fuzz: add initial fuzzing infrastructure

The fuzzers will be used by oss-fuzz to automatically and
continuously fuzz systemd.

This commit includes the build tooling necessary to build fuzz
targets, and a fuzzer for the DNS packet parser.

diff --git a/meson.build b/meson.build
index abc9fbecf66d8eb81ccc3418ab1ed1ec1c8d4dca..748438fdb1b9dd9235c6ebb785d9917f728a6b04 100644 (file)
--- a/meson.build
+++ b/meson.build
@@ -332,6 +332,11 @@ if get_option('tests') != 'false'
         endif
 endif
 
+ossfuzz = get_option('oss-fuzz')
+if ossfuzz
+        fuzzing_engine = meson.get_compiler('cpp').find_library('FuzzingEngine')
+endif
+
 foreach arg : ['-Wextra',
                '-Werror=undef',
                '-Wlogical-op',
@@ -366,7 +371,6 @@ foreach arg : ['-Wextra',
                '-fvisibility=hidden',
                '-fstack-protector',
                '-fstack-protector-strong',
-               '-fPIE',
                '--param=ssp-buffer-size=4',
               ]
         if cc.has_argument(arg)
@@ -374,6 +378,14 @@ foreach arg : ['-Wextra',
         endif
 endforeach
 
+# the oss-fuzz fuzzers are not built with -fPIE, so don't
+# enable it when we are linking against them
+if not ossfuzz
+        if cc.has_argument('-fPIE')
+              add_project_arguments('-fPIE', language : 'c')
+        endif
+endif
+
 # "negative" arguments: gcc on purpose does not return an error for "-Wno-"
 # arguments, just emits a warnings. So test for the "positive" version instead.
 foreach arg : ['unused-parameter',
@@ -424,7 +436,7 @@ foreach arg : ['-Wl,-z,relro',
                            cc.cmd_array(), '-x', 'c', arg,
                            '-include', link_test_c).returncode() == 0
         message('Linking with @0@ supported: @1@'.format(arg, have ? 'yes' : 'no'))
-        if have
+        if have and (arg != '-pie' or not ossfuzz)
                 add_project_link_arguments(arg, language : 'c')
         endif
 endforeach
@@ -1336,6 +1348,7 @@ endforeach
 want_tests = get_option('tests')
 install_tests = get_option('install-tests')
 tests = []
+fuzzers = []
 
 conf.set10('SYSTEMD_SLOW_TESTS_DEFAULT', get_option('slow-tests'))
 
@@ -1508,6 +1521,7 @@ subdir('src/shared')
 #endif // 0
 
 subdir('src/test')
+subdir('src/fuzz')
 #if 0 /// UNNEEDED in elogind
 # subdir('rules')
 # subdir('test')
@@ -2744,6 +2758,39 @@ endforeach
 #         install_dir : testsdir)
 # test('test-libudev-sym',
 #      test_libudev_sym)
+# 
+# ############################################################
+# 
+# fuzzer_exes = []
+# 
+# foreach tuple : fuzzers
+#         sources = tuple[0]
+#         link_with = tuple[1].length() > 0 ? tuple[1] : [libshared]
+#         dependencies = tuple[2]
+#         defs = tuple.length() >= 4 ? tuple[3] : []
+#         incs = tuple.length() >= 5 ? tuple[4] : includes
+# 
+#         if ossfuzz
+#                 dependencies += fuzzing_engine
+#         else
+#                 sources += 'src/fuzz/fuzz-main.c'
+#         endif
+# 
+#         name = sources[0].split('/')[-1].split('.')[0]
+# 
+#         fuzzer_exes += executable(
+#                 name,
+#                 sources,
+#                 include_directories : [incs, include_directories('src/fuzz')],
+#                 link_with : link_with,
+#                 dependencies : dependencies,
+#                 c_args : defs,
+#                 install : false)
+# endforeach
+# 
+# run_target('fuzzers',
+#         depends : fuzzer_exes,
+#         command : ['true'])
 #else
 test_libelogind_sym = executable(
         'test-libelogind-sym',

diff --git a/meson_options.txt b/meson_options.txt
index 49de45c22984e0fd264b7958c923e3f721738123..46bc54fafa8417d6c1dbd7956f60d63166d416d0 100644 (file)
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -352,3 +352,6 @@ option('slow-tests', type : 'boolean', value : 'false',
        description : 'run the slow tests by default')
 option('install-tests', type : 'boolean', value : 'false',
        description : 'install test executables')
+
+option('oss-fuzz', type : 'boolean', value : 'false',
+       description : 'build against oss-fuzz')