Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

infra: update introspector and add new light version #12983

Merged
merged 4 commits into from
Jan 28, 2025
Merged

infra: update introspector and add new light version #12983

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
10f9bb7
infra: update introspector and add new light version
DavidKorczynski Jan 25, 2025
2d66f87
bump to next commit
DavidKorczynski Jan 25, 2025
56bdf30
fix light
DavidKorczynski Jan 27, 2025
dbf9f85
infra: bump to next commit
DavidKorczynski Jan 27, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
77 changes: 58 additions & 19 deletions infra/base-images/base-builder/compile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -229,17 +229,47 @@ if [ "$SANITIZER" = "introspector" ] || [ "$RUST_SANITIZER" = "introspector" ];

# Install Fuzz-Introspector
pushd /fuzz-introspector/src
python3 -m pip install .
python3 -m pip install -e .
popd

if [ "$FUZZING_LANGUAGE" = "python" ]; then
python3 /fuzz-introspector/src/main.py light --language=python
cp -rf $SRC/inspector/ /tmp/inspector-saved
elif [ "$FUZZING_LANGUAGE" = "jvm" ]; then
python3 /fuzz-introspector/src/main.py light --language=jvm
cp -rf $SRC/inspector/ /tmp/inspector-saved
elif [ "$FUZZING_LANGUAGE" = "rust" ]; then
python3 /fuzz-introspector/src/main.py light --language=rust
cp -rf $SRC/inspector/ /tmp/inspector-saved
else
python3 /fuzz-introspector/src/main.py light

# Make a copy of the light. This is needed because we run two versions of
# introspector: one based on pure statis analysis and one based on
# regular LTO.
cp -rf $SRC/inspector/ /tmp/inspector-saved


# Move coverage report.
if [ -d "$OUT/textcov_reports" ]
then
find $OUT/textcov_reports/ -name "*.covreport" -exec cp {} $SRC/inspector/ \;
find $OUT/textcov_reports/ -name "*.json" -exec cp {} $SRC/inspector/ \;
fi

# Make fuzz-introspector HTML report using light approach.
REPORT_ARGS="--name=$PROJECT_NAME"

# Only pass coverage_url when COVERAGE_URL is set (in cloud builds)
if [[ ! -z "${COVERAGE_URL+x}" ]]; then
REPORT_ARGS="$REPORT_ARGS --coverage-url=${COVERAGE_URL}"
fi

# Run pure static analysis fuzz introspector
fuzz-introspector full --target-dir=$SRC \
--language=${FUZZING_LANGUAGE} \
--out-dir=$SRC/inspector \
${REPORT_ARGS}
fi

rsync -avu --delete "$SRC/inspector/" "$OUT/inspector"
Expand Down Expand Up @@ -313,28 +343,37 @@ if [ "$SANITIZER" = "introspector" ] || [ "$RUST_SANITIZER" = "introspector" ];
unset CFLAGS
export G_ANALYTICS_TAG="G-8WTFM1Y62J"

# If we get to here, it means the e.g. LTO had no problems and succeeded.
# TO this end, we wlil restore the original light analysis and used the
# LTO processing itself.
rm -rf $SRC/inspector
cp -rf /tmp/inspector-saved $SRC/inspector

cd /fuzz-introspector/src
python3 -m pip install -e .
cd /src/

if [ "$FUZZING_LANGUAGE" = "jvm" ]; then
echo "GOING jvm route"

set -x
# Output will be put in /out/
python3 /fuzz-introspector/frontends/java/oss-fuzz-main.py
python3 -m fuzz_introspector.frontends.oss_fuzz --language jvm --target-dir $SRC --entrypoint fuzzerTestOneInput

# Move files temporarily to fit workflow of other languages.
mkdir -p $SRC/my-fi-data
find $OUT/ -name *.data -exec mv {} $SRC/my-fi-data/ \;
find $OUT/ -name *.data.yaml -exec mv {} $SRC/my-fi-data/ \;
find ./ -name *.data -exec mv {} $SRC/my-fi-data/ \;
find ./ -name *.data.yaml -exec mv {} $SRC/my-fi-data/ \;
elif [ "$FUZZING_LANGUAGE" = "rust" ]; then
echo "GOING rust route"

# Run the rust frontend
pushd /fuzz-introspector/frontends/rust/rust_function_analyser
cargo run -- $SRC
python3 -m fuzz_introspector.frontends.oss_fuzz --language rust --target-dir $SRC

# Move files temporarily to fix workflow of other languages.
mkdir -p $SRC/my-fi-data
find ./ -name "*.data" -exec mv {} $SRC/my-fi-data/ \;
find ./ -name "*.data.yaml" -exec mv {} $SRC/my-fi-data/ \;
popd

# Restore the sanitizer flag for rust
export SANITIZER="introspector"
Expand All @@ -359,43 +398,43 @@ if [ "$SANITIZER" = "introspector" ] || [ "$RUST_SANITIZER" = "introspector" ];
REPORT_ARGS="--name=$PROJECT_NAME"
# Only pass coverage_url when COVERAGE_URL is set (in cloud builds)
if [[ ! -z "${COVERAGE_URL+x}" ]]; then
REPORT_ARGS="$REPORT_ARGS --coverage_url=${COVERAGE_URL}"
REPORT_ARGS="$REPORT_ARGS --coverage-url=${COVERAGE_URL}"
fi

# Do different things depending on languages
if [ "$FUZZING_LANGUAGE" = "python" ]; then
echo "GOING python route"
set -x
REPORT_ARGS="$REPORT_ARGS --target_dir=$SRC/inspector"
REPORT_ARGS="$REPORT_ARGS --target-dir=$SRC/inspector"
REPORT_ARGS="$REPORT_ARGS --language=python"
python3 /fuzz-introspector/src/main.py report $REPORT_ARGS
fuzz-introspector report $REPORT_ARGS
rsync -avu --delete "$SRC/inspector/" "$OUT/inspector"
elif [ "$FUZZING_LANGUAGE" = "jvm" ]; then
echo "GOING jvm route"
set -x
find $OUT/ -name "jacoco.xml" -exec cp {} $SRC/inspector/ \;
REPORT_ARGS="$REPORT_ARGS --target_dir=$SRC/inspector"
REPORT_ARGS="$REPORT_ARGS --target-dir=$SRC/inspector"
REPORT_ARGS="$REPORT_ARGS --language=jvm"
python3 /fuzz-introspector/src/main.py report $REPORT_ARGS
fuzz-introspector report $REPORT_ARGS
rsync -avu --delete "$SRC/inspector/" "$OUT/inspector"
elif [ "$FUZZING_LANGUAGE" = "rust" ]; then
echo "GOING rust route"
REPORT_ARGS="$REPORT_ARGS --target_dir=$SRC/inspector"
REPORT_ARGS="$REPORT_ARGS --target-dir=$SRC/inspector"
REPORT_ARGS="$REPORT_ARGS --language=rust"
python3 /fuzz-introspector/src/main.py report $REPORT_ARGS
fuzz-introspector report $REPORT_ARGS
rsync -avu --delete "$SRC/inspector/" "$OUT/inspector"
else
# C/C++

mkdir -p $SRC/inspector
# Correlate fuzzer binaries to fuzz-introspector's raw data
python3 /fuzz-introspector/src/main.py correlate --binaries_dir=$OUT/
fuzz-introspector correlate --binaries-dir=$OUT/

# Generate fuzz-introspector HTML report, this generates
# the file exe_to_fuzz_introspector_logs.yaml
REPORT_ARGS="$REPORT_ARGS --target_dir=$SRC/inspector"
REPORT_ARGS="$REPORT_ARGS --target-dir=$SRC/inspector"
# Use the just-generated correlation file
REPORT_ARGS="$REPORT_ARGS --correlation_file=exe_to_fuzz_introspector_logs.yaml"
python3 /fuzz-introspector/src/main.py report $REPORT_ARGS
REPORT_ARGS="$REPORT_ARGS --correlation-file=exe_to_fuzz_introspector_logs.yaml"
fuzz-introspector report $REPORT_ARGS

rsync -avu --delete "$SRC/inspector/" "$OUT/inspector"
fi
Expand Down
2 changes: 1 addition & 1 deletion infra/base-images/base-clang/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ RUN apt-get update && apt-get install -y wget sudo && \
RUN apt-get update && apt-get install -y git && \
git clone https://github.com/ossf/fuzz-introspector.git fuzz-introspector && \
cd fuzz-introspector && \
git checkout 74917384c5a4e368d900862b4bd3d16ce3fe5dd8 && \
git checkout eab8da2f42d07fb63d28b30c1cc12a2bfcd8e648 && \
git submodule init && \
git submodule update && \
apt-get autoremove --purge -y git && \
Expand Down
Loading