def test_doesnt_mutate_options(self):
"""Test that calling get_memory_tool_options followed by
set_memory_tool_options does not mutate sanitizer options unless we
do so explicitly."""
# Make environment module use the Windows symbolizer, since its path is
# hard to get right.
test_helpers.patch_environ(self)
os.environ['JOB_NAME'] = 'windows_libfuzzer_chrome_asan'
test_helpers.patch(self, [
'system.environment.platform',
'system.environment.get_llvm_symbolizer_path'
])
self.mock.platform.return_value = 'WINDOWS'
windows_symbolizer_path = (
r'c:\clusterfuzz\resources\platform\windows\llvm-symbolizer.exe')
self.mock.get_llvm_symbolizer_path.return_value = windows_symbolizer_path
environment.reset_current_memory_tool_options()
memory_tool_var = 'ASAN_OPTIONS'
first_asan_options_dict = environment.get_memory_tool_options(
memory_tool_var)
environment.set_memory_tool_options(memory_tool_var,
first_asan_options_dict)
second_asan_options_dict = environment.get_memory_tool_options(
memory_tool_var)
self.assertDictEqual(first_asan_options_dict, second_asan_options_dict)
def process_sanitizer_options_overrides(fuzzer_path):
"""Applies sanitizer option overrides from .options file."""
fuzzer_options = options.get_fuzz_target_options(fuzzer_path)
if not fuzzer_options:
return
asan_options = environment.get_memory_tool_options('ASAN_OPTIONS', {})
msan_options = environment.get_memory_tool_options('MSAN_OPTIONS', {})
ubsan_options = environment.get_memory_tool_options('UBSAN_OPTIONS', {})
hwasan_options = environment.get_memory_tool_options('HWASAN_OPTIONS', {})
asan_overrides = fuzzer_options.get_asan_options()
if asan_options and asan_overrides:
asan_options.update(asan_overrides)
environment.set_memory_tool_options('ASAN_OPTIONS', asan_options)
msan_overrides = fuzzer_options.get_msan_options()
if msan_options and msan_overrides:
msan_options.update(msan_overrides)
environment.set_memory_tool_options('MSAN_OPTIONS', msan_options)
ubsan_overrides = fuzzer_options.get_ubsan_options()
if ubsan_options and ubsan_overrides:
ubsan_options.update(ubsan_overrides)
environment.set_memory_tool_options('UBSAN_OPTIONS', ubsan_options)
hwasan_overrides = fuzzer_options.get_hwasan_options()
if hwasan_options and hwasan_overrides:
hwasan_options.update(hwasan_overrides)
environment.set_memory_tool_options('HWASAN_OPTIONS', hwasan_options)
def set_additional_sanitizer_options_for_afl_fuzz():
"""Set *SAN_OPTIONS to afl's liking.
If ASAN_OPTIONS or MSAN_OPTION is set, they must contain certain options or
afl-fuzz will refuse to fuzz. See check_asan_opts() in afl-fuzz.c in afl for
more details.
"""
# We need to check if ASAN_OPTIONS and/or MSAN_OPTIONS contain symbolize=0
# because ClusterFuzz sets all sanitizers options equal to an empty string
# before adding symbolize=0 to *either* ASAN_OPTIONS or MSAN_OPTIONS. Because
# they will both be set but one will be empty, afl will think the empty one is
# incorrect and quit if we don't do this.
required_sanitizer_options = {
'ASAN_OPTIONS': {
'symbolize': 0,
'abort_on_error': 1
},
'MSAN_OPTIONS': {
'symbolize': 0,
'exit_code': 86
},
}
for options_env_var, option_values in required_sanitizer_options.iteritems(
):
# If os.environ[options_env_var] is an empty string, afl will refuse to run,
# because we haven't set the right options. Thus only continue if it does
# not exist.
if options_env_var not in os.environ:
continue
options_env_value = environment.get_memory_tool_options(
options_env_var)
options_env_value.update(option_values)
environment.set_memory_tool_options(options_env_var, options_env_value)
def set_sanitizer_options(fuzzer_path):
"""Sets sanitizer options based on .options file overrides and what this
script requires."""
