Skip to content

freeradius: fix broken json harness #15515

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
AdamKorcz merged 1 commit into from
May 15, 2026
+41 −3
Merged

freeradius: fix broken json harness #15515

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 11 additions & 1 deletion projects/freeradius/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,17 @@ FROM gcr.io/oss-fuzz-base/base-builder:ubuntu-24-04
RUN apt-get update && apt-get install -y gnupg
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys BE18FC5A41382202
RUN echo "deb http://packages.networkradius.com/extras/ubuntu/focal focal main" > /etc/apt/sources.list.d/networkradius-extras.list
RUN apt-get update && apt-get install -y libtalloc-dev libkqueue-dev libunwind-dev libjson-c-dev
RUN apt-get update && apt-get install -y libtalloc-dev libkqueue-dev libunwind-dev cmake

# json-c source — built statically with sanitizer instrumentation in build.sh
ARG JSONC_VERSION=0.18
ARG JSONC_HASH=876ab046479166b869afc6896d288183bbc0e5843f141200c677b3e8dfb11724
RUN set -ex \
&& curl -s -L -o json-c-${JSONC_VERSION}.tar.gz https://s3.amazonaws.com/json-c_releases/releases/json-c-${JSONC_VERSION}.tar.gz \
&& echo "${JSONC_HASH} json-c-${JSONC_VERSION}.tar.gz" | sha256sum -c \
&& tar -xzf json-c-${JSONC_VERSION}.tar.gz \
&& mv json-c-${JSONC_VERSION} $SRC/json-c
ENV JSONC_PREFIX=/usr/local/json-c

# OpenSSL 3.0
ARG OPENSSL_VERSION=3.0.15
Expand Down
32 changes: 30 additions & 2 deletions projects/freeradius/build.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,37 @@ function copy_lib

mkdir -p $OUT/lib

# Build json-c statically with the current sanitizer CFLAGS so it is
# instrumented and gets linked into fuzzer_json with no runtime shared
# library dependency on libjson-c.so.
mkdir -p $SRC/json-c-build
pushd $SRC/json-c-build
cmake $SRC/json-c \
-DCMAKE_INSTALL_PREFIX=${JSONC_PREFIX} \
-DCMAKE_BUILD_TYPE=Release \
-DBUILD_SHARED_LIBS=OFF \
-DBUILD_STATIC_LIBS=ON \
-DDISABLE_WERROR=ON \
-DBUILD_TESTING=OFF \
-DCMAKE_C_COMPILER="$CC" \
-DCMAKE_C_FLAGS="$CFLAGS -fPIC"
make -j$(nproc)
make install
popd

# git apply --ignore-whitespace $SRC/patch.diff
# build project
./configure --enable-fuzzer --enable-coverage --enable-address-sanitizer
# fuzzer_json.mk doesn't pull in the json-c include path; inject it and
# force static linking against our instrumented libjson-c.a.
sed -i \
-e "s|^SRC_CFLAGS\s*+= -I\$(top_builddir)/src/lib/json/|SRC_CFLAGS += -I\$(top_builddir)/src/lib/json/ -I${JSONC_PREFIX}/include|" \
-e "s|-ljson-c|${JSONC_PREFIX}/lib/libjson-c.a|" \
src/bin/fuzzer_json.mk
cat src/bin/fuzzer_json.mk

# build project — point FreeRADIUS' json-c probe at our static build
./configure --enable-fuzzer --enable-coverage --enable-address-sanitizer \
--with-jsonc-include-dir=${JSONC_PREFIX}/include \
--with-jsonc-lib-dir=${JSONC_PREFIX}/lib
# make tries to compile regular programs as fuzz targets
# so -i flag ignores these errors
make -i -j$(nproc)
Expand Down
Loading