Provide full ASAN_PATH rather than make user's manually handle

trailofbits · Feb 5, 2024 · 33c7650 · 33c7650
1 parent 70d8df5
commit 33c7650
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 12 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -50,7 +50,7 @@ ENV ASAN_OPTIONS="allocator_may_return_null=1:detect_leaks=0:use_sigaltstack=0"
 WORKDIR ruzzy/
 COPY . .
 RUN gem build
-RUN RUZZY_DEBUG=1 gem install --verbose ruzzy-*.gem
+RUN RUZZY_DEBUG=1 gem install --development --verbose ruzzy-*.gem
 
 ENTRYPOINT ["./entrypoint.sh"]
 CMD ["-help=1"]
diff --git a/README.md b/README.md
@@ -56,7 +56,7 @@ export ASAN_OPTIONS="allocator_may_return_null=1:detect_leaks=0:use_sigaltstack=
 You can then run the example with the following command:
 
 ```bash
-LD_PRELOAD=$(ruby -e 'require "ruzzy"; print Ruzzy.ext_path')/asan_with_fuzzer.so \
+LD_PRELOAD=$(ruby -e 'require "ruzzy"; print Ruzzy::ASAN_PATH') \
     ruby -e 'require "ruzzy"; Ruzzy.dummy'
 ```
 
@@ -82,7 +82,7 @@ Base64: SEko
 You can re-run the crash case with the following command:
 
 ```bash
-LD_PRELOAD=$(ruby -e 'require "ruzzy"; print Ruzzy.ext_path')/asan_with_fuzzer.so \
+LD_PRELOAD=$(ruby -e 'require "ruzzy"; print Ruzzy::ASAN_PATH') \
     ruby -e 'require "ruzzy"; Ruzzy.dummy' \
     ./crash-7099f1508d4048cfe74226869805efa3db24b165
 ```
@@ -131,14 +131,14 @@ Let's call this file `fuzz_msgpack.rb`.
 You can run this file and start fuzzing with the following command:
 
 ```bash
-LD_PRELOAD=$(ruby -e 'require "ruzzy"; print Ruzzy.ext_path')/asan_with_fuzzer.so \
+LD_PRELOAD=$(ruby -e 'require "ruzzy"; print Ruzzy::ASAN_PATH') \
     ruby fuzz_msgpack.rb
 ```
 
 libFuzzer options can be passed to the Ruby script like so:
 
 ```bash
-LD_PRELOAD=$(ruby -e 'require "ruzzy"; print Ruzzy.ext_path')/asan_with_fuzzer.so \
+LD_PRELOAD=$(ruby -e 'require "ruzzy"; print Ruzzy::ASAN_PATH') \
     ruby fuzz_msgpack.rb /path/to/corpus
 ```
 

diff --git a/entrypoint.sh b/entrypoint.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
 
-LD_PRELOAD=$(ruby -e 'require "ruzzy"; print Ruzzy.ext_path')/asan_with_fuzzer.so \
+LD_PRELOAD=$(ruby -e 'require "ruzzy"; print Ruzzy::ASAN_PATH') \
     ruby bin/dummy.rb "$@"
diff --git a/lib/ruzzy.rb b/lib/ruzzy.rb
@@ -7,6 +7,8 @@ module Ruzzy
   require 'cruzzy/cruzzy'
 
   DEFAULT_ARGS = [$PROGRAM_NAME] + ARGV
+  EXT_PATH = Pathname.new(__FILE__).parent.parent + 'ext' + 'cruzzy'
+  ASAN_PATH = (EXT_PATH + 'asan_with_fuzzer.so').to_s
 
   def fuzz(test_one_input, args = DEFAULT_ARGS)
     c_fuzz(test_one_input, args)
@@ -16,10 +18,6 @@ def dummy
     fuzz(->(data) { Ruzzy.dummy_test_one_input(data) } )
   end
 
-  def ext_path
-    (Pathname.new(__FILE__).parent.parent + 'ext' + 'cruzzy').to_s
-  end
-
   def dummy_test_one_input(data)
     # This 'require' depends on LD_PRELOAD, so it's placed inside the function
     # scope. This allows us to run ext_path for LD_PRELOAD and not have a
@@ -31,6 +29,5 @@ def dummy_test_one_input(data)
 
   module_function :fuzz
   module_function :dummy
-  module_function :ext_path
   module_function :dummy_test_one_input
 end
diff --git a/test/test_ruzzy.rb b/test/test_ruzzy.rb
@@ -64,6 +64,10 @@ def test_fuzz_with_too_many_args
   end
 
   def test_ext_path
-    assert(Ruzzy.ext_path)
+    assert(Ruzzy::EXT_PATH)
+  end
+
+  def test_asan_path
+    assert(Ruzzy::ASAN_PATH)
   end
 end