Add instructions for building an instrumented libonig

nikic · nikic · commit d7b4cdff3f04 · 2019-09-18T12:49:42.000+02:00
[ci skip]
diff --git a/sapi/fuzzer/README.md b/sapi/fuzzer/README.md
@@ -48,3 +48,20 @@ mkdir ./my-parser-corpus
 sapi/fuzzer/php-fuzz-parser -merge=1 ./my-parser-corpus sapi/fuzzer/corpus/parser
 sapi/fuzzer/php-fuzz-parser -only_ascii=1 ./my-parser-corpus
 ```
+
+For the mbstring fuzzer, you may want to build the libonig dependency with instrumentation. At this time, libonig is not clean under ubsan, so only the fuzzer and address sanitizers may be used.
+
+```sh
+mkdir libonig
+pushd libonig
+wget -O - https://github.com/kkos/oniguruma/releases/download/v6.9.3/onig-6.9.3.tar.gz \
+    | tar -xz --strip-components=1
+./configure CC=clang CFLAGS="-fsanitize=fuzzer-no-link,address -O2 -g"
+make
+popd
+
+export ONIG_CFLAGS="-I$PWD/libonig/src"
+export ONIG_LIBS="-L$PWD/libonig/src/.libs -l:libonig.a"
+```
+
+This will link an instrumented libonig statically into the PHP binary.
