oss-fuzz: Add fuzzing targets

These fuzzing targets were originally from: https://github.com/guidovranken/flac-fuzzers.git but having them in a separate repo was a huge pain in the neck when working on fixing any problems found.
xiph · Nov 17, 2019 · e0f7e0e · e0f7e0e
1 parent b19f3a6
commit e0f7e0e
Show file tree

Hide file tree

Showing 7 changed files with 630 additions and 12 deletions.
diff --git a/.gitignore b/.gitignore
@@ -75,3 +75,5 @@ test/picture.diff
 test/picture.log
 .dirstamp
 microbench/benchmark_residual
+oss-fuzz/fuzz-decoder
+oss-fuzz/fuzz-encoder
diff --git a/Makefile.am b/Makefile.am
@@ -31,7 +31,7 @@
 
 ACLOCAL_AMFLAGS = -I m4
 
-SUBDIRS = doc include m4 man src test build microbench
+SUBDIRS = doc include m4 man src test build microbench oss-fuzz
 
 if EXAMPLES
 SUBDIRS += examples

diff --git a/configure.ac b/configure.ac
@@ -374,6 +374,32 @@ AC_HELP_STRING([--disable-cpplibs], [Do not build libFLAC++]),
 esac], [disable_cpplibs=false])
 AM_CONDITIONAL(FLaC__WITH_CPPLIBS, [test "x$disable_cpplibs" != xtrue])
 
+AC_ARG_ENABLE([oss-fuzzers],
+  [AS_HELP_STRING([--enable-oss-fuzzers],
+    [Whether to generate the fuzzers for OSS-Fuzz (Clang only)])],
+  [have_oss_fuzzers=yes], [have_oss_fuzzers=no])
+
+if test "x$have_oss_fuzzers" = "xyes"; then
+  if test "x$xiph_cv_c_compiler_clang" = "xyes" ; then
+    AM_CONDITIONAL([USE_OSSFUZZERS], [test "x$have_oss_fuzzers" = "xyes"])
+    if test "x$LIB_FUZZING_ENGINE" = "x" ; then
+      # Only set this if it is empty.
+	  LIB_FUZZING_ENGINE=-fsanitize=fuzzer
+    fi
+  else
+    AM_CONDITIONAL([USE_OSSFUZZERS], [test "false" = "true"])
+    # Disable fuzzer if the compiler is not Clang.
+    AC_MSG_WARN([*** Ozz-Fuzz is disabled because that requres the  Clang compiler.])
+    have_oss_fuzzers="no (compiler is GCC)"
+  fi
+else
+  AM_CONDITIONAL([USE_OSSFUZZERS], [test "false" = "true"])
+fi
+
+AM_CONDITIONAL([USE_OSSFUZZ_FLAG], [test "x$LIB_FUZZING_ENGINE" = "x-fsanitize=fuzzer"])
+AM_CONDITIONAL([USE_OSSFUZZ_STATIC], [test -f "$LIB_FUZZING_ENGINE"])
+AC_SUBST([LIB_FUZZING_ENGINE])
+
 dnl check for ogg library
 AC_ARG_ENABLE([ogg],
 	AC_HELP_STRING([--disable-ogg], [Disable ogg support (default: test for libogg)]),
@@ -576,7 +602,8 @@ AC_CONFIG_FILES([ \
 	test/metaflac-test-files/Makefile \
 	test/pictures/Makefile \
 	build/Makefile \
-	microbench/Makefile
+	microbench/Makefile \
+	oss-fuzz/Makefile
 ])
 AC_OUTPUT
 
@@ -585,19 +612,20 @@ AC_MSG_RESULT([
 
   Configuration summary :
 
-    FLAC version : ........................ ${VERSION}
+    FLAC version : ............................ ${VERSION}
 
-    Host CPU : ............................ ${host_cpu}
-    Host Vendor : ......................... ${host_vendor}
-    Host OS : ............................. ${host_os}
+    Host CPU : ................................ ${host_cpu}
+    Host Vendor : ............................. ${host_vendor}
+    Host OS : ................................. ${host_os}
 ])
 
