj.target/deps/uv/libuv.a \ - Release/obj.target/tools/v8_gypfiles/libv8_snapshot.a \ - Release/obj.target/deps/openssl/libopenssl.a \ - -Wl,-z,noexecstack,-z,relro,-z,now \ - -Wl,--no-whole-archive -pthread \ - -Wl,--start-group $GROUP_ARCHIVES -latomic -lm -ldl -Wl,--end-group - -cp Release/fuzz_url $OUT/fuzz_url +cp /src/fuzz_url.cc ./fuzzers/ + +# Give the proper settings +CMDS="-DV8_DEPRECATION_WARNINGS -DV8_IMMINENT_DEPRECATION_WARNINGS \ + -D__STDC_FORMAT_MACROS -DOPENSSL_NO_PINSHARED -DOPENSSL_THREADS \ + -DNODE_ARCH=\"x64\" -DNODE_PLATFORM=\"linux\" -DNODE_WANT_INTERNALS=1 \ + -DHAVE_OPENSSL=1 -DHAVE_INSPECTOR=1 -D__POSIX__ -DNODE_HAVE_I18N_SUPPORT=1" + +# Includes +INCLUDES="-I./ -I../deps/v8/include \ + -I../deps/uv/include -I../deps/openssl/openssl/include" + +clang++ -o fuzzers/fuzz_url.o fuzzers/fuzz_url.cc $CXXFLAGS $CMDS $INCLUDES \ + -pthread -fno-omit-frame-pointer -fno-rtti -fno-exceptions -std=gnu++1y -MMD -c + +cd /src/node/out +rm -rf ./library_files && mkdir library_files +find . -name "*.a" -exec cp {} ./library_files/ \; +rm ./library_files/libicutools.a + +clang++ -o $OUT/fuzz_url $LIB_FUZZING_ENGINE $CXXFLAGS \ + -rdynamic -Wl,-z,noexecstack,-z,relro,-z,now \ + -pthread -Wl,--start-group \ + ./Release/obj.target/cctest/src/node_snapshot_stub.o \ + ./Release/obj.target/cctest/src/node_code_cache_stub.o \ + ../src/fuzzers/fuzz_url.o ./library_files/*.a \ + -latomic -lm -ldl -Wl,--end-group diff --git a/projects/nodejs/fuzz_url.cc b/projects/nodejs/fuzz_url.cc index 24f5a904cd4a..1c07fac3f09a 100644 --- a/projects/nodejs/fuzz_url.cc +++ b/projects/nodejs/fuzz_url.cc @@ -14,13 +14,9 @@ limitations under the License. */ #include -#include "env-inl.h" -#include "node_crypto.h" -#include "node_crypto_common.h" #include "node.h" #include "node_internals.h" #include "node_url.h" -#include "string_bytes.h" extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { node::url::URL url2((char*)data, size); From 939f015a123005c0f79904e3d950f3cd1c498ee2 Mon Sep 17 00:00:00 2001 From: davkor Date: Sun, 7 Jun 2020 11:48:17 +0100 Subject: [PATCH 4/8] More simplifications to build script. --- projects/nodejs/build.sh | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/projects/nodejs/build.sh b/projects/nodejs/build.sh index 91748897c012..29c641593956 100755 --- a/projects/nodejs/build.sh +++ b/projects/nodejs/build.sh @@ -19,23 +19,20 @@ cd node export LDFLAGS="-fsanitize=fuzzer-no-link -stdlib=libc++ -fsanitize=address" export LD="clang++" -./configure +./configure --without-intl --without-node-code-cache --without-dtrace --without-snapshot --without-ssl make -j4 # Build the fuzzer cd src -mkdir fuzzers +rm -rf ./fuzzers && mkdir fuzzers cp /src/fuzz_url.cc ./fuzzers/ -# Give the proper settings -CMDS="-DV8_DEPRECATION_WARNINGS -DV8_IMMINENT_DEPRECATION_WARNINGS \ - -D__STDC_FORMAT_MACROS -DOPENSSL_NO_PINSHARED -DOPENSSL_THREADS \ - -DNODE_ARCH=\"x64\" -DNODE_PLATFORM=\"linux\" -DNODE_WANT_INTERNALS=1 \ - -DHAVE_OPENSSL=1 -DHAVE_INSPECTOR=1 -D__POSIX__ -DNODE_HAVE_I18N_SUPPORT=1" +# Compilation settings +CMDS="-D__STDC_FORMAT_MACROS -D__POSIX__ -DNODE_HAVE_I18N_SUPPORT=1 \ + -DNODE_ARCH=\"x64\" -DNODE_PLATFORM=\"linux\" -DNODE_WANT_INTERNALS=1" # Includes -INCLUDES="-I./ -I../deps/v8/include \ - -I../deps/uv/include -I../deps/openssl/openssl/include" +INCLUDES="-I./ -I../deps/v8/include -I../deps/uv/include" clang++ -o fuzzers/fuzz_url.o fuzzers/fuzz_url.cc $CXXFLAGS $CMDS $INCLUDES \ -pthread -fno-omit-frame-pointer -fno-rtti -fno-exceptions -std=gnu++1y -MMD -c @@ -43,7 +40,6 @@ clang++ -o fuzzers/fuzz_url.o fuzzers/fuzz_url.cc $CXXFLAGS $CMDS $INCLUDES \ cd /src/node/out rm -rf ./library_files && mkdir library_files find . -name "*.a" -exec cp {} ./library_files/ \; -rm ./library_files/libicutools.a clang++ -o $OUT/fuzz_url $LIB_FUZZING_ENGINE $CXXFLAGS \ -rdynamic -Wl,-z,noexecstack,-z,relro,-z,now \ @@ -52,3 +48,4 @@ clang++ -o $OUT/fuzz_url $LIB_FUZZING_ENGINE $CXXFLAGS \ ./Release/obj.target/cctest/src/node_code_cache_stub.o \ ../src/fuzzers/fuzz_url.o ./library_files/*.a \ -latomic -lm -ldl -Wl,--end-group + From ac40fd56b822a742c22d5adeec2e1b859ac569e2 Mon Sep 17 00:00:00 2001 From: davkor Date: Sun, 7 Jun 2020 12:58:20 +0100 Subject: [PATCH 5/8] Fix Travis. --- projects/nodejs/build.sh | 4 ++-- projects/nodejs/project.yaml | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/projects/nodejs/build.sh b/projects/nodejs/build.sh index 29c641593956..228d157eb7f3 100755 --- a/projects/nodejs/build.sh +++ b/projects/nodejs/build.sh @@ -34,14 +34,14 @@ CMDS="-D__STDC_FORMAT_MACROS -D__POSIX__ -DNODE_HAVE_I18N_SUPPORT=1 \ # Includes INCLUDES="-I./ -I../deps/v8/include -I../deps/uv/include" -clang++ -o fuzzers/fuzz_url.o fuzzers/fuzz_url.cc $CXXFLAGS $CMDS $INCLUDES \ +$CXX -o fuzzers/fuzz_url.o fuzzers/fuzz_url.cc $CXXFLAGS $CMDS $INCLUDES \ -pthread -fno-omit-frame-pointer -fno-rtti -fno-exceptions -std=gnu++1y -MMD -c cd /src/node/out rm -rf ./library_files && mkdir library_files find . -name "*.a" -exec cp {} ./library_files/ \; -clang++ -o $OUT/fuzz_url $LIB_FUZZING_ENGINE $CXXFLAGS \ +$CXX -o $OUT/fuzz_url $LIB_FUZZING_ENGINE $CXXFLAGS \ -rdynamic -Wl,-z,noexecstack,-z,relro,-z,now \ -pthread -Wl,--start-group \ ./Release/obj.target/cctest/src/node_snapshot_stub.o \ diff --git a/projects/nodejs/project.yaml b/projects/nodejs/project.yaml index 343a90391a27..bded5808d868 100644 --- a/projects/nodejs/project.yaml +++ b/projects/nodejs/project.yaml @@ -1,5 +1,8 @@ homepage: "https://nodejs.org" primary_contact: "security@nodejs.org" language: c++ +sanitizers: + - address + - memory auto_ccs: - "david@adalogics.com" From 3e52e5bee4e93e606054f1a18f0721f0bf42f1c7 Mon Sep 17 00:00:00 2001 From: davkor Date: Sun, 7 Jun 2020 13:13:09 +0100 Subject: [PATCH 6/8] Remove msan. --- projects/nodejs/project.