diff options
Diffstat (limited to 'docker')
-rwxr-xr-x | docker/build_all.sh | 19 | ||||
-rw-r--r-- | docker/jazzer-autofuzz/Dockerfile | 30 | ||||
-rwxr-xr-x | docker/jazzer-autofuzz/entrypoint.sh | 24 | ||||
-rw-r--r-- | docker/jazzer/Dockerfile | 34 | ||||
-rwxr-xr-x | docker/push_all.sh | 21 |
5 files changed, 128 insertions, 0 deletions
diff --git a/docker/build_all.sh b/docker/build_all.sh new file mode 100755 index 00000000..21c7c8e2 --- /dev/null +++ b/docker/build_all.sh @@ -0,0 +1,19 @@ +# Copyright 2021 Code Intelligence GmbH +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -e + +this_dir=$(dirname "$(realpath "$0")") +docker build --pull -t cifuzz/jazzer "$@" "$this_dir"/jazzer +docker build -t cifuzz/jazzer-autofuzz "$@" "$this_dir"/jazzer-autofuzz diff --git a/docker/jazzer-autofuzz/Dockerfile b/docker/jazzer-autofuzz/Dockerfile new file mode 100644 index 00000000..5d57f2a8 --- /dev/null +++ b/docker/jazzer-autofuzz/Dockerfile @@ -0,0 +1,30 @@ +# Copyright 2021 Code Intelligence GmbH +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM cifuzz/jazzer as jazzer + +FROM ubuntu:20.04 + +ENV DEBIAN_FRONTEND=noninteractive +RUN apt-get update && apt-get install -y curl openjdk-11-jdk-headless + +WORKDIR /app +RUN curl -L 'https://github.com/coursier/coursier/releases/download/v2.0.16/coursier.jar' -o coursier.jar && \ + chmod +x coursier.jar + +COPY entrypoint.sh /app/ +COPY --from=jazzer /app/jazzer_agent_deploy.jar /app/jazzer_driver /app/ + +WORKDIR /fuzzing +ENTRYPOINT ["/app/entrypoint.sh"] diff --git a/docker/jazzer-autofuzz/entrypoint.sh b/docker/jazzer-autofuzz/entrypoint.sh new file mode 100755 index 00000000..78c57f71 --- /dev/null +++ b/docker/jazzer-autofuzz/entrypoint.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash +# Copyright 2021 Code Intelligence GmbH +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -e + +CP="$(/app/coursier.jar fetch --classpath "$1")" +/app/jazzer_driver \ + -artifact_prefix=/fuzzing/ \ + --reproducer_path=/fuzzing \ + --cp="$CP" \ + --autofuzz="$2" \ + "${@:3}" diff --git a/docker/jazzer/Dockerfile b/docker/jazzer/Dockerfile new file mode 100644 index 00000000..56787be7 --- /dev/null +++ b/docker/jazzer/Dockerfile @@ -0,0 +1,34 @@ +# Copyright 2021 Code Intelligence GmbH +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM ubuntu:20.04 AS builder + +ENV DEBIAN_FRONTEND=noninteractive +RUN apt-get update && apt-get install -y git python3 python-is-python3 openjdk-11-jdk-headless + +WORKDIR /root +RUN git clone --depth=1 https://github.com/CodeIntelligenceTesting/jazzer.git && \ + cd jazzer && \ + # The LLVM toolchain requires ld and ld.gold to exist, but does not use them. + touch /usr/bin/ld && \ + touch /usr/bin/ld.gold && \ + BAZEL_DO_NOT_DETECT_CPP_TOOLCHAIN=1 \ + ./bazelisk-linux-amd64 build --config=toolchain --extra_toolchains=@llvm_toolchain//:cc-toolchain-x86_64-linux \ + //agent:jazzer_agent_deploy.jar //driver:jazzer_driver + +FROM gcr.io/distroless/java + +COPY --from=builder /root/jazzer/bazel-bin/agent/jazzer_agent_deploy.jar /root/jazzer/bazel-bin/driver/jazzer_driver /app/ +WORKDIR /fuzzing +ENTRYPOINT [ "/app/jazzer_driver", "-artifact_prefix=/fuzzing/", "--reproducer_path=/fuzzing" ] diff --git a/docker/push_all.sh b/docker/push_all.sh new file mode 100755 index 00000000..59d43718 --- /dev/null +++ b/docker/push_all.sh @@ -0,0 +1,21 @@ +# Copyright 2021 Code Intelligence GmbH +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -e + +this_dir=$(dirname "$(realpath "$0")") +"$this_dir"/build_all.sh --no-cache + +docker push cifuzz/jazzer +docker push cifuzz/jazzer-autofuzz |