Make the build more fuzzer-friendly
This change adds support for the USE_ASAN=yes env variable, that builds
all minijail artifacts with -fsanitize=address. It also makes die() not
call abort(2) on failures, which confuses afl.
Bug: None
Test: minijail$ USE_ASAN=yes make clean all tests 2>/dev/null >/dev/null && \
readelf -a syscall_filter_unittest | grep __asan_init
000000313720 006200000001 R_X86_64_64 0000000000000000 __asan_init + 0
00000031b9b0 006200000007 R_X86_64_JUMP_SLO 0000000000000000 __asan_init + 0
98: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __asan_init
1330: 0000000000000000 0 FUNC GLOBAL DEFAULT UND __asan_init
minijail$ USE_ASAN=no make clean all tests 2>/dev/null >/dev/null && \
readelf -a syscall_filter_unittest | grep __asan_init
minijail$
Test: USE_EXIT_ON_DIE=no make clean parse_seccomp_policy &&
./parse_seccomp_policy test/invalid_arg_filter.policy # aborts
Test: USE_EXIT_ON_DIE=yes make clean parse_seccomp_policy &&
./parse_seccomp_policy test/invalid_arg_filter.policy # exits
Change-Id: Ib9dcb271cd75335edd8b109149caf825f346322f
diff --git a/Makefile b/Makefile
index 5d799b7..24e7836 100644
--- a/Makefile
+++ b/Makefile
@@ -18,6 +18,19 @@
CPPFLAGS += -DUSE_SECCOMP_SOFTFAIL
endif
+ifeq ($(USE_ASAN),yes)
+CPPFLAGS += -fsanitize=address
+LDFLAGS += -fsanitize=address
+USE_EXIT_ON_DIE = yes
+endif
+
+# Setting this flag can be useful for both AddressSanitizer builds and running
+# fuzzing tools, which do not expect crashes on gracefully-handled malformed
+# inputs.
+ifeq ($(USE_EXIT_ON_DIE),yes)
+CPPFLAGS += -DUSE_EXIT_ON_DIE
+endif
+
CFLAGS += -Wextra -Wno-missing-field-initializers
CXXFLAGS += -Wextra -Wno-missing-field-initializers
diff --git a/util.h b/util.h
index 56d1246..9ec88ce 100644
--- a/util.h
+++ b/util.h
@@ -19,10 +19,16 @@
extern "C" {
#endif
+#if defined(USE_EXIT_ON_DIE)
+#define do_abort() exit(1)
+#else
+#define do_abort() abort()
+#endif
+
/* clang-format off */
#define die(_msg, ...) do { \
do_log(LOG_ERR, "libminijail[%d]: " _msg, getpid(), ## __VA_ARGS__); \
- abort(); \
+ do_abort(); \
} while (0)
#define pdie(_msg, ...) \