-	echo "    Compiler is GCC : ..................... ${ac_cv_c_compiler_gnu}"
+	echo "    Compiler is GCC : ......................... ${ac_cv_c_compiler_gnu}"
 if test x$ac_cv_c_compiler_gnu = xyes ; then
-	echo "    GCC version : ......................... ${GCC_VERSION}"
+	echo "    GCC version : ............................. ${GCC_VERSION}"
 fi
-	echo "    Compiler is Clang : ................... ${xiph_cv_c_compiler_clang}"
-	echo "    SSE optimizations : ................... ${sse_os}"
-	echo "    Asm optimizations : ................... ${asm_optimisation}"
-	echo "    Ogg/FLAC support : .................... ${have_ogg}"
+	echo "    Compiler is Clang : ....................... ${xiph_cv_c_compiler_clang}"
+	echo "    SSE optimizations : ....................... ${sse_os}"
+	echo "    Asm optimizations : ....................... ${asm_optimisation}"
+	echo "    Ogg/FLAC support : ........................ ${have_ogg}"
+	echo "    Fuzzing support (Clang only) : ............ ${have_oss_fuzzers}"
 echo
diff --git a/oss-fuzz/Makefile.am b/oss-fuzz/Makefile.am
@@ -0,0 +1,62 @@
+#  FLAC - Free Lossless Audio Codec
+#  Copyright (C) 2019  Xiph.Org Foundation
+#
+#  This file is part the FLAC project.  FLAC is comprised of several
+#  components distributed under different licenses.  The codec libraries
+#  are distributed under Xiph.Org's BSD-like license (see the file
+#  COPYING.Xiph in this distribution).  All other programs, libraries, and
+#  plugins are distributed under the GPL (see COPYING.GPL).  The documentation
+#  is distributed under the Gnu FDL (see COPYING.FDL).  Each file in the
+#  FLAC distribution contains at the top the terms under which it may be
+#  distributed.
+#
+#  Since this particular file is relevant to all components of FLAC,
+#  it may be distributed under the Xiph.Org license, which is the least
+#  restrictive of those mentioned above.  See the file COPYING.Xiph in this
+#  distribution.
+
+AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/oss-fuzz
+
+AM_CXXFLAGS = -std=c++11
+
+EXTRA_DIST = \
+	fuzz-encoder.dict \
+	fuzzing/Readme.md \
+	fuzzing/datasource/datasource.hpp \
+	fuzzing/datasource/id.hpp \
+	fuzzing/exception.hpp \
+	fuzzing/memory.hpp \
+	fuzzing/types.hpp
+
+if USE_OSSFUZZ_FLAG
+FUZZ_FLAG = $(LIB_FUZZING_ENGINE)
+FUZZ_LDADD = -lFuzzer
+else
+if USE_OSSFUZZ_STATIC
+FUZZ_LDADD = $(LIB_FUZZING_ENGINE)
+FUZZ_FLAG = -lFuzzer
+endif
+endif
+
+noinst_PROGRAMS =
+
+if USE_OSSFUZZERS
+noinst_PROGRAMS += fuzz-decoder fuzz-encoder
+endif
+
+fuzz_decoder_SOURCES = fuzz-decoder.cc
+fuzz_decoder_CXXFLAGS = $(AM_CXXFLAGS) $(FUZZ_FLAG)
+fuzz_decoder_LDFLAGS = $(AM_LDFLAGS) -static
+fuzz_decoder_LDADD = $(flac_libs) $(FUZZ_LDADD)
+
+fuzz_encoder_SOURCES = fuzz-encoder.cc
+fuzz_encoder_CXXFLAGS = $(AM_CXXFLAGS) $(FUZZ_FLAG)
+fuzz_encoder_LDFLAGS = $(AM_LDFLAGS) -static
+fuzz_encoder_LDADD = $(flac_libs) $(FUZZ_LDADD)
+
+flac_libs = \
+	$(top_builddir)/src/libFLAC/libFLAC-static.la \
+	$(top_builddir)/src/libFLAC++/libFLAC++-static.la \
+	@OGG_LIBS@ \
+	-lm
+