Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 47c8ba7

Browse files
atoppilminiero
authored andcommitted
Add code for RTCP and RTP fuzzing. (meetecho#1492)
Added code for RTP/RTCP fuzzing
1 parent eb1c112 commit 47c8ba7

File tree

116 files changed

+381
-0
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

116 files changed

+381
-0
lines changed

‎.gitignore‎

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -45,6 +45,9 @@ Makefile.in
4545
/events/*.la
4646
/events/.libs
4747
/postprocessing/*.o
48+
/fuzzers/*.a
49+
/fuzzers/*.o
50+
/fuzzers/out
4851

4952
/conf/janus.cfg.sample
5053
/conf/janus.plugin.duktape.cfg.sample

‎fuzzers/build.sh‎

Lines changed: 90 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,90 @@
1+
#!/bin/bash -eu
2+
3+
# Load script configuration
4+
source $(dirname 0ドル)/config.sh
5+
6+
# Set fuzzing environment
7+
# Fallback to local
8+
FUZZ_ENV=${FUZZ_ENV-$DEFAULT_ENV}
9+
10+
# Set working paths from the environment
11+
# Fallback to values used for local testing
12+
SRC=${SRC-$DEFAULT_SRC}
13+
OUT=${OUT-$DEFAULT_OUT}
14+
WORK=${WORK-$DEFAULT_WORK}
15+
16+
# Set compiler from the environment
17+
# Fallback to clang
18+
FUZZ_CC=${CC-$DEFAULT_CC}
19+
20+
# Set linker from the environment (CXX is used as linker in oss-fuzz)
21+
# Fallback to clang
22+
FUZZ_CCLD=${CXX-$DEFAULT_CCLD}
23+
24+
# Set CFLAGS from the environment
25+
# Fallback to using address and undefined behaviour sanitizers
26+
FUZZ_CFLAGS=${CFLAGS-$DEFAULT_CFLAGS}
27+
28+
# Set LDFLAGS from the environment (CXXFLAGS var is used for linker flags in oss-fuzz)
29+
# Fallback to using address and undefined behaviour sanitizers
30+
FUZZ_LDFLAGS=${CXXFLAGS-${LDFLAGS-$DEFAULT_LDFLAGS}}
31+
32+
# Set fuzzing engine from the environment (optional)
33+
FUZZ_ENGINE=${LIB_FUZZING_ENGINE-""}
34+
35+
# Mess with the flags only in local execution
36+
if [[ $FUZZ_ENV == "local" && $FUZZ_CC == clang* ]]; then
37+
# For coverage testing with clang uncomment
38+
# FUZZ_CFLAGS="$COVERAGE_CFLAGS"
39+
# FUZZ_LDFLAGS="$COVERAGE_LDFLAGS"
40+
41+
# Add fuzzer CFLAG only if not present
42+
if [[ ! $FUZZ_CFLAGS =~ .*-fsanitize=([^\s].*)*fuzzer(-.*)* ]]; then
43+
FUZZ_CFLAGS="$FUZZ_CFLAGS -fsanitize=fuzzer-no-link"
44+
fi
45+
# Add fuzzer LDFLAG only if not present
46+
if [[ ! $FUZZ_LDFLAGS =~ .*-fsanitize=([^\s].*)*fuzzer(-.*)* ]]; then
47+
# Link against libFuzzer only if FUZZ_ENGINE has not been set
48+
if [[ ! -z $FUZZ_ENGINE ]]; then
49+
FUZZ_LDFLAGS="$FUZZ_LDFLAGS -fsanitize=fuzzer-no-link"
50+
else
51+
FUZZ_LDFLAGS="$FUZZ_LDFLAGS -fsanitize=fuzzer"
52+
fi
53+
fi
54+
fi
55+
56+
rm -f $WORK/*.a $WORK/*.o
57+
58+
# Build and archive necessary Janus objects
59+
JANUS_LIB="$WORK/janus-lib.a"
60+
cd $SRC/janus-gateway
61+
./autogen.sh
62+
./configure CC="$FUZZ_CC" CFLAGS="$FUZZ_CFLAGS" $JANUS_CONF_FLAGS
63+
make clean
64+
make -j$(nproc) $JANUS_OBJECTS
65+
ar rcs $JANUS_LIB $JANUS_OBJECTS
66+
cd -
67+
68+
# Build standalone fuzzing engines
69+
engines=$(find $SRC/janus-gateway/fuzzers/engines/ -name "*.c")
70+
for sourceFile in $engines; do
71+
name=$(basename $sourceFile .c)
72+
echo "Building engine: $name"
73+
$FUZZ_CC -c $FUZZ_CFLAGS $sourceFile -o $WORK/$name.o
74+
done
75+
76+
# Build Fuzzers
77+
mkdir -p $OUT
78+
fuzzers=$(find $SRC/janus-gateway/fuzzers/ -name "*.c" | grep -v "engines/")
79+
for sourceFile in $fuzzers; do
80+
name=$(basename $sourceFile .c)
81+
echo "Building fuzzer: $name"
82+
83+
$FUZZ_CC -c $FUZZ_CFLAGS $DEPS_CFLAGS -I. -I$SRC/janus-gateway $sourceFile -o $WORK/$name.o
84+
$FUZZ_CCLD $FUZZ_LDFLAGS $WORK/${name}.o -o $OUT/${name} $FUZZ_ENGINE $JANUS_LIB $DEPS_LIB
85+
86+
if [ -d "$SRC/janus-gateway/fuzzers/corpora/${name}" ]; then
87+
echo "Exporting corpus: $name "
88+
zip -jqr --exclude=*LICENSE* $OUT/${name}_seed_corpus.zip $SRC/janus-gateway/fuzzers/corpora/${name}
89+
fi
90+
done

