diff --git a/projects/nss/Dockerfile b/projects/nss/Dockerfile index 5b2976ffe1ee..f494a9b5c3ab 100644 --- a/projects/nss/Dockerfile +++ b/projects/nss/Dockerfile @@ -16,11 +16,11 @@ FROM ossfuzz/base-builder MAINTAINER mmoroz@chromium.org -RUN apt-get install -y make autoconf automake libtool mercurial zlib1g-dev +RUN apt-get install -y make mercurial zlib1g-dev gyp ninja-build libssl-dev RUN hg clone https://hg.mozilla.org/projects/nspr nspr RUN hg clone https://hg.mozilla.org/projects/nss nss RUN git clone --depth 1 https://github.com/mozilla/nss-fuzzing-corpus.git nss-corpus WORKDIR nss -COPY build.sh fuzzers/* $SRC/ +COPY build.sh $SRC/ diff --git a/projects/nss/build.sh b/projects/nss/build.sh index 6a35c478953f..98024b1dc4f7 100755 --- a/projects/nss/build.sh +++ b/projects/nss/build.sh @@ -15,54 +15,6 @@ # ################################################################################ -# Build the library. -make CCC="$CXX" XCFLAGS="$CXXFLAGS" SANITIZER_CFLAGS="$CXXFLAGS" \ - BUILD_OPT=1 USE_64=1 NSS_DISABLE_GTESTS=1 ZDEFS_FLAG= \ - nss_clean_all nss_build_all -cd .. -# Copy libraries and some objects to $WORK/nss/lib. -mkdir -p $WORK/nss/lib -cp dist/Linux*/lib/*.a $WORK/nss/lib -cp nspr/Linux*/pr/src/misc/prlog2.o $WORK/nss/lib - -# Copy includes to $WORK/nss/include. -mkdir -p $WORK/nss/include -cp -rL dist/Linux*/include/* $WORK/nss/include -cp -rL dist/{public,private}/nss/* $WORK/nss/include - - -# Build the fuzzers. -FUZZERS="asn1_algorithmid_fuzzer \ - asn1_any_fuzzer \ - asn1_bitstring_fuzzer \ - asn1_bmpstring_fuzzer \ - asn1_boolean_fuzzer \ - asn1_generalizedtime_fuzzer \ - asn1_ia5string_fuzzer \ - asn1_integer_fuzzer \ - asn1_null_fuzzer \ - asn1_objectid_fuzzer \ - asn1_octetstring_fuzzer \ - asn1_utctime_fuzzer \ - asn1_utf8string_fuzzer" - -# The following fuzzers are currently disabled due to linking issues: -# cert_certificate_fuzzer, seckey_privatekeyinfo_fuzzer - - -for fuzzer in $FUZZERS; do - $CXX $CXXFLAGS -std=c++11 $SRC/$fuzzer.cc \ - -I$WORK/nss/include \ - -lFuzzingEngine \ - $WORK/nss/lib/libnss.a $WORK/nss/lib/libnssutil.a \ - $WORK/nss/lib/libnspr4.a $WORK/nss/lib/libplc4.a $WORK/nss/lib/libplds4.a \ - $WORK/nss/lib/prlog2.o -o $OUT/$fuzzer -done - -# Archive and copy to $OUT seed corpus if the build succeeded. -zip $WORK/nss/all_nss_seed_corpus.zip $SRC/nss-corpus/*/* - -for fuzzer in $FUZZERS; do - cp $WORK/nss/all_nss_seed_corpus.zip $OUT/${fuzzer}_seed_corpus.zip -done +# Build NSS with fuzzers. +./automation/ossfuzz/build.sh diff --git a/projects/nss/fuzzers/asn1_algorithmid_fuzzer.cc b/projects/nss/fuzzers/asn1_algorithmid_fuzzer.cc deleted file mode 100644 index ec24418417e7..000000000000 --- a/projects/nss/fuzzers/asn1_algorithmid_fuzzer.cc +++ /dev/null @@ -1,19 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include -#include -#include - -#include "asn1_fuzzer_template.h" - -// Entry point for LibFuzzer. -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - NSSFuzzOneInput( - SEC_ASN1_GET(SECOID_AlgorithmIDTemplate), data, size); - NSSFuzzOneInput( - SEC_ASN1_GET(SECOID_AlgorithmIDTemplate), data, size); - - return 0; -} diff --git a/projects/nss/fuzzers/asn1_any_fuzzer.cc b/projects/nss/fuzzers/asn1_any_fuzzer.cc deleted file mode 100644 index 06a0c090f323..000000000000 --- a/projects/nss/fuzzers/asn1_any_fuzzer.cc +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include -#include - -#include "asn1_fuzzer_template.h" - -// Entry point for LibFuzzer. -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_AnyTemplate), data, size); - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_AnyTemplate), data, size); - - return 0; -} diff --git a/projects/nss/fuzzers/asn1_bitstring_fuzzer.cc b/projects/nss/fuzzers/asn1_bitstring_fuzzer.cc deleted file mode 100644 index 26543c103087..000000000000 --- a/projects/nss/fuzzers/asn1_bitstring_fuzzer.cc +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include -#include - -#include "asn1_fuzzer_template.h" - -// Entry point for