engine_common.process_sanitizer_options_overrides(fuzzer_path)
sanitizer_options_var = environment.get_current_memory_tool_var()
sanitizer_options = environment.get_memory_tool_options(
sanitizer_options_var, {})
sanitizer_options['exitcode'] = constants.TARGET_ERROR_EXITCODE
environment.set_memory_tool_options(sanitizer_options_var, sanitizer_options)
def _set_dedup_flags():
"""Allow libFuzzer to do its own crash comparison during minimization."""
memory_tool_options = environment.get_memory_tool_options(
memory_tool_options_var)
memory_tool_options['symbolize'] = 1
memory_tool_options['dedup_token_length'] = 3
environment.set_memory_tool_options(memory_tool_options_var,
memory_tool_options)
def test_ubsan_disabled(self):
"""Test reset_current_memory_tool_options when ubsan is disabled."""
os.environ['JOB_NAME'] = 'libfuzzer_chrome_asan'
os.environ['UBSAN'] = 'True'
environment.reset_current_memory_tool_options(disable_ubsan=True)
self.assertDictEqual(
{
'halt_on_error': 0,
'print_stacktrace': 0,
'print_suppressions': 0
}, environment.get_memory_tool_options('UBSAN_OPTIONS'))
def process_sanitizer_options(self):
"""Process sanitizer options overrides."""
if not self.fuzzer_options:
return
# Only need to look as ASan, as that's what we prune with.
overrides = self.fuzzer_options.get_asan_options()
if not overrides:
return
asan_options = environment.get_memory_tool_options("ASAN_OPTIONS")
asan_options.update(overrides)
environment.set_memory_tool_options("ASAN_OPTIONS", asan_options)
def test_ubsan_disabled(self):
"""Test reset_current_memory_tool_options when ubsan is disabled."""
os.environ["JOB_NAME"] = "libfuzzer_chrome_asan"
os.environ["UBSAN"] = "True"
environment.reset_current_memory_tool_options(disable_ubsan=True)
self.assertDictEqual(
{
"halt_on_error": 0,
"print_stacktrace": 0,
"print_suppressions": 0
},
environment.get_memory_tool_options("UBSAN_OPTIONS"),
)
def test_ubsan_enabled(self):
"""Test reset_current_memory_tool_options when ubsan is enabled."""
os.environ['JOB_NAME'] = 'libfuzzer_chrome_asan'
os.environ['UBSAN'] = 'True'
environment.reset_current_memory_tool_options(disable_ubsan=False)
self.assertDictEqual(
{
'halt_on_error': 1,
'handle_abort': 1,
'handle_segv': 1,
'handle_sigbus': 1,
'handle_sigfpe': 1,
'handle_sigill': 1,
'print_stacktrace': 1,
'print_summary': 1,
'print_suppressions': 0,
'silence_unsigned_overflow': 1,
'use_sigaltstack': 1
}, environment.get_memory_tool_options('UBSAN_OPTIONS'))
def test_ubsan_enabled(self):
"""Test reset_current_memory_tool_options when ubsan is enabled."""
os.environ["JOB_NAME"] = "libfuzzer_chrome_asan"
os.environ["UBSAN"] = "True"
environment.reset_current_memory_tool_options(disable_ubsan=False)
self.assertDictEqual(
{
"halt_on_error": 1,
"handle_abort": 1,
"handle_segv": 1,
"handle_sigbus": 1,
"handle_sigfpe": 1,
"handle_sigill": 1,
"print_stacktrace": 1,
"print_summary": 1,
"print_suppressions": 0,
"silence_unsigned_overflow": 1,
"use_sigaltstack": 1,
},
environment.get_memory_tool_options("UBSAN_OPTIONS"),
)
