[Nodejs] initial integration. (#3860)

* Nodejs initial integration.

* Added headers to fix Travis.

* A lot of simplifications to build script. LDFLAGS is the key here.

* More simplifications to build script.

* Fix Travis.

* Remove msan.

* Generalise and simplify build script.

* utilise all cores and a bit nicer structure in build.

4 files changed, 101 insertions, 0 deletions

diff --git a/projects/nodejs/Dockerfile b/projects/nodejs/Dockerfile
new file mode 100644
index 000000000..e4a3299d6
--- /dev/null
+++ b/projects/nodejs/Dockerfile
@@ -0,0 +1,25 @@
+# Copyright 2020 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder
+MAINTAINER david@adalogics.com
+RUN apt-get update && apt-get install -y make
+RUN apt-get install -y flex bison build-essential
+RUN git clone --recursive --depth 1 https://github.com/nodejs/node
+WORKDIR $SRC
+COPY build.sh $SRC/
+
+COPY fuzz_url.cc $SRC/
diff --git a/projects/nodejs/build.sh b/projects/nodejs/build.sh
new file mode 100755
index 000000000..075ebb64e
--- /dev/null
+++ b/projects/nodejs/build.sh
@@ -0,0 +1,46 @@
+#!/bin/bash -eu
+# Copyright 2020 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+cd $SRC/node
+
+# Build node
+export LDFLAGS="$CXXFLAGS"
+export LD="$CXX"
+./configure --without-intl --without-node-code-cache --without-dtrace --without-snapshot --without-ssl
+make -j$(nproc)
+
+# Gather static libraries
+cd $SRC/node/out
+rm -rf ./library_files && mkdir library_files
+find . -name "*.a" -exec cp {} ./library_files/ \;
+
+# Build the fuzzers
+CMDS="-D__STDC_FORMAT_MACROS -D__POSIX__ -DNODE_HAVE_I18N_SUPPORT=1 \
+ -DNODE_ARCH=\"x64\" -DNODE_PLATFORM=\"linux\" -DNODE_WANT_INTERNALS=1"
+INCLUDES="-I../src -I../deps/v8/include -I../deps/uv/include"
+
+# Compilation
+$CXX -o fuzz_url.o $SRC/fuzz_url.cc $CXXFLAGS $CMDS $INCLUDES \
+        -pthread -fno-omit-frame-pointer -fno-rtti -fno-exceptions -std=gnu++1y -MMD -c
+
+# Linking
+$CXX -o $OUT/fuzz_url $LIB_FUZZING_ENGINE $CXXFLAGS \
+  -rdynamic -Wl,-z,noexecstack,-z,relro,-z,now \
+  -pthread -Wl,--start-group \
+  ./Release/obj.target/cctest/src/node_snapshot_stub.o \
+  ./Release/obj.target/cctest/src/node_code_cache_stub.o \
+  fuzz_url.o ./library_files/*.a \
+  -latomic -lm -ldl -Wl,--end-group
diff --git a/projects/nodejs/fuzz_url.cc b/projects/nodejs/fuzz_url.cc
new file mode 100644
index 000000000..1c07fac3f
--- /dev/null
+++ b/projects/nodejs/fuzz_url.cc
@@ -0,0 +1,25 @@
+/* Copyright 2020 Google Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+#include <stdlib.h>
+
+#include "node.h"
+#include "node_internals.h"
+#include "node_url.h"
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+    node::url::URL url2((char*)data, size);
+
+    return 0;
+} 
diff --git a/projects/nodejs/project.yaml b/projects/nodejs/project.yaml
index 80ca11e74..e6173dbab 100644
--- a/projects/nodejs/project.yaml
+++ b/projects/nodejs/project.yaml
@@ -1,2 +1,7 @@
 homepage: "https://nodejs.org"
 primary_contact: "security@nodejs.org"
+language: c++
+sanitizers:
+  - address
+auto_ccs:
+  - "david@adalogics.com"