summaryrefslogtreecommitdiff
path: root/sapi/fuzzer/config.m4
diff options
context:
space:
mode:
Diffstat (limited to 'sapi/fuzzer/config.m4')
-rw-r--r--sapi/fuzzer/config.m493
1 files changed, 93 insertions, 0 deletions
diff --git a/sapi/fuzzer/config.m4 b/sapi/fuzzer/config.m4
new file mode 100644
index 0000000000..92327fc1d4
--- /dev/null
+++ b/sapi/fuzzer/config.m4
@@ -0,0 +1,93 @@
+AC_MSG_CHECKING(for clang fuzzer SAPI)
+
+PHP_ARG_ENABLE([fuzzer],,
+ [AS_HELP_STRING([--enable-fuzzer],
+ [Build PHP as clang fuzzing test module (for developers)])],
+ [no],
+ [no])
+
+PHP_ARG_ENABLE([fuzzer-msan],,
+ [AS_HELP_STRING([--enable-fuzzer-msan],
+ [Enable msan instead of asan/ubsan when fuzzing])],
+ [no],
+ [no])
+
+dnl For newer clang versions see https://llvm.org/docs/LibFuzzer.html#fuzzer-usage
+dnl for relevant flags.
+
+dnl Macro to define fuzzing target
+dnl PHP_FUZZER_TARGET(name, target-var)
+dnl
+AC_DEFUN([PHP_FUZZER_TARGET], [
+ PHP_FUZZER_BINARIES="$PHP_FUZZER_BINARIES $SAPI_FUZZER_PATH/php-fuzz-$1"
+ PHP_SUBST($2)
+ PHP_ADD_SOURCES_X([sapi/fuzzer],[fuzzer-$1.c],[],$2)
+ $2="[$]$2 $FUZZER_COMMON_OBJS"
+])
+
+if test "$PHP_FUZZER" != "no"; then
+ AC_MSG_RESULT([yes])
+ dnl Don't use PHP_REQUIRE_CXX() to avoid unnecessarily pulling in -lstdc++
+ AC_PROG_CXX
+ AC_PROG_CXXCPP
+ PHP_ADD_MAKEFILE_FRAGMENT($abs_srcdir/sapi/fuzzer/Makefile.frag)
+ SAPI_FUZZER_PATH=sapi/fuzzer
+ PHP_SUBST(SAPI_FUZZER_PATH)
+ if test -z "$LIB_FUZZING_ENGINE"; then
+ FUZZING_LIB="-fsanitize=fuzzer"
+ FUZZING_CC="$CC"
+ AX_CHECK_COMPILE_FLAG([-fsanitize=fuzzer-no-link], [
+ CFLAGS="$CFLAGS -fsanitize=fuzzer-no-link"
+ CXXFLAGS="$CXXFLAGS -fsanitize=fuzzer-no-link"
+
+ if test "$PHP_FUZZER_MSAN" = "yes"; then
+ CFLAGS="$CFLAGS -fsanitize=memory -fsanitize-memory-track-origins"
+ CXXFLAGS="$CXXFLAGS -fsanitize=memory -fsanitize-memory-track-origins"
+ else
+ CFLAGS="$CFLAGS -fsanitize=address"
+ CXXFLAGS="$CXXFLAGS -fsanitize=address"
+
+ dnl Don't include -fundefined in CXXFLAGS, because that would also require linking
+ dnl with a C++ compiler.
+ dnl Disable object-size sanitizer, because it is incompatible with our zend_function
+ dnl union, and this can't be easily fixed.
+ dnl We need to specify -fno-sanitize-recover=undefined here, otherwise ubsan warnings
+ dnl will not be considered failures by the fuzzer.
+ CFLAGS="$CFLAGS -fsanitize=undefined -fno-sanitize=object-size -fno-sanitize-recover=undefined"
+ fi
+ ],[
+ AC_MSG_ERROR(Compiler doesn't support -fsanitize=fuzzer-no-link)
+ ])
+ else
+ FUZZING_LIB="$LIB_FUZZING_ENGINE"
+ FUZZING_CC="$CXX -stdlib=libc++"
+ fi
+ PHP_SUBST(FUZZING_LIB)
+ PHP_SUBST(FUZZING_CC)
+
+ dnl PHP_SELECT_SAPI(fuzzer-parser, program, $FUZZER_SOURCES, , '$(SAPI_FUZZER_PATH)')
+
+ PHP_ADD_BUILD_DIR([sapi/fuzzer])
+ PHP_FUZZER_BINARIES=""
+ PHP_BINARIES="$PHP_BINARIES fuzzer"
+ PHP_INSTALLED_SAPIS="$PHP_INSTALLED_SAPIS fuzzer"
+
+ PHP_ADD_SOURCES_X([sapi/fuzzer], [fuzzer-sapi.c], [], FUZZER_COMMON_OBJS)
+
+ PHP_FUZZER_TARGET([parser], PHP_FUZZER_PARSER_OBJS)
+ PHP_FUZZER_TARGET([execute], PHP_FUZZER_EXECUTE_OBJS)
+ PHP_FUZZER_TARGET([unserialize], PHP_FUZZER_UNSERIALIZE_OBJS)
+ PHP_FUZZER_TARGET([unserializehash], PHP_FUZZER_UNSERIALIZEHASH_OBJS)
+ PHP_FUZZER_TARGET([json], PHP_FUZZER_JSON_OBJS)
+
+ if test -n "$enable_exif" && test "$enable_exif" != "no"; then
+ PHP_FUZZER_TARGET([exif], PHP_FUZZER_EXIF_OBJS)
+ fi
+ if test -n "$enable_mbstring" && test "$enable_mbstring" != "no"; then
+ PHP_FUZZER_TARGET([mbstring], PHP_FUZZER_MBSTRING_OBJS)
+ fi
+
+ PHP_SUBST(PHP_FUZZER_BINARIES)
+fi
+
+AC_MSG_RESULT($PHP_FUZZER)
View Lorry Controller Status