🌐 AI搜索 & 代理 主页
Skip to content

Commit 115de67

Browse files
guidovrankenguidovranken
committed
Fix OSS-Fuzz fuzzers: resolve absolute paths
1 parent 9af827b commit 115de67

File tree

2 files changed

+36
-26
lines changed

2 files changed

+36
-26
lines changed

Makefile

Lines changed: 10 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,21 +1,20 @@
11
all : fuzzer-html fuzzer-email fuzzer-httpclient fuzzer-json fuzzer-difflib fuzzer-csv fuzzer-decode
22

3-
CPYTHON_LIB_PATH=$(CPYTHON_INSTALL_PATH)/lib/python3.9
4-
CPYTHON_LIB_DYNLOAD_PATH=$(CPYTHON_LIB_PATH)/lib-dynload
5-
6-
PYTHON_LD_FLAGS=$(CPYTHON_INSTALL_PATH)/lib/libpython3.9.a -lutil -lpthread $(CPYTHON_LIB_DYNLOAD_PATH)/*.so
3+
PYTHON_CONFIG_PATH=$(CPYTHON_INSTALL_PATH)/bin/python3-config
4+
CXXFLAGS += $(shell $(PYTHON_CONFIG_PATH) --cflags)
5+
LDFLAGS += -rdynamic $(shell $(PYTHON_CONFIG_PATH) --ldflags --embed)
76

87
fuzzer-html:
9-
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 -I $(CPYTHON_INSTALL_PATH)/include/python3.9/ fuzzer.cpp -DPYTHON_HARNESS_PATH="\"$(OUT)/html.py\"" $(PYTHON_LD_FLAGS) -ldl -o fuzzer-html
8+
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 fuzzer.cpp -DPYTHON_HARNESS_PATH="\"html.py\"" -ldl $(LDFLAGS) -o fuzzer-html
109
fuzzer-email:
11-
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 -I $(CPYTHON_INSTALL_PATH)/include/python3.9/ fuzzer.cpp -DPYTHON_HARNESS_PATH="\"$(OUT)/email.py\"" $(PYTHON_LD_FLAGS) -ldl -o fuzzer-email
10+
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 fuzzer.cpp -DPYTHON_HARNESS_PATH="\"email.py\"" -ldl $(LDFLAGS) -o fuzzer-email
1211
fuzzer-httpclient:
13-
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 -I $(CPYTHON_INSTALL_PATH)/include/python3.9/ fuzzer.cpp -DPYTHON_HARNESS_PATH="\"$(OUT)/httpclient.py\"" $(PYTHON_LD_FLAGS) -ldl -o fuzzer-httpclient
12+
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 fuzzer.cpp -DPYTHON_HARNESS_PATH="\"httpclient.py\"" -ldl $(LDFLAGS) -o fuzzer-httpclient
1413
fuzzer-json:
15-
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 -I $(CPYTHON_INSTALL_PATH)/include/python3.9/ fuzzer.cpp -DPYTHON_HARNESS_PATH="\"$(OUT)/json.py\"" $(PYTHON_LD_FLAGS) -ldl -o fuzzer-json
14+
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 fuzzer.cpp -DPYTHON_HARNESS_PATH="\"json.py\"" -ldl $(LDFLAGS) -o fuzzer-json
1615
fuzzer-difflib:
17-
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 -I $(CPYTHON_INSTALL_PATH)/include/python3.9/ fuzzer.cpp -DPYTHON_HARNESS_PATH="\"$(OUT)/difflib.py\"" $(PYTHON_LD_FLAGS) -ldl -o fuzzer-difflib
16+
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 fuzzer.cpp -DPYTHON_HARNESS_PATH="\"difflib.py\"" -ldl $(LDFLAGS) -o fuzzer-difflib
1817
fuzzer-csv:
19-
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 -I $(CPYTHON_INSTALL_PATH)/include/python3.9/ fuzzer.cpp -DPYTHON_HARNESS_PATH="\"$(OUT)/csv.py\"" $(PYTHON_LD_FLAGS) -ldl -o fuzzer-csv
18+
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 fuzzer.cpp -DPYTHON_HARNESS_PATH="\"csv.py\"" -ldl $(LDFLAGS) -o fuzzer-csv
2019
fuzzer-decode:
21-
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 -I $(CPYTHON_INSTALL_PATH)/include/python3.9/ fuzzer.cpp -DPYTHON_HARNESS_PATH="\"$(OUT)/decode.py\"" $(PYTHON_LD_FLAGS) -ldl -o fuzzer-decode
20+
clang++ $(CXXFLAGS) $(LIB_FUZZING_ENGINE) -std=c++17 fuzzer.cpp -DPYTHON_HARNESS_PATH="\"decode.py\"" -ldl $(LDFLAGS) -o fuzzer-decode