‎fuzzers/config.sh‎

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
#!/bin/bash
2+
3+
SCRIPTPATH="$( cd "$(dirname "0ドル")" ; pwd -P )"
4+
5+
# Default environment
6+
DEFAULT_ENV="local"
7+
8+
# Working paths
9+
DEFAULT_SRC="$(dirname $(dirname $SCRIPTPATH))"
10+
DEFAULT_OUT="$SCRIPTPATH/out"
11+
DEFAULT_WORK="$SCRIPTPATH"
12+
13+
# CFLAGS and LDFLAGS for local fuzzing
14+
DEFAULT_CC="clang"
15+
DEFAULT_CCLD=$DEFAULT_CC
16+
DEFAULT_CFLAGS="-O1 -fno-omit-frame-pointer -g -ggdb3 -fsanitize=address,undefined -fsanitize-address-use-after-scope -fno-sanitize-recover=undefined -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION"
17+
DEFAULT_LDFLAGS="-O1 -fno-omit-frame-pointer -g -ggdb3 -fsanitize=address,undefined -fno-sanitize-recover=undefined -fsanitize-address-use-after-scope"
18+
COVERAGE_CFLAGS="-O1 -fno-omit-frame-pointer -g -ggdb3 -fprofile-instr-generate -fcoverage-mapping -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION"
19+
COVERAGE_LDFLAGS="-O1 -fno-omit-frame-pointer -g -ggdb3 -fprofile-instr-generate -fcoverage-mapping -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION"
20+
21+
# Janus configure flags
22+
JANUS_CONF_FLAGS="--disable-docs --disable-post-processing --disable-turn-rest-api --disable-all-transports --disable-all-plugins --disable-all-handlers --disable-data-channels"
23+
24+
# Janus objects needed for fuzzing
25+
JANUS_OBJECTS="janus-log.o janus-utils.o janus-rtcp.o janus-rtp.o"
26+
27+
# CFLAGS for fuzzer dependencies
28+
DEPS_CFLAGS="$(pkg-config --static --cflags glib-2.0)"
29+
30+
# Libraries to link in with fuzzers
31+
DEPS_LIB="-Wl,-Bstatic $(pkg-config --libs glib-2.0) -pthread -Wl,-Bdynamic"
20 Bytes
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /