diff --git a/projects/bearssl/Dockerfile b/projects/bearssl/Dockerfile deleted file mode 100644 index 41e9b65277ff..000000000000 --- a/projects/bearssl/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2020 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -FROM gcr.io/oss-fuzz-base/base-builder -RUN apt-get update && apt-get install -y make autoconf automake libtool wget python -RUN git clone --depth 1 https://www.bearssl.org/git/BearSSL -RUN git clone --depth 1 https://github.com/randombit/botan.git -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz-corpora -RUN wget https://archives.boost.io/release/1.84.0/source/boost_1_84_0.tar.bz2 -COPY build.sh $SRC/ diff --git a/projects/bearssl/build.sh b/projects/bearssl/build.sh deleted file mode 100755 index 238a2194b70c..000000000000 --- a/projects/bearssl/build.sh +++ /dev/null @@ -1,89 +0,0 @@ -#!/bin/bash -eu -# Copyright 2020 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -# Not using OpenSSL - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL" - -# Install Boost headers - cd $SRC/ - tar jxf boost_1_84_0.tar.bz2 - cd boost_1_84_0/ - CFLAGS="" CXXFLAGS="" ./bootstrap.sh - CFLAGS="" CXXFLAGS="" ./b2 headers - cp -R boost/ /usr/include/ - -# Generate lookup tables. This only needs to be done once. - cd $SRC/cryptofuzz - python gen_repository.py - -# Only test primitives which BearSSL supports - rm extra_options.h - echo -n '"' >>extra_options.h - echo -n '--force-module=BearSSL ' >>extra_options.h - echo -n '--digests=MD5,SHA1,SHA224,SHA256,SHA384,SHA512,MD5_SHA1,SHAKE128,SHAKE256 ' >>extra_options.h - echo -n '--ciphers=AES_128_GCM,AES_192_GCM,AES_256_GCM,AES_128_CCM,AES_192_CCM,AES_256_CCM,CHACHA20,CHACHA20_POLY1305 ' >>extra_options.h - echo -n '--operations=Digest,HMAC,SymmetricEncrypt,SymmetricDecrypt,KDF_HKDF,KDF_TLS1_PRF,ECC_GenerateKeyPair,ECC_PrivateToPublic,ECDSA_Verify,ECDSA_Sign' >>extra_options.h - echo -n '"' >>extra_options.h - -# Compile BearSSL - cd $SRC/BearSSL/ - sed -i '/^CC = /d' conf/Unix.mk - sed -i '/^CFLAGS = /d' conf/Unix.mk - make -j$(nproc) lib - - export BEARSSL_INCLUDE_PATH=$(realpath inc/) - export LIBBEARSSL_A_PATH=$(realpath ./build/libbearssl.a) - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BEARSSL" - - # Compile Cryptofuzz BearSSL module - cd $SRC/cryptofuzz/modules/bearssl - make -B - -# Compile Botan - cd $SRC/botan - if [[ $CFLAGS != *-m32* ]] - then - if [[ $CFLAGS != *sanitize=memory* ]] - then - ./configure.py --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation - else - ./configure.py --disable-asm --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation - fi - else - ./configure.py --cpu=x86_32 --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation - fi - make -j$(nproc) - - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BOTAN" - export LIBBOTAN_A_PATH="$SRC/botan/libbotan-3.a" - export BOTAN_INCLUDE_PATH="$SRC/botan/build/include" - - # Compile Cryptofuzz Botan module - cd $SRC/cryptofuzz/modules/botan - make -B - -# Compile Cryptofuzz - cd $SRC/cryptofuzz - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make -B -j$(nproc) >/dev/null - - # Generate dictionary - ./generate_dict - - # Copy fuzzer - cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz-bearssl - # Copy dictionary - cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz-bearssl.dict diff --git a/projects/bearssl/project.yaml b/projects/bearssl/project.yaml deleted file mode 100644 index bfc57e5f29fa..000000000000 --- a/projects/bearssl/project.yaml +++ /dev/null @@ -1,13 +0,0 @@ -homepage: "https://bearssl.org/" -language: c++ -primary_contact: "guidovranken@gmail.com" -main_repo: "https://www.bearssl.org/git/BearSSL" -auto_ccs: - - "pornin@gmail.com" -sanitizers: - - address - - undefined - - memory -architectures: - - x86_64 - - i386 diff --git a/projects/bignum-fuzzer/Dockerfile b/projects/bignum-fuzzer/Dockerfile deleted file mode 100644 index 701b3dd89a20..000000000000 --- a/projects/bignum-fuzzer/Dockerfile +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright 2016 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -FROM gcr.io/oss-fuzz-base/base-builder@sha256:19782f7fe8092843368894dbc471ce9b30dd6a2813946071a36e8b05f5b1e27e -# ! Project pinned after a clang update and an afl link error. Log: https://oss-fuzz-gcb-logs.storage.googleapis.com/log-6083635a-3f72-444d-80ef-3a0a26670cf7.txt -RUN apt-get update && apt-get install -y software-properties-common curl sudo mercurial autoconf bison texinfo libboost-all-dev cmake wget lzip -RUN wget https://go.dev/dl/go1.17.5.linux-amd64.tar.gz && rm -rf /usr/local/go && tar -C /usr/local -xzf go1.17.5.linux-amd64.tar.gz && ldconfig -ENV PATH=$PATH:/usr/local/go/bin - -RUN apt-get update && apt-get install -y \ - python-all-dev \ - python3-all-dev \ - python3-pip -# mbedtls needs jsonschema which needs rpds-py which needs pip>=20 -# or a Rust toolchain. -RUN pip3 install 'pip>=20' - -RUN git clone --depth 1 --recurse-submodules -b mbedtls-3.6 https://github.com/Mbed-TLS/mbedtls -# Install Python packages from PyPI -RUN pip3 install -r $SRC/mbedtls/scripts/basic.requirements.txt - -RUN wget https://www.bytereef.org/software/mpdecimal/releases/mpdecimal-4.0.0.tar.gz -RUN git clone --depth 1 https://github.com/guidovranken/bignum-fuzzer -RUN git clone --depth 1 https://github.com/openssl/openssl -RUN git clone https://boringssl.googlesource.com/boringssl -RUN hg clone https://gmplib.org/repo/gmp/ libgmp/ || \ - (wget 'https://ftp.gnu.org/gnu/gmp/gmp-6.2.1.tar.lz' && tar xf gmp-6.2.1.tar.lz && mv $SRC/gmp-6.2.1/ $SRC/libgmp/) - -COPY build.sh $SRC/ diff --git a/projects/bignum-fuzzer/build.sh b/projects/bignum-fuzzer/build.sh deleted file mode 100755 index b1abc5fa10b3..000000000000 --- a/projects/bignum-fuzzer/build.sh +++ /dev/null @@ -1,152 +0,0 @@ -#!