LibFuzzer. -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_BitStringTemplate), data, size); - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_BitStringTemplate), data, size); - - return 0; -} diff --git a/projects/nss/fuzzers/asn1_bmpstring_fuzzer.cc b/projects/nss/fuzzers/asn1_bmpstring_fuzzer.cc deleted file mode 100644 index a37764091f55..000000000000 --- a/projects/nss/fuzzers/asn1_bmpstring_fuzzer.cc +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include -#include - -#include "asn1_fuzzer_template.h" - -// Entry point for LibFuzzer. -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_BMPStringTemplate), data, size); - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_BMPStringTemplate), data, size); - - return 0; -} diff --git a/projects/nss/fuzzers/asn1_boolean_fuzzer.cc b/projects/nss/fuzzers/asn1_boolean_fuzzer.cc deleted file mode 100644 index 6e178ee02b56..000000000000 --- a/projects/nss/fuzzers/asn1_boolean_fuzzer.cc +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include -#include - -#include "asn1_fuzzer_template.h" - -// Entry point for LibFuzzer. -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_BooleanTemplate), data, size); - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_BooleanTemplate), data, size); - - return 0; -} diff --git a/projects/nss/fuzzers/asn1_fuzzer_template.h b/projects/nss/fuzzers/asn1_fuzzer_template.h deleted file mode 100644 index 416b707ec48d..000000000000 --- a/projects/nss/fuzzers/asn1_fuzzer_template.h +++ /dev/null @@ -1,45 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#ifndef ASN1_FUZZER_TEMPLATE_H_ -#define ASN1_FUZZER_TEMPLATE_H_ - -#include -#include -#include -#include -#include -#include -#include -#include - -template -void NSSFuzzOneInput(const SEC_ASN1Template* the_template, - const uint8_t* data, - size_t size) { - DestinationType* destination = new DestinationType(); - memset(destination, 0, sizeof(DestinationType)); - - PLArenaPool* arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (!arena) { - delete destination; - return; - } - - SECItem source; - source.type = siBuffer; - source.data = static_cast(const_cast(data)); - source.len = static_cast(size); - - DecodeFunction(arena, destination, the_template, &source); - - PORT_FreeArena(arena, PR_FALSE); - delete destination; -} - -#endif // ASN1_FUZZER_TEMPLATE_H_ diff --git a/projects/nss/fuzzers/asn1_generalizedtime_fuzzer.cc b/projects/nss/fuzzers/asn1_generalizedtime_fuzzer.cc deleted file mode 100644 index 1faf586f3627..000000000000 --- a/projects/nss/fuzzers/asn1_generalizedtime_fuzzer.cc +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include -#include - -#include "asn1_fuzzer_template.h" - -// Entry point for LibFuzzer. -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_GeneralizedTimeTemplate), data, size); - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_GeneralizedTimeTemplate), data, size); - - return 0; -} diff --git a/projects/nss/fuzzers/asn1_ia5string_fuzzer.cc b/projects/nss/fuzzers/asn1_ia5string_fuzzer.cc deleted file mode 100644 index 2a33255a8934..000000000000 --- a/projects/nss/fuzzers/asn1_ia5string_fuzzer.cc +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include -#include - -#include "asn1_fuzzer_template.h" - -// Entry point for LibFuzzer. -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_IA5StringTemplate), data, size); - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_IA5StringTemplate), data, size); - - return 0; -} diff --git a/projects/nss/fuzzers/asn1_integer_fuzzer.cc b/projects/nss/fuzzers/asn1_integer_fuzzer.cc deleted file mode 100644 index 4e08fec0c9f2..000000000000 --- a/projects/nss/fuzzers/asn1_integer_fuzzer.cc +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include -#include - -#include "asn1_fuzzer_template.h" - -// Entry point for LibFuzzer. -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_IntegerTemplate), data, size); - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_IntegerTemplate), data, size); - - return 