[tor-commits] [tor/main] Modernize our libfuzzer usage to close #40407

nickm at torproject.org nickm at torproject.org
Mon Jun 14 17:05:10 UTC 2021 

commit d2256fe9cea6407258a53f68c64723aef19bd41c
Author: Nick Mathewson <nickm at torproject.org>
Date:   Tue Jun 8 12:47:57 2021 -0400

    Modernize our libfuzzer usage to close #40407
    
    Additionally, remove lingering references to hsv2 fuzzers from the
    fuzzing_include_am.py script.
---
 Makefile.am                           | 2 +-
 changes/bug40407                      | 5 +++++
 scripts/codegen/fuzzing_include_am.py | 7 ++-----
 src/test/fuzz/include.am              | 5 ++---
 4 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/Makefile.am b/Makefile.am
index 3056b08446..7ae2133767 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -253,7 +253,7 @@ endif
 TEST_NETWORK_SHOW_WARNINGS_FOR_LAST_RUN_FLAGS=--quiet --only-warnings
 
 if LIBFUZZER_ENABLED
-TEST_CFLAGS += -fsanitize-coverage=trace-pc-guard,trace-cmp,trace-div
+TEST_CFLAGS += -fsanitize=fuzzer-no-link
 # not "edge"
 endif
 
diff --git a/changes/bug40407 b/changes/bug40407
new file mode 100644
index 0000000000..068d278e14
--- /dev/null
+++ b/changes/bug40407
@@ -0,0 +1,5 @@
+  o Minor features (fuzzing):
+    - When building with --enable-libfuzzer, use a set of compiler flags
+      that works with more recent versions of the library.  Previously
+      we were using a set of flags from 2017.
+      Closes ticket 40407.
diff --git a/scripts/codegen/fuzzing_include_am.py b/scripts/codegen/fuzzing_include_am.py
index b52b956f81..ddad8e6c3b 100755
--- a/scripts/codegen/fuzzing_include_am.py
+++ b/scripts/codegen/fuzzing_include_am.py
@@ -11,11 +11,9 @@ FUZZERS = """
 	diff
 	diff-apply
 	extrainfo
-	hsdescv2
 	hsdescv3
 	http
 	http-connect
-	iptsv2
 	microdesc
 	socks
 	strops
@@ -47,11 +45,10 @@ oss-fuzz-prereqs: \
 noinst_HEADERS += \
 	src/test/fuzz/fuzzing.h
 
-LIBFUZZER = -lFuzzer
 LIBFUZZER_CPPFLAGS = $(FUZZING_CPPFLAGS) -DLLVM_FUZZ
 LIBFUZZER_CFLAGS = $(FUZZING_CFLAGS)
-LIBFUZZER_LDFLAG = $(FUZZING_LDFLAG)
-LIBFUZZER_LIBS = $(FUZZING_LIBS) $(LIBFUZZER) -lstdc++
+LIBFUZZER_LDFLAG = $(FUZZING_LDFLAG) -fsanitize=fuzzer
+LIBFUZZER_LIBS = $(FUZZING_LIBS) -lstdc++
 
 LIBOSS_FUZZ_CPPFLAGS = $(FUZZING_CPPFLAGS) -DLLVM_FUZZ
 LIBOSS_FUZZ_CFLAGS = $(FUZZING_CFLAGS)
diff --git a/src/test/fuzz/include.am b/src/test/fuzz/include.am
index 9bdced9e6f..de3ea5e74a 100644
--- a/src/test/fuzz/include.am
+++ b/src/test/fuzz/include.am
@@ -23,11 +23,10 @@ oss-fuzz-prereqs: \
 noinst_HEADERS += \
 	src/test/fuzz/fuzzing.h
 
-LIBFUZZER = -lFuzzer
 LIBFUZZER_CPPFLAGS = $(FUZZING_CPPFLAGS) -DLLVM_FUZZ
 LIBFUZZER_CFLAGS = $(FUZZING_CFLAGS)
-LIBFUZZER_LDFLAG = $(FUZZING_LDFLAG)
-LIBFUZZER_LIBS = $(FUZZING_LIBS) $(LIBFUZZER) -lstdc++
+LIBFUZZER_LDFLAG = $(FUZZING_LDFLAG) -fsanitize=fuzzer
+LIBFUZZER_LIBS = $(FUZZING_LIBS) -lstdc++
 
 LIBOSS_FUZZ_CPPFLAGS = $(FUZZING_CPPFLAGS) -DLLVM_FUZZ
 LIBOSS_FUZZ_CFLAGS = $(FUZZING_CFLAGS)

More information about the tor-commits mailing list