fuzzer.cpp

Lines changed: 26 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -15,16 +15,37 @@
1515
#define PY_SSIZE_T_CLEAN
1616
#include <Python.h>
1717

18+
static std::string ToAbsolutePath(const std::string argv0, const std::string relativePath) {
19+
char absoluteRootPath[PATH_MAX+1];
20+
char argv0Copy[argv0.size()+1];
21+
memcpy(argv0Copy, argv0.c_str(), argv0.size()+1);
22+
if ( realpath(dirname(argv0Copy), absoluteRootPath) == nullptr ) {
23+
printf("Fatal error: Cannot resolve absolute root path\n");
24+
abort();
25+
}
26+
27+
return std::string(std::string(absoluteRootPath) + "/" + relativePath);
28+
}
29+
1830
void* pFunc = nullptr;
1931
extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv) {
2032
const std::string argv0 = (*argv)[0];
2133

22-
std::string scriptRootPath;
34+
const std::string absoluteCPythonInstallPath = ToAbsolutePath(argv0, "cpython-install");
35+
const std::string absoluteScriptPath = ToAbsolutePath(argv0, PYTHON_HARNESS_PATH);
2336

2437
std::vector<uint8_t> program;
25-
FILE* fp = fopen(PYTHON_HARNESS_PATH, "rb");
38+
39+
{
40+
if ( setenv("PYTHONHOME", absoluteCPythonInstallPath.c_str(), 1) != 0 ) {
41+
printf("Fatal error: Cannot set PYTHONHOME\n");
42+
abort();
43+
}
44+
}
45+
46+
FILE* fp = fopen(absoluteScriptPath.c_str(), "rb");
2647
if ( fp == nullptr ) {
27-
printf("Fatal error: Cannot open script: %s\n", PYTHON_HARNESS_PATH);
48+
printf("Fatal error: Cannot open script: %s\n", absoluteScriptPath.c_str());
2849
abort();
2950
}
3051

@@ -44,16 +65,6 @@ extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv) {
4465

4566
std::string code = std::string(program.data(), program.data() + program.size());
4667

47-
{
48-
/* Resolve script root path */
49-
char resolved_path[PATH_MAX+1];
50-
if ( realpath(PYTHON_HARNESS_PATH, resolved_path) == nullptr ) {
51-
printf("Fatal error: Cannot resolve full script path\n");
52-
abort();
53-
}
54-
scriptRootPath = std::string(dirname(resolved_path));
55-
}
56-
5768
{
5869
wchar_t *program = Py_DecodeLocale(argv0.c_str(), nullptr);
5970
Py_SetProgramName(program);
@@ -66,7 +77,7 @@ extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv) {
6677
std::string setArgv0;
6778
setArgv0 += "import sys";
6879
setArgv0 += "\n";
69-
setArgv0 += "sys.argv[0] = '" + std::string(PYTHON_HARNESS_PATH) + "'\n";
80+
setArgv0 += "sys.argv[0] = '" + absoluteScriptPath + "'\n";
7081
if ( PyRun_SimpleString(setArgv0.c_str()) != 0 ) {
7182
printf("Fatal: Cannot set argv[0]\n");
7283
PyErr_PrintEx(1);
@@ -78,7 +89,7 @@ extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv) {
7889
std::string setPYTHONPATH;
7990
setPYTHONPATH += "import sys";
8091
setPYTHONPATH += "\n";
81-
setPYTHONPATH += "sys.path.append('" + scriptRootPath + "')\n";
92+
setPYTHONPATH += "sys.path.append('" + absoluteScriptPath + "')\n";
8293
setPYTHONPATH += "\n";
8394
if ( PyRun_SimpleString(setPYTHONPATH.c_str()) != 0 ) {
8495
printf("Fatal: Cannot set PYTHONPATH\n");

0 commit comments

Comments
 (0)