# Copyright 2023 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
import("//build/buildflag_header.gni")
import("//build/config/ozone.gni")
import("//build/config/ui.gni")
import("//chrome/test/fuzzing/in_process_fuzzer.gni")
import("//testing/libfuzzer/research/domatolpm/domatolpm.gni")
# This target exists to reference other test executables to bring these files
# into the build.
group("test") {
testonly = true
deps = [
"mojo_js_fuzzing:test",
"renderer_fuzzing:test",
"webidl_fuzzing:test",
]
}
# TODO(crbug.com/446587184): Enable in_process_fuzzer_runner on Android.
if (fuzzing_engine_supports_custom_main && !is_android) {
static_library("in_process_fuzzer_runner") {
testonly = true
sources = [
"in_process_fuzzer.cc",
"in_process_fuzzer.h",
]
deps = [
":in_process_fuzzer_buildflags",
"//testing/libfuzzer:fuzzing_engine_no_main",
]
if (!is_android) {
# See crbug.com/375763408. We need the locales to properly run our
# fuzzers, but those aren't packed with //chrome/test:test_support for
# windows builds. This ensures we're depending on them for all the
# supported platforms.
deps += [ "//chrome:packed_resources" ]
}
public_deps = [
"//chrome/test:chrome_test_launcher",
"//chrome/test:test_support",
]
}
buildflag_header("in_process_fuzzer_buildflags") {
header = "in_process_fuzzer_buildflags.h"
flags = [
"IS_CENTIPEDE=$use_centipede",
"IS_LIBFUZZER=$use_libfuzzer",
"IS_FUZZILLI=$use_fuzzilli",
# crbug.com/1474421: remove these lines once the bug is fixed.
"DEBUG_CLUSTERFUZZ_FAILURE=$use_libfuzzer",
]
}
source_set("in_process_proto_fuzzer_runner") {
testonly = true
sources = [ "in_process_proto_fuzzer.h" ]
public_deps = [ ":in_process_fuzzer_runner" ]
}
}
if (!is_android) {
in_process_fuzzer("html_in_process_fuzzer") {
sources = [ "html_in_process_fuzzer.cc" ]
dict = "html_in_process_fuzzer.dictionary"
}
in_process_fuzzer("js_in_process_fuzzer") {
sources = [ "js_in_process_fuzzer.cc" ]
deps = [ ":in_process_fuzzer_buildflags" ]
is_fuzzilli_compatible = true
}
in_process_proto_fuzzer("page_load_in_process_fuzzer") {
sources = [ "page_load_in_process_fuzzer.cc" ]
proto_source = "page_load_in_process_fuzzer.proto"
seed_corpus_sources = [
"page_load_in_process_fuzzer_seed_corpus/cross_origin.textproto",
"page_load_in_process_fuzzer_seed_corpus/network.textproto",
"page_load_in_process_fuzzer_seed_corpus/simple.textproto",
]
testcase_proto_kind = "test.fuzzing.page_load_fuzzing.FuzzCase"
}
in_process_proto_fuzzer("speech_synthesis_in_process_fuzzer") {
sources = [ "speech_synthesis_in_process_fuzzer.cc" ]
proto_source = "speech_synthesis_in_process_fuzzer.proto"
}
# Disable kombucha_in_process_fuzzer temporarily https://crbug.com/401073471
# in_process_proto_fuzzer("kombucha_in_process_fuzzer") {
# sources = [
# "kombucha_in_process_fuzzer.cc",
# "kombucha_in_process_fuzzer.h",
# ]
#
# proto_source = "kombucha_in_process_fuzzer.proto"
#
# deps = [
# ":in_process_fuzzer_buildflags",
# "//chrome:packed_resources",
# "//chrome/app:command_ids",
# "//chrome/browser/ui:browser_element_identifiers",
# "//chrome/browser/ui:ui_features",
# ]
#
# # Used for UI controls
# if (use_aura) {
# deps += [ "//ui/aura:test_support" ]
# }
# if (use_aura && use_ozone) {
# deps += [
# "//ui/ozone",
# "//ui/platform_window/common:common",
# ]
# }
# }
# We cannot disable instrumenting protobuf generated files on MSAN builds,
# which makes the build time explode and fail the CQ.
if (!is_msan) {
domatolpm_fuzzer("domato_html_fuzzer_grammar") {
template_file = "//third_party/domato/src/template.html"
grammars = [
"jsfuzzer://chrome/test/fuzzing/domato_html_in_process_fuzzer_grammar/js.txt",
"cssfuzzer://third_party/domato/src/rules/css.txt",
"htmlfuzzer://chrome/test/fuzzing/domato_html_in_process_fuzzer_grammar/html.txt",
]
}
in_process_fuzzer("domato_html_in_process_fuzzer") {
sources = [ "domato_html_in_process_fuzzer.cc" ]
deps = [
":domato_html_fuzzer_grammar",
"//testing/libfuzzer/research/domatolpm:domatolpm_context",
"//third_party/libprotobuf-mutator",
]
}
}
domatolpm_fuzzer("webcodecs_fuzzer_grammar") {
template_file = "//chrome/test/fuzzing/webcodecs_in_process_fuzzer_grammar/template.html"
grammars = [ "webcodecs_fuzzer://chrome/test/fuzzing/webcodecs_in_process_fuzzer_grammar/webcodecs.txt" ]
}
in_process_fuzzer("webcodecs_in_process_fuzzer") {
sources = [ "webcodecs_in_process_fuzzer.cc" ]
deps = [
":webcodecs_fuzzer_grammar",
"//chrome/test/fuzzing:in_process_proto_fuzzer_runner",
"//testing/libfuzzer/research/domatolpm:domatolpm_context",
"//third_party/libprotobuf-mutator",
]
}
domatolpm_fuzzer("notification_service_fuzzer_grammar") {
template_file = "//chrome/test/fuzzing/notification_service_in_process_fuzzer_grammar/template.js"
grammars = [ "notification_service_fuzzer://chrome/test/fuzzing/notification_service_in_process_fuzzer_grammar/notification_service.txt" ]
}
copy("notification_service_in_process_fuzzer_html") {
sources = [ "//chrome/test/fuzzing/notification_service_in_process_fuzzer_grammar/notification_service_in_process_fuzzer.html" ]
outputs = [ "$root_out_dir/notification_service_in_process_fuzzer.html" ]
}
in_process_fuzzer("notification_service_in_process_fuzzer") {
sources = [ "notification_service_in_process_fuzzer.cc" ]
deps = [
":notification_service_fuzzer_grammar",
":notification_service_in_process_fuzzer_html",
"//chrome/test/fuzzing:in_process_proto_fuzzer_runner",
"//testing/libfuzzer/research/domatolpm:domatolpm_context",
"//third_party/libprotobuf-mutator",
]
data_deps = [ ":notification_service_in_process_fuzzer_html" ]
data = [ "$root_gen_dir/" ]
}
if (is_linux) {
in_process_proto_fuzzer("atspi_in_process_fuzzer") {
sources = [ "atspi_in_process_fuzzer.cc" ]
libfuzzer_options = [
"max_len=4096",
"timeout=90",
]
centipede_options = [ "timeout=90" ]
proto_source = "atspi_in_process_fuzzer.proto"
deps = [ "//sql" ]
}
}
}
