Integrating a Swift project

• Project files
  • project.yaml
  • Dockerfile
  • build.sh

---

The process of integrating a project written in Swift with OSS-Fuzz is very similar to the general Setting up a new project process. The key specifics of integrating a Swift project are outlined below.

Project files

First, you need to write a Swift fuzz target that accepts a stream of bytes and calls the program API with that. This fuzz target should reside in your project repository.

The structure of the project directory in OSS-Fuzz repository doesn’t differ for projects written in Swift. The project files have the following Swift specific aspects.

project.yaml

The language attribute must be specified.

language:swift

The only supported fuzzing engine is libfuzzer

The supported sanitizers are and address, thread

Example:

fuzzing_engines:-libfuzzersanitizers:-address-thread

Dockerfile

The Dockerfile should start by FROM gcr.io/oss-fuzz-base/base-builder-swift instead of using the simple base-builder

build.sh

A precompile_swift generates an environment variable SWIFTFLAGS This can then be used in the building command such as swift build -c release $SWIFTFLAGS

A usage example from swift-protobuf project is

. precompile_swift # build projectcd FuzzTesting swift build -c debug $SWIFTFLAGS(cd .build/debug/ find .-maxdepth 1 -type f -name"*Fuzzer"-executable | while read i;do cp$i$OUT/"$i"-debug;done)