mirrors/php-src
0
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-12-18 22:41:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
4d80c3b7e0
php-src/sapi/fuzzer/config.m4
Nikita Popov 4d49ec208e Add --enable-fuzzer-msan flag 
To build fuzzers with memory sanitizer.
2019-10-01 13:04:47 +02:00

95 lines
3.2 KiB
Plaintext
Raw Blame History

AC_MSG_CHECKING(for clang fuzzer SAPI)
PHP_ARG_ENABLE([fuzzer],,
[AS_HELP_STRING([--enable-fuzzer],
[Build PHP as clang fuzzing test module (for developers)])],
[no],
[no])
PHP_ARG_ENABLE([fuzzer-msan],,
[AS_HELP_STRING([--enable-fuzzer-msan],
[Enable msan instead of asan/ubsan when fuzzing])],
[no],
[no])
dnl For newer clang versions see https://llvm.org/docs/LibFuzzer.html#fuzzer-usage
dnl for relevant flags.
dnl Macro to define fuzzing target
dnl PHP_FUZZER_TARGET(name, target-var)
dnl
AC_DEFUN([PHP_FUZZER_TARGET], [
PHP_FUZZER_BINARIES="$PHP_FUZZER_BINARIES $SAPI_FUZZER_PATH/php-fuzz-$1"
PHP_SUBST($2)
PHP_ADD_SOURCES_X([sapi/fuzzer],[fuzzer-$1.c],[],$2)
$2="[$]$2 $FUZZER_COMMON_OBJS"
])
if test "$PHP_FUZZER" != "no"; then
AC_MSG_RESULT([yes])
dnl Don't use PHP_REQUIRE_CXX() to avoid unnecessarily pulling in -lstdc++
AC_PROG_CXX
AC_PROG_CXXCPP
PHP_ADD_MAKEFILE_FRAGMENT($abs_srcdir/sapi/fuzzer/Makefile.frag)
SAPI_FUZZER_PATH=sapi/fuzzer
PHP_SUBST(SAPI_FUZZER_PATH)
if test -z "$LIB_FUZZING_ENGINE"; then
FUZZING_LIB="-fsanitize=fuzzer"
FUZZING_CC="$CC"
AX_CHECK_COMPILE_FLAG([-fsanitize=fuzzer-no-link], [
CFLAGS="$CFLAGS -fsanitize=fuzzer-no-link"
CXXFLAGS="$CXXFLAGS -fsanitize=fuzzer-no-link"
if test "$PHP_FUZZER_MSAN" = "yes"; then
CFLAGS="$CFLAGS -fsanitize=memory -fsanitize-memory-track-origins"
CXXFLAGS="$CXXFLAGS -fsanitize=memory -fsanitize-memory-track-origins"
else
CFLAGS="$CFLAGS -fsanitize=address"
CXXFLAGS="$CXXFLAGS -fsanitize=address"
dnl Don't include -fundefined in CXXFLAGS, because that would also require linking
dnl with a C++ compiler.
dnl Disable object-size sanitizer, because it is incompatible with our zend_function
dnl union, and this can't be easily fixed.
dnl We need to specify -fno-sanitize-recover=undefined here, otherwise ubsan warnings
dnl will not be considered failures by the fuzzer.
CFLAGS="$CFLAGS -fsanitize=undefined -fno-sanitize=object-size -fno-sanitize-recover=undefined"
fi
],[
AC_MSG_ERROR(Compiler doesn't support -fsanitize=fuzzer-no-link)
])
else
FUZZING_LIB="$LIB_FUZZING_ENGINE"
FUZZING_CC="$CXX -stdlib=libc++"
fi
PHP_SUBST(FUZZING_LIB)
PHP_SUBST(FUZZING_CC)
dnl PHP_SELECT_SAPI(fuzzer-parser, program, $FUZZER_SOURCES, , '$(SAPI_FUZZER_PATH)')
PHP_ADD_BUILD_DIR([sapi/fuzzer])
PHP_FUZZER_BINARIES=""
PHP_BINARIES="$PHP_BINARIES fuzzer"
PHP_INSTALLED_SAPIS="$PHP_INSTALLED_SAPIS fuzzer"
PHP_ADD_SOURCES_X([sapi/fuzzer], [fuzzer-sapi.c], [], FUZZER_COMMON_OBJS)
PHP_FUZZER_TARGET([parser], PHP_FUZZER_PARSER_OBJS)
PHP_FUZZER_TARGET([unserialize], PHP_FUZZER_UNSERIALIZE_OBJS)
dnl json extension is enabled by default
if (test -n "$enable_json" && test "$enable_json" != "no") || test -z "$PHP_ENABLE_ALL"; then
PHP_FUZZER_TARGET([json], PHP_FUZZER_JSON_OBJS)
fi
if test -n "$enable_exif" && test "$enable_exif" != "no"; then
PHP_FUZZER_TARGET([exif], PHP_FUZZER_EXIF_OBJS)
fi
if test -n "$enable_mbstring" && test "$enable_mbstring" != "no"; then
PHP_FUZZER_TARGET([mbstring], PHP_FUZZER_MBSTRING_OBJS)
fi
PHP_SUBST(PHP_FUZZER_BINARIES)
fi
AC_MSG_RESULT($PHP_FUZZER)
Reference in New Issue View Git Blame Copy Permalink