diff options
Diffstat (limited to 'docker/jazzer/Dockerfile')
| -rw-r--r-- | docker/jazzer/Dockerfile | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/docker/jazzer/Dockerfile b/docker/jazzer/Dockerfile index 56787be7..bddfcb53 100644 --- a/docker/jazzer/Dockerfile +++ b/docker/jazzer/Dockerfile @@ -15,20 +15,27 @@ FROM ubuntu:20.04 AS builder ENV DEBIAN_FRONTEND=noninteractive -RUN apt-get update && apt-get install -y git python3 python-is-python3 openjdk-11-jdk-headless +RUN apt-get update && apt-get install -y curl git python3 python-is-python3 openjdk-11-jdk-headless WORKDIR /root -RUN git clone --depth=1 https://github.com/CodeIntelligenceTesting/jazzer.git && \ +RUN curl -L https://github.com/bazelbuild/bazelisk/releases/download/v1.11.0/bazelisk-linux-amd64 -o /usr/bin/bazelisk && \ + chmod +x /usr/bin/bazelisk && \ + git clone --depth=1 https://github.com/CodeIntelligenceTesting/jazzer.git && \ cd jazzer && \ # The LLVM toolchain requires ld and ld.gold to exist, but does not use them. touch /usr/bin/ld && \ touch /usr/bin/ld.gold && \ BAZEL_DO_NOT_DETECT_CPP_TOOLCHAIN=1 \ - ./bazelisk-linux-amd64 build --config=toolchain --extra_toolchains=@llvm_toolchain//:cc-toolchain-x86_64-linux \ - //agent:jazzer_agent_deploy.jar //driver:jazzer_driver + bazelisk build --config=toolchain --extra_toolchains=@llvm_toolchain//:cc-toolchain-x86_64-linux \ + //agent:jazzer_agent_deploy //driver:jazzer_driver -FROM gcr.io/distroless/java +# :debug includes a busybox shell, which is needed for libFuzzer's use of system() for e.g. the +# -fork and -minimize_crash commands. +FROM gcr.io/distroless/java:debug COPY --from=builder /root/jazzer/bazel-bin/agent/jazzer_agent_deploy.jar /root/jazzer/bazel-bin/driver/jazzer_driver /app/ +# system() expects the shell at /bin/sh, but the image has it at /busybox/sh. We create a symlink, +# but have to use the long form as a simple RUN <command> also requires /bin/sh. +RUN ["/busybox/sh", "-c", "ln -s /busybox/sh /bin/sh"] WORKDIR /fuzzing -ENTRYPOINT [ "/app/jazzer_driver", "-artifact_prefix=/fuzzing/", "--reproducer_path=/fuzzing" ] +ENTRYPOINT [ "/app/jazzer_driver" ] |