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/projects/nodejs/project.yaml b/projects/nodejs/project.yaml index bded5808d868..e6173dbab65c 100644 --- a/projects/nodejs/project.yaml +++ b/projects/nodejs/project.yaml @@ -3,6 +3,5 @@ primary_contact: "security@nodejs.org" language: c++ sanitizers: - address - - memory auto_ccs: - "david@adalogics.com" From c3417d9b3635b0765d1b8aec5932df999edf3f03 Mon Sep 17 00:00:00 2001 From: davkor Date: Sun, 7 Jun 2020 15:57:03 +0100 Subject: [PATCH 7/8] Generalise and simplify build script. --- projects/nodejs/build.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/projects/nodejs/build.sh b/projects/nodejs/build.sh index 228d157eb7f3..d653e8d44c97 100755 --- a/projects/nodejs/build.sh +++ b/projects/nodejs/build.sh @@ -16,8 +16,8 @@ ################################################################################ cd node -export LDFLAGS="-fsanitize=fuzzer-no-link -stdlib=libc++ -fsanitize=address" -export LD="clang++" +export LDFLAGS="$CXXFLAGS" +export LD="$CXX" ./configure --without-intl --without-node-code-cache --without-dtrace --without-snapshot --without-ssl make -j4 From f030d2314da9bad7db408b83ec56fbd421dc2e50 Mon Sep 17 00:00:00 2001 From: davkor Date: Sun, 7 Jun 2020 19:54:45 +0100 Subject: [PATCH 8/8] utilise all cores and a bit nicer structure in build. --- projects/nodejs/build.sh | 31 +++++++++++++------------------ 1 file changed, 13 insertions(+), 18 deletions(-) diff --git a/projects/nodejs/build.sh b/projects/nodejs/build.sh index d653e8d44c97..075ebb64e06f 100755 --- a/projects/nodejs/build.sh +++ b/projects/nodejs/build.sh @@ -14,38 +14,33 @@ # limitations under the License. # ################################################################################ -cd node +cd $SRC/node +# Build node export LDFLAGS="$CXXFLAGS" export LD="$CXX" - ./configure --without-intl --without-node-code-cache --without-dtrace --without-snapshot --without-ssl -make -j4 +make -j$(nproc) -# Build the fuzzer -cd src -rm -rf ./fuzzers && mkdir fuzzers -cp /src/fuzz_url.cc ./fuzzers/ +# Gather static libraries +cd $SRC/node/out +rm -rf ./library_files && mkdir library_files +find . -name "*.a" -exec cp {} ./library_files/ \; -# Compilation settings +# Build the fuzzers CMDS="-D__STDC_FORMAT_MACROS -D__POSIX__ -DNODE_HAVE_I18N_SUPPORT=1 \ -DNODE_ARCH=\"x64\" -DNODE_PLATFORM=\"linux\" -DNODE_WANT_INTERNALS=1" +INCLUDES="-I../src -I../deps/v8/include -I../deps/uv/include" -# Includes -INCLUDES="-I./ -I../deps/v8/include -I../deps/uv/include" - -$CXX -o fuzzers/fuzz_url.o fuzzers/fuzz_url.cc $CXXFLAGS $CMDS $INCLUDES \ +# Compilation +$CXX -o fuzz_url.o $SRC/fuzz_url.cc $CXXFLAGS $CMDS $INCLUDES \ -pthread -fno-omit-frame-pointer -fno-rtti -fno-exceptions -std=gnu++1y -MMD -c -cd /src/node/out -rm -rf ./library_files && mkdir library_files -find . -name "*.a" -exec cp {} ./library_files/ \; - +# Linking $CXX -o $OUT/fuzz_url $LIB_FUZZING_ENGINE $CXXFLAGS \ -rdynamic -Wl,-z,noexecstack,-z,relro,-z,now \ -pthread -Wl,--start-group \ ./Release/obj.target/cctest/src/node_snapshot_stub.o \ ./Release/obj.target/cctest/src/node_code_cache_stub.o \ - ../src/fuzzers/fuzz_url.o ./library_files/*.a \ + fuzz_url.o ./library_files/*.a \ -latomic -lm -ldl -Wl,--end-group -