Add SIGINT handler, and some useful compiler flags

trailofbits · Jan 29, 2024 · 62580ea · 62580ea
1 parent 732963f
commit 62580ea
Show file tree

Hide file tree

Showing 2 changed files with 41 additions and 4 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -32,10 +32,11 @@ RUN wget -q -O $CLANG_FILE $CLANG_URL && \
     tar xf $CLANG_FILE -C $CLANG_DIR --strip-components 1 && \
     rm $CLANG_FILE
 
+# https://github.com/google/sanitizers/wiki/AddressSanitizerFlags
 ENV CC "$CLANG_DIR/bin/clang"
-ENV CFLAGS "-fsanitize=address,undefined,fuzzer-no-link -fPIC -g"
+ENV CFLAGS "-fsanitize=address,fuzzer-no-link -fno-omit-frame-pointer -fno-common -fPIC -g -O0"
 ENV CXX "$CLANG_DIR/bin/clang++"
-ENV CXXFLAGS "-fsanitize=address,undefined,fuzzer-no-link -fPIC -g"
+ENV CXXFLAGS "-fsanitize=address,fuzzer-no-link -fno-omit-frame-pointer -fno-common -fPIC -g -O0"
 ENV LDSHARED "$CLANG_DIR/bin/clang -shared"
 ENV LDSHAREDXX "$CLANG_DIR/bin/clang++ -shared"
 ENV ASAN_SYMBOLIZER_PATH "$CLANG_DIR/bin/llvm-symbolizer"
@@ -67,7 +68,7 @@ ENV MAKE "make --environment-overrides V=1"
 
 # 1. Skip memory allocation failures for now, they are common, and low impact (DoS)
 # 2. The Ruby interpreter leaks data, so ignore these for now
-ENV ASAN_OPTIONS "allocator_may_return_null=1,detect_leaks=0"
+ENV ASAN_OPTIONS "allocator_may_return_null=1:detect_leaks=0:use_sigaltstack=0"
 
 # Split dependency and application code installation for improved caching
 COPY ruzzy.gemspec Gemfile ruzzy/

diff --git a/ext/cruzzy/cruzzy.c b/ext/cruzzy/cruzzy.c
@@ -1,13 +1,21 @@
 #include <dlfcn.h>
 #include <stdlib.h>
 #include <stdint.h>
+#include <stdio.h>
+#include <signal.h>
+#include <string.h>
+#include <unistd.h>
 
 #include <ruby.h>
 
 // 128 arguments should be enough for anybody
 #define MAX_ARGS_SIZE 128
 
-int LLVMFuzzerRunDriver(int *argc, char ***argv, int (*cb)(const uint8_t *data, size_t size));
+int LLVMFuzzerRunDriver(
+    int *argc,
+    char ***argv,
+    int (*cb)(const uint8_t *data, size_t size)
+);
 
 VALUE PROC_HOLDER = Qnil;
 
@@ -26,6 +34,29 @@ static VALUE c_libfuzzer_is_loaded(VALUE self)
     return sym ? Qtrue : Qfalse;
 }
 
+int ATEXIT_RETCODE = 0;
+
+static void ruzzy_exit() {
+     _exit(ATEXIT_RETCODE);
+}
+
+static void graceful_exit(int code) {
+    // Disable libFuzzer's atexit
+    ATEXIT_RETCODE = code;
+    atexit(ruzzy_exit);
+    exit(code);
+}
+
+static void sigint_handler(int signal) {
+    fprintf(
+        stderr,
+        "Signal %d (%s) received. Exiting...\n",
+        signal,
+        strsignal(signal)
+    );
+    graceful_exit(signal);
+}
+
 static int proc_caller(const uint8_t *data, size_t size)
 {
     VALUE arg = rb_str_new((char *)data, size);
@@ -124,6 +155,11 @@ static VALUE c_dummy_test_one_input(VALUE self, VALUE data)
 
 void Init_cruzzy()
 {
+    if (signal(SIGINT, sigint_handler) == SIG_ERR) {
+        fprintf(stderr, "Could not set SIGINT signal handler\n");
+        exit(1);
+    }
+
     VALUE ruzzy = rb_const_get(rb_cObject, rb_intern("Ruzzy"));
     rb_define_module_function(ruzzy, "c_fuzz", &c_fuzz, 2);
     rb_define_module_function(ruzzy, "c_libfuzzer_is_loaded", &c_libfuzzer_is_loaded, 0);