0; -} diff --git a/projects/nss/fuzzers/asn1_null_fuzzer.cc b/projects/nss/fuzzers/asn1_null_fuzzer.cc deleted file mode 100644 index 4af7afb7e7f0..000000000000 --- a/projects/nss/fuzzers/asn1_null_fuzzer.cc +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include -#include - -#include "asn1_fuzzer_template.h" - -// Entry point for LibFuzzer. -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_NullTemplate), data, size); - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_NullTemplate), data, size); - - return 0; -} diff --git a/projects/nss/fuzzers/asn1_objectid_fuzzer.cc b/projects/nss/fuzzers/asn1_objectid_fuzzer.cc deleted file mode 100644 index bdc8288b11bc..000000000000 --- a/projects/nss/fuzzers/asn1_objectid_fuzzer.cc +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include -#include - -#include "asn1_fuzzer_template.h" - -// Entry point for LibFuzzer. -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_ObjectIDTemplate), data, size); - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_ObjectIDTemplate), data, size); - - return 0; -} diff --git a/projects/nss/fuzzers/asn1_octetstring_fuzzer.cc b/projects/nss/fuzzers/asn1_octetstring_fuzzer.cc deleted file mode 100644 index 71b25776e06a..000000000000 --- a/projects/nss/fuzzers/asn1_octetstring_fuzzer.cc +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include -#include - -#include "asn1_fuzzer_template.h" - -// Entry point for LibFuzzer. -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_OctetStringTemplate), data, size); - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_OctetStringTemplate), data, size); - - return 0; -} diff --git a/projects/nss/fuzzers/asn1_utctime_fuzzer.cc b/projects/nss/fuzzers/asn1_utctime_fuzzer.cc deleted file mode 100644 index 604e260986c2..000000000000 --- a/projects/nss/fuzzers/asn1_utctime_fuzzer.cc +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include -#include - -#include "asn1_fuzzer_template.h" - -// Entry point for LibFuzzer. -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_UTCTimeTemplate), data, size); - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_UTCTimeTemplate), data, size); - - return 0; -} diff --git a/projects/nss/fuzzers/asn1_utf8string_fuzzer.cc b/projects/nss/fuzzers/asn1_utf8string_fuzzer.cc deleted file mode 100644 index f4a3a6ac2ad7..000000000000 --- a/projects/nss/fuzzers/asn1_utf8string_fuzzer.cc +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include -#include - -#include "asn1_fuzzer_template.h" - -// Entry point for LibFuzzer. -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_UTF8StringTemplate), data, size); - NSSFuzzOneInput( - SEC_ASN1_GET(SEC_UTF8StringTemplate), data, size); - - return 0; -} diff --git a/projects/nss/fuzzers/cert_certificate_fuzzer.cc b/projects/nss/fuzzers/cert_certificate_fuzzer.cc deleted file mode 100644 index ce1efc732889..000000000000 --- a/projects/nss/fuzzers/cert_certificate_fuzzer.cc +++ /dev/null @@ -1,19 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include -#include -#include - -#include "asn1_fuzzer_template.h" - -// Entry point for LibFuzzer. -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - NSSFuzzOneInput( - SEC_ASN1_GET(CERT_CertificateTemplate), data, size); - NSSFuzzOneInput( - SEC_ASN1_GET(CERT_CertificateTemplate), data, size); - - return 0; -} diff --git a/projects/nss/fuzzers/seckey_privatekeyinfo_fuzzer.cc b/projects/nss/fuzzers/seckey_privatekeyinfo_fuzzer.cc deleted file mode 100644 index a6dd802e9643..000000000000 --- a/projects/nss/fuzzers/seckey_privatekeyinfo_fuzzer.cc +++ /dev/null @@ -1,19 +0,0 @@ -// Copyright 2016 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include -#include -#include - -#include "asn1_fuzzer_template.h" - -// Entry point for LibFuzzer. -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - NSSFuzzOneInput( - SEC_ASN1_GET(SECKEY_PrivateKeyInfoTemplate), data, size); - NSSFuzzOneInput( - SEC_ASN1_GET(SECKEY_PrivateKeyInfoTemplate), data, size); - - return 0; -}