Adds cel-cpp project (#5326)

* Adds cel-cpp project * Fixup copy targets * Disable not working sanitizers * Fixup target try catch * Adds ccs people to cel-cpp * Remove unnneeded bazel download * Use bazel magic * Disable UBSAN for cel-cpp * removing unneeded nit
author: Catena cyber <35799796+catenacyber@users.noreply.github.com> 2021-03-16 18:02:22 +0100
committer: GitHub <noreply@github.com> 2021-03-16 10:02:22 -0700
commit: dd40bbdac43fc97f0b2550b8062086cc8ffc9942 (patch)
tree: f91579bb8c08cab68d8aff758ea1e5d5053ce04c
parent: 2caa666499054f0e78be45188f496411a268c974 (diff)
download: oss-fuzz-dd40bbdac43fc97f0b2550b8062086cc8ffc9942.tar.gz
7 files changed, 191 insertions, 0 deletions
diff --git a/projects/cel-cpp/.bazelrc b/projects/cel-cpp/.bazelrc
new file mode 100644
index 000000000..f55fb55ae
--- /dev/null
+++ b/projects/cel-cpp/.bazelrc
@@ -0,0 +1,23 @@
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+# Force the use of Clang for C++ builds.
+build --action_env=CC=clang
+build --action_env=CXX=clang++
+
+build:oss-fuzz --@rules_fuzzing//fuzzing:cc_engine=@rules_fuzzing_oss_fuzz//:oss_fuzz_engine
+build:oss-fuzz --@rules_fuzzing//fuzzing:cc_engine_instrumentation=oss-fuzz
+build:oss-fuzz --@rules_fuzzing//fuzzing:cc_engine_sanitizer=none
diff --git a/projects/cel-cpp/BUILD b/projects/cel-cpp/BUILD
new file mode 100644
index 000000000..6fdd77387
--- /dev/null
+++ b/projects/cel-cpp/BUILD
@@ -0,0 +1,23 @@
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+load("@rules_fuzzing//fuzzing:cc_defs.bzl", "cc_fuzz_test")
+
+cc_fuzz_test(
+	name = "fuzz_parse",
+	deps = ["//parser"],
+	srcs = ["fuzz_parse.cc"],
+)
diff --git a/projects/cel-cpp/Dockerfile b/projects/cel-cpp/Dockerfile
new file mode 100644
index 000000000..6c4b67eef
--- /dev/null
+++ b/projects/cel-cpp/Dockerfile
@@ -0,0 +1,27 @@
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder
+
+RUN git clone --depth 1 https://github.com/google/cel-cpp/
+COPY build.sh $SRC/
+RUN mkdir $SRC/cel-cpp/fuzz/
+COPY BUILD fuzz*.cc $SRC/cel-cpp/fuzz/
+COPY WORKSPACE .bazelrc $SRC/
+RUN cat WORKSPACE >> $SRC/cel-cpp/WORKSPACE
+RUN cat .bazelrc >> $SRC/cel-cpp/.bazelrc
+RUN echo "4.0.0" > $SRC/cel-cpp/.bazelversion
+WORKDIR $SRC/cel-cpp
diff --git a/projects/cel-cpp/WORKSPACE b/projects/cel-cpp/WORKSPACE
new file mode 100644
index 000000000..bc59fa04a
--- /dev/null
+++ b/projects/cel-cpp/WORKSPACE
@@ -0,0 +1,41 @@
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
+
+http_archive(
+    name = "fuzzing_rules_python",
+    url = "https://github.com/bazelbuild/rules_python/releases/download/0.1.0/rules_python-0.1.0.tar.gz",
+    sha256 = "b6d46438523a3ec0f3cead544190ee13223a52f6a6765a29eae7b7cc24cc83a0",
+)
+
+http_archive(
+    name = "rules_fuzzing",
+    sha256 = "a5734cb42b1b69395c57e0bbd32ade394d5c3d6afbfe782b24816a96da24660d",
+    strip_prefix = "rules_fuzzing-0.1.1",
+    urls = ["https://github.com/bazelbuild/rules_fuzzing/archive/v0.1.1.zip"],
+    repo_mapping = {
+        "@rules_python": "@fuzzing_rules_python",
+    },
+)
+
+load("@rules_fuzzing//fuzzing:repositories.bzl", "rules_fuzzing_dependencies")
+
+rules_fuzzing_dependencies()
+
+load("@rules_fuzzing//fuzzing:init.bzl", "rules_fuzzing_init")
+
+rules_fuzzing_init()
diff --git a/projects/cel-cpp/build.sh b/projects/cel-cpp/build.sh
new file mode 100755
index 000000000..5a6315a35
--- /dev/null
+++ b/projects/cel-cpp/build.sh
@@ -0,0 +1,32 @@
+#!/bin/bash -eu
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+declare -r QUERY='
+    let all_fuzz_tests = attr(tags, "fuzz-test", "//...") in
+    $all_fuzz_tests - attr(tags, "no-oss-fuzz", $all_fuzz_tests)
+'
+
+declare -r PACKAGE_SUFFIX="_oss_fuzz"
+declare -r OSS_FUZZ_TESTS="$(bazel query "${QUERY}" | sed "s/$/${PACKAGE_SUFFIX}/")"
+
+bazel build -c opt --config=oss-fuzz --linkopt=-lc++ \
+    --action_env=CC="${CC}" --action_env=CXX="${CXX}" \
+    ${OSS_FUZZ_TESTS[*]}
+
+for oss_fuzz_archive in $(find bazel-bin/ -name "*${PACKAGE_SUFFIX}.tar"); do
+    tar -xvf "${oss_fuzz_archive}" -C "${OUT}"
+done
diff --git a/projects/cel-cpp/fuzz_parse.cc b/projects/cel-cpp/fuzz_parse.cc
new file mode 100644
index 000000000..f4755d319
--- /dev/null
+++ b/projects/cel-cpp/fuzz_parse.cc
@@ -0,0 +1,34 @@
+// Copyright 2021 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+#include <string>
+
+#include "parser/parser.h"
+
+#define MAX_RECURSION 0x100
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+    std::string str (reinterpret_cast<const char*>(data), size);
+    try {
+        auto parse_status = google::api::expr::parser::Parse(str, "fuzzinput", MAX_RECURSION);
+        if (!parse_status.ok()) {
+            parse_status.status().message();
+        }
+    } catch (const std::exception& e) {
+        return 0;
+    }
+    return 0;
+}
diff --git a/projects/cel-cpp/project.yaml b/projects/cel-cpp/project.yaml
new file mode 100644
index 000000000..ad4bf90e3
--- /dev/null
+++ b/projects/cel-cpp/project.yaml
@@ -0,0 +1,11 @@
+homepage: "https://opensource.google/projects/cel"
+language: c++
+primary_contact: "kyessenov@gmail.com"
+auto_ccs :
+- "tswadell@google.com"
+- "p.antoine@catenacyber.fr"
+
+sanitizers:
+- address
+- memory
+main_repo: 'https://github.com/google/cel-cpp'
author	Catena cyber <35799796+catenacyber@users.noreply.github.com>	2021-03-16 18:02:22 +0100
committer	GitHub <noreply@github.com>	2021-03-16 10:02:22 -0700
commit	dd40bbdac43fc97f0b2550b8062086cc8ffc9942 (patch)
tree	f91579bb8c08cab68d8aff758ea1e5d5053ce04c
parent	2caa666499054f0e78be45188f496411a268c974 (diff)
download	oss-fuzz-dd40bbdac43fc97f0b2550b8062086cc8ffc9942.tar.gz