Enable UBSan for python projects. (#4757)

* Enable UBSan for python projects.

* Update docs.

3 files changed, 9 insertions, 6 deletions

diff --git a/docs/getting-started/new-project-guide/python_lang.md b/docs/getting-started/new-project-guide/python_lang.md
index 5bc01d903..f42d2740a 100644
--- a/docs/getting-started/new-project-guide/python_lang.md
+++ b/docs/getting-started/new-project-guide/python_lang.md
@@ -42,14 +42,16 @@ The `language` attribute must be specified.
 language: python
 ```
 
-The only supported fuzzing engine and sanitizer are `libfuzzer` and `address`,
-respectively.
+The only supported fuzzing engine is libFuzzer (`libfuzzer`). The supported
+sanitizers are AddressSanitizer (`address`) and
+UndefinedBehaviorSanitizer (`undefined`). These must be explicitly specified.
 
 ```yaml
-sanitizers:
-  - address
 fuzzing_engines:
   - libfuzzer
+sanitizers:
+  - address
+  - undefined
 ```
 
 ### Dockerfile
diff --git a/infra/base-images/base-builder/compile b/infra/base-images/base-builder/compile
index 8dd0c0387..a97905444 100755
--- a/infra/base-images/base-builder/compile
+++ b/infra/base-images/base-builder/compile
@@ -27,8 +27,8 @@ if [ "$FUZZING_LANGUAGE" = "python" ]; then
     echo "ERROR: Python projects can be fuzzed with libFuzzer engine only."
     exit 1
   fi
-  if [ "$SANITIZER" != "address" ]; then
-    echo "ERROR: Python projects can be fuzzed with AddressSanitizer only."
+  if [ "$SANITIZER" != "address" ] && [ "$SANITIZER" != "undefined" ]; then
+    echo "ERROR: Python projects can be fuzzed with AddressSanitizer and UndefinedBehaviorSanitizer only."
     exit 1
   fi
   if [ "$ARCHITECTURE" != "x86_64" ]; then
diff --git a/projects/ujson/project.yaml b/projects/ujson/project.yaml
index 335fb2fb9..525c3587a 100644
--- a/projects/ujson/project.yaml
+++ b/projects/ujson/project.yaml
@@ -8,3 +8,4 @@ fuzzing_engines:
   - libfuzzer
 sanitizers:
   - address
+  - undefined