Home | History | Annotate | Line # | Download | only in cc
t_fuzzer_simple.sh revision 1.2.2.2
      1 # Copyright (c) 2018 The NetBSD Foundation, Inc.
      2 # All rights reserved.
      3 #
      4 # This code is derived from software contributed to The NetBSD Foundation
      5 # by Yang Zheng.
      6 #
      7 # Redistribution and use in source and binary forms, with or without
      8 # modification, are permitted provided that the following conditions
      9 # are met:
     10 # 1. Redistributions of source code must retain the above copyright
     11 #    notice, this list of conditions and the following disclaimer.
     12 # 2. Redistributions in binary form must reproduce the above copyright
     13 #    notice, this list of conditions and the following disclaimer in the
     14 #    documentation and/or other materials provided with the distribution.
     15 #
     16 # THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
     17 # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
     18 # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
     19 # PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
     20 # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
     21 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
     22 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
     23 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
     24 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
     25 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
     26 # POSSIBILITY OF SUCH DAMAGE.
     27 #
     28 
     29 test_target()
     30 {
     31 	SUPPORT='n'
     32 	if uname -m | grep -q "amd64" && command -v cc >/dev/null 2>&1 && \
     33 		   ! echo __clang__ | cc -E - | grep -q __clang__; then
     34 		# only clang with major version newer than 7 is supported
     35 		CLANG_MAJOR=`echo __clang_major__ | cc -E - | grep -o '^[[:digit:]]'`
     36 		if [ "$CLANG_MAJOR" -ge "7" ]; then
     37 			SUPPORT='y'
     38 		fi
     39 	fi
     40 }
     41 
     42 atf_test_case simple
     43 simple_head() {
     44 	atf_set "descr" "Test thread sanitizer for error exit condition"
     45 	atf_set "require.progs" "cc paxctl"
     46 }
     47 
     48 atf_test_case simple_profile
     49 simple_profile_head() {
     50 	atf_set "descr" "Test thread sanitizer for simple with profiling option"
     51 	atf_set "require.progs" "cc paxctl"
     52 }
     53 atf_test_case simple_pic
     54 simple_pic_head() {
     55 	atf_set "descr" "Test thread sanitizer for simple with position independent code (PIC) flag"
     56 	atf_set "require.progs" "cc paxctl"
     57 }
     58 atf_test_case simple_pie
     59 simple_pie_head() {
     60 	atf_set "descr" "Test thread sanitizer for simple with position independent execution (PIE) flag"
     61 	atf_set "require.progs" "cc paxctl"
     62 }
     63 
     64 simple_body(){
     65 	cat > test.c << EOF
     66 #include <stdlib.h>
     67 #include <stdio.h>
     68 #include <stdint.h>
     69 
     70 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     71   if (size > 0 && data[0] == 'b') {
     72     fprintf(stderr, "BINGO\n");
     73     exit(1);
     74   }
     75 
     76   return 0;
     77 }
     78 EOF
     79 
     80 	cc -fsanitize=fuzzer -o test test.c
     81 	paxctl +a test
     82 	atf_check -s ignore -o ignore -e match:"BINGO" ./test
     83 }
     84 
     85 simple_profile_body(){
     86 	cat > test.c << EOF
     87 #include <stdlib.h>
     88 #include <stdio.h>
     89 #include <stdint.h>
     90 
     91 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     92   if (size > 0 && data[0] == 'b') {
     93     fprintf(stderr, "BINGO\n");
     94     exit(1);
     95   }
     96 
     97   return 0;
     98 }
     99 EOF
    100 
    101 	cc -fsanitize=fuzzer -o test -pg test.c
    102 	paxctl +a test
    103 	atf_check -s ignore -o ignore -e match:"BINGO" ./test
    104 }
    105 
    106 simple_pic_body(){
    107 	cat > test.c << EOF
    108 #include <stddef.h>
    109 #include <stdint.h>
    110 int help(const uint8_t *data, size_t size);
    111 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
    112     return help(data, size);
    113 }
    114 EOF
    115 
    116 	cat > pic.c << EOF
    117 #include <stdlib.h>
    118 #include <stdio.h>
    119 #include <stdint.h>
    120 
    121 int help(const uint8_t *data, size_t size) {
    122   if (size > 0 && data[0] == 'b') {
    123     fprintf(stderr, "BINGO\n");
    124     exit(1);
    125   }
    126 
    127   return 0;
    128 }
    129 EOF
    130 
    131 	cc -fsanitize=fuzzer -fPIC -shared -o libtest.so pic.c
    132 	cc -o test test.c -fsanitize=fuzzer -L. -ltest
    133 	paxctl +a test
    134 
    135 	export LD_LIBRARY_PATH=.
    136 	atf_check -s ignore -o ignore -e match:"BINGO" ./test
    137 }
    138 simple_pie_body(){
    139 	
    140 	#check whether -pie flag is supported on this architecture
    141 	if ! cc -pie -dM -E - < /dev/null 2>/dev/null >/dev/null; then 
    142 		atf_set_skip "cc -pie not supported on this architecture"
    143 	fi
    144 	cat > test.c << EOF
    145 #include <stdlib.h>
    146 #include <stdio.h>
    147 #include <stdint.h>
    148 
    149 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
    150   if (size > 0 && data[0] == 'b') {
    151     fprintf(stderr, "BINGO\n");
    152     exit(1);
    153   }
    154 
    155   return 0;
    156 }
    157 EOF
    158 
    159 	cc -fsanitize=fuzzer -o test -fpie -pie test.c
    160 	paxctl +a test
    161 	atf_check -s ignore -o ignore -e match:"BINGO" ./test
    162 }
    163 
    164 
    165 atf_test_case target_not_supported
    166 target_not_supported_head()
    167 {
    168 	atf_set "descr" "Test forced skip"
    169 }
    170 
    171 target_not_supported_body()
    172 {
    173 	atf_skip "Target is not supported"
    174 }
    175 
    176 atf_init_test_cases()
    177 {
    178 	test_target
    179 	test $SUPPORT = 'n' && {
    180 		atf_add_test_case target_not_supported
    181 		return 0
    182 	}
    183 	atf_add_test_case simple
    184 	atf_add_test_case simple_profile
    185 	atf_add_test_case simple_pie
    186 	atf_add_test_case simple_pic
    187 }
    188