Golang internal library fuzzers

projects/golang/Dockerfile

@@ -0,0 +1,34 @@
+# Copyright 2019 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder
+MAINTAINER [email protected]
+
+RUN apt-get update && apt-get install -y software-properties-common python-software-properties build-essential wget
+
+# Golang 1.9 binaries are downloaded only to bootstrap the latest Golang from the development repository
+RUN add-apt-repository -y ppa:gophers/archive && apt-get update && apt-get install -y golang-1.9-go
+RUN ln -s /usr/lib/go-1.9/bin/go /usr/bin/go
+
+# Get latest Golang
+RUN git clone --depth 1 https://github.com/golang/go
+
+RUN mkdir -p go/packages/src/github.com/dvyukov
+RUN cd go/packages/src/github.com/dvyukov && git clone https://github.com/dvyukov/go-fuzz
+RUN cd go/packages/src/github.com/dvyukov && git clone https://github.com/dvyukov/go-fuzz-corpus
+
+COPY build.sh $SRC/
+

projects/golang/build.sh

@@ -0,0 +1,65 @@
+# Compile latest Go
+cd go/src
+./make.bash
+cd $SRC
+
+# Remove previous Go install (used for bootstrapping)
+apt-get remove golang-1.9-go -y
+rm /usr/bin/go
+
+export GOROOT=`realpath go`
+export GOPATH=$GOROOT/packages
+export PATH=$GOROOT/bin:$PATH
+
+# Dependency of go-fuzz
+go get golang.org/x/tools/go/packages
+
+# go-fuzz-build is the tool that instruments Go files
+go build github.com/dvyukov/go-fuzz/go-fuzz-build
+
+function compile_fuzzer {
+    fuzzer=$(basename $1)
+
+    # Instrument all Go files relevant to this fuzzer, compile and store in $fuzzer.a
+    ./go-fuzz-build -libfuzzer -o $fuzzer.a github.com/dvyukov/go-fuzz-corpus/$fuzzer
+
+    # Instrumented, compiled Go ($fuzzer.a) + libFuzzer = fuzzer binary
+    $CXX $CXXFLAGS -lFuzzingEngine $fuzzer.a -lpthread -o fuzzer-$fuzzer
+
+    # Copy the fuzzer binary
+    cp fuzzer-$fuzzer $OUT
+
+    # Pack the seed corpus
+    zip -r fuzzer-${fuzzer}_seed_corpus.zip $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/$fuzzer/corpus
+
+    # Copy the seed corpus
+    cp fuzzer-${fuzzer}_seed_corpus.zip $OUT
+}
+
+export -f compile_fuzzer
+
+# Use this to attempt to compile all
+#find $GOPATH/src/github.com/dvyukov/go-fuzz-corpus -mindepth 1 -maxdepth 1 -type d -exec bash -c 'compile_fuzzer "$@"' bash {} \;
+
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/asn1
+#compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/bzip2
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/csv
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/elliptic
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/flate
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/fmt
+#compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/gif
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/gzip
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/httpreq
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/httpresp
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/jpeg
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/json
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/lzw
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/mime
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/multipart
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/png
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/tar
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/time
+#compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/url
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/xml
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/zip
+compile_fuzzer $GOPATH/src/github.com/dvyukov/go-fuzz-corpus/zlib

projects/golang/project.yaml

@@ -0,0 +1,7 @@
+homepage: "https://golang.org/"
+primary_contact: "[email protected]"
+auto_ccs:
+ - "[email protected]"
+sanitizers:
+ - undefined
+view_restrictions: none