/bin/bash -eu -# Copyright 2020 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -# Install Rust nightly -#curl https://sh.rustup.rs -sSf | sh -s -- -y -#source $HOME/.cargo/env - -# Build libmpdec -tar zxf mpdecimal-4.0.0.tar.gz -cd mpdecimal-4.0.0 -./configure && make -j$(nproc) - -cd $SRC/openssl -if [[ $CFLAGS = *sanitize=memory* ]] -then - CFLAGS+=" -DOPENSSL_NO_ASM=1" -fi -./config --debug no-fips no-shared no-tests -make -j$(nproc) - -# Build libgmp -cd $SRC/libgmp -autoreconf -ivf -./configure --enable-maintainer-mode -make -j$(nproc) - -# Build OpenSSL module -cd $SRC/bignum-fuzzer/modules/openssl -OPENSSL_INCLUDE_PATH=$SRC/openssl/include OPENSSL_LIBCRYPTO_A_PATH=$SRC/openssl/libcrypto.a make - -# Build Go module -cd $SRC/bignum-fuzzer/modules/go -make - -# Build Rust module -#cd $SRC/bignum-fuzzer/modules/rust -#make - -# Build C++-Boost module -cd $SRC/bignum-fuzzer/modules/cpp_boost -make - -# Build libgmp module -cd $SRC/bignum-fuzzer/modules/libgmp -LIBGMP_INCLUDE_PATH=$SRC/libgmp LIBGMP_A_PATH=$SRC/libgmp/.libs/libgmp.a make - -# Build libmpdec module -cd $SRC/bignum-fuzzer/modules/libmpdec -LIBMPDEC_A_PATH=$SRC/mpdecimal-4.0.0/libmpdec/libmpdec.a LIBMPDEC_INCLUDE_PATH=$SRC/mpdecimal-4.0.0/libmpdec make - -BASE_CXXFLAGS=$CXXFLAGS - -# Build OpenSSL/Go fuzzer -cd $SRC/bignum-fuzzer -./config-modules.sh openssl go -CXXFLAGS="$BASE_CXXFLAGS -DBNFUZZ_FLAG_NO_NEGATIVE=1 -DBNFUZZ_FLAG_NUM_LEN=1200 -DBNFUZZ_FLAG_ALL_OPERATIONS=1" -LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make - -# Copy OpenSSL/Go fuzzer to the designated location -cp $SRC/bignum-fuzzer/fuzzer $OUT/fuzzer_openssl_go_no_negative_num_len_1200_all_operations - -# Build OpenSSL/Rust fuzzer -#cd $SRC/bignum-fuzzer -#make clean -#./config-modules.sh openssl rust -#CXXFLAGS="$BASE_CXXFLAGS -DBNFUZZ_FLAG_NUM_LEN=1200 -DBNFUZZ_FLAG_ALL_OPERATIONS=1 -DBNFUZZ_FLAG_NUM_LOOPS=1" -#LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make - -# Copy OpenSSL/Rust fuzzer to the designated location -#cp $SRC/bignum-fuzzer/fuzzer $OUT/fuzzer_openssl_rust_num_len_1200_all_operations_num_loops_1 - -# Build OpenSSL/C++-Boost fuzzer -cd $SRC/bignum-fuzzer -make clean -./config-modules.sh openssl cpp_boost -CXXFLAGS="$BASE_CXXFLAGS -DBNFUZZ_FLAG_NUM_LEN=1200 -DBNFUZZ_FLAG_ALL_OPERATIONS=1 -DBNFUZZ_FLAG_NUM_LOOPS=1" -LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make - -# Copy OpenSSL/C++-Boost fuzzer to the designated location -cp $SRC/bignum-fuzzer/fuzzer $OUT/fuzzer_openssl_cpp_boost_num_len_1200_all_operations_num_loops_1 - -# Build OpenSSL/libgmp fuzzer -cd $SRC/bignum-fuzzer -make clean -./config-modules.sh openssl libgmp -CXXFLAGS="$BASE_CXXFLAGS -DBNFUZZ_FLAG_NUM_LEN=1200 -DBNFUZZ_FLAG_ALL_OPERATIONS=1 -DBNFUZZ_FLAG_NUM_LOOPS=1" -LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make - -# Copy OpenSSL/libgmp fuzzer to the designated location -cp $SRC/bignum-fuzzer/fuzzer $OUT/fuzzer_openssl_libgmp_num_len_1200_all_operations_num_loops_1 - -# Build mbedtls -cd $SRC/mbedtls -make lib -j$(nproc) - -# Build BoringSSL -cd $SRC/boringssl -mkdir build -cd build -cmake -DCMAKE_CXX_FLAGS="$CXXFLAGS" -DCMAKE_C_FLAGS="$CFLAGS" -DBORINGSSL_ALLOW_CXX_RUNTIME=1 .. -make -j$(nproc) - -# Build BoringSSL module -cd $SRC/bignum-fuzzer/modules/openssl -make clean -CFLAGS="$CFLAGS -DBIGNUM_FUZZER_BORINGSSL" OPENSSL_INCLUDE_PATH=$SRC/boringssl/include OPENSSL_LIBCRYPTO_A_PATH=$SRC/boringssl/build/crypto/libcrypto.a make - -# Build mbedtls module -cd $SRC/bignum-fuzzer/modules/mbedtls -MBEDTLS_LIBMBEDCRYPTO_A_PATH=$SRC/mbedtls/library/libmbedcrypto.a MBEDTLS_INCLUDE_PATH=$SRC/mbedtls/include make - -# Build BoringSSL/mbedtls fuzzer -cd $SRC/bignum-fuzzer -make clean -./config-modules.sh boringssl mbedtls -CXXFLAGS="$BASE_CXXFLAGS -DBNFUZZ_FLAG_NUM_LEN=100 -DBNFUZZ_FLAG_ALL_OPERATIONS=1 -DBNFUZZ_FLAG_NUM_LOOPS=1" -LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make - -# Copy BoringSSL/mbedtls fuzzer to the designated location -cp $SRC/bignum-fuzzer/fuzzer $OUT/fuzzer_boringssl_mbedtls_num_len_100_all_operations_num_loops_1 - -# Build BoringSSL/libmpdec fuzzer -cd $SRC/bignum-fuzzer -make clean -./config-modules.sh boringssl libmpdec -CXXFLAGS="$BASE_CXXFLAGS -DBNFUZZ_FLAG_NUM_LEN=100 -DBNFUZZ_FLAG_ALL_OPERATIONS=1 -DBNFUZZ_FLAG_NUM_LOOPS=1" -LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make - -# Copy BoringSSL/libmpdec fuzzer to the designated location -cp $SRC/bignum-fuzzer/fuzzer $OUT/fuzzer_boringssl_libmpdec_num_len_100_all_operations_num_loops_1 - -# Copy seed corpora to the designated location -cp $SRC/bignum-fuzzer/corpora/fuzzer_openssl_go_no_negative_num_len_1200_all_operations_seed_corpus.zip $OUT -#cp $SRC/bignum-fuzzer/corpora/fuzzer_openssl_rust_num_len_1200_all_operations_num_loops_1_seed_corpus.zip $OUT -cp $SRC/bignum-fuzzer/corpora/fuzzer_openssl_cpp_boost_num_len_1200_all_operations_num_loops_1_seed_corpus.zip $OUT -cp $SRC/bignum-fuzzer/corpora/fuzzer_openssl_libgmp_num_len_1200_all_operations_num_loops_1_seed_corpus.zip $OUT -cp $SRC/bignum-fuzzer/corpora/fuzzer_boringssl_mbedtls_num_len_100_all_operations_num_loops_1_seed_corpus.zip $OUT -cp $SRC/bignum-fuzzer/corpora/fuzzer_boringssl_mbedtls_num_len_100_all_operations_num_loops_1_seed_corpus.zip $OUT/fuzzer_boringssl_libmpdec_num_len_100_all_operations_num_loops_1_seed_corpus.zip diff --git a/projects/bignum-fuzzer/project.yaml b/projects/bignum-fuzzer/project.yaml deleted file mode 100644 index 6c88bc1011ab..000000000000 --- a/projects/bignum-fuzzer/project.yaml +++ /dev/null @@ -1,21 +0,0 @@ -homepage: "https://github.com/guidovranken/bignum-fuzzer" -language: c++ -primary_contact: "guidovranken@gmail.com" -auto_ccs: - - "martin.swende@ethereum.org" - - "cdetrio@ethereum.org" - - "openssl-security@openssl.org" - - "kurt@roeckx.be" - - "caswell.matt@googlemail.com" - - "jz.maddock@gmail.com" - - "jz.maddock@googlemail.com" - - "agl@google.com" - - "davidben@google.com" - - "svaldez@google.com" - - "mbed-tls-security@lists.trustedfirmware.org" - - "libmpdec4@gmail.com" - - "richard@levitte.org" -main_repo: 'https://github.com/guidovranken/bignum-fuzzer' -fuzzing_engines: - - libfuzzer - - honggfuzz diff --git a/projects/bitcoin-core/Dockerfile b/projects/bitcoin-core/Dockerfile index 36cffebe5aca..6a77fad224e8 100644 --- a/projects/bitcoin-core/Dockerfile +++ b/projects/bitcoin-core/Dockerfile @@ -26,12 +26,6 @@ RUN apt-get update && apt-get install -y \ RUN git clone --depth=1 https://github.com/bitcoin/bitcoin.git bitcoin-core RUN git clone --depth=1 https://github.com/bitcoin-core/qa-assets bitcoin-core/assets && \ rm -rf bitcoin-core/assets/.git # Remove git history to save storage -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz RUN git clone --depth 1 https://github.com/bitcoin-core/secp256k1.git -RUN git clone --depth 1 https://github.com/randombit/botan.git -RUN git clone --depth 1 https://github.com/trezor/trezor-firmware.git -RUN git clone --depth 1 https://github.com/google/wycheproof.git -RUN wget https://archives.boost.io/release/1.84.0/source/boost_1_84_0.tar.bz2 WORKDIR bitcoin-core COPY build.sh $SRC/ -COPY build_cryptofuzz.sh $SRC/ diff --git a/projects/bitcoin-core/build.sh b/projects/bitcoin-core/build.sh index a5bc23c060e7..f71df01cb621 100755 --- a/projects/bitcoin-core/build.sh +++ b/projects/bitcoin-core/build.sh @@ -18,11 +18,6 @@ # Print date to embed it into build logs date -if [ "$SANITIZER" != "introspector" ]; then - # Temporarily skip this under introspector - $SRC/build_cryptofuzz.sh -fi - cd $SRC/bitcoin-core/ # Build dependencies diff --git a/projects/bitcoin-core/build_cryptofuzz.sh b/projects/bitcoin-core/build_cryptofuzz.sh deleted file mode 100755 index 7198747183be..000000000000 --- a/projects/bitcoin-core/build_cryptofuzz.sh +++ /dev/null @@ -1,187 +0,0 @@ -#!/bin/bash -eu -# Copyright 2021 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL" -export LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" - -# Install Boost headers -cd $SRC/ -tar jxf boost_1_84_0.tar.bz2 -cd boost_1_84_0/ -CFLAGS="" CXXFLAGS="" ./bootstrap.sh -CFLAGS="" CXXFLAGS="" ./b2 headers -export CXXFLAGS="$CXXFLAGS -I $SRC/boost_1_84_0/" - -# Preconfigure libsecp256k1 -cd $SRC/secp256k1/ -autoreconf -ivf -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_SECP256K1" - -function build_libsecp256k1() { - # Build libsecp256k1 - cd $SRC/secp256k1/ - - if test -f "Makefile"; then - # Remove old configuration if it exists - make clean - - # Prevent the error: - # "configuration mismatch, invalid ECMULT_WINDOW_SIZE. Try deleting ecmult_static_pre_g.h before the build." - rm -f src/ecmult_static_pre_g.h - fi - - SECP256K1_CONFIGURE_PARAMS=" - --enable-static - --disable-tests - --disable-benchmark - --disable-exhaustive-tests - --enable-module-recovery - --enable-experimental - --enable-module-schnorrsig - --enable-module-ecdh - --enable-option-checking" - - if [[ $CFLAGS = *sanitize=memory* ]] - then - ./configure $SECP256K1_CONFIGURE_PARAMS --with-asm=no "$@" - else - ./configure $SECP256K1_CONFIGURE_PARAMS "$@" - fi - make - - export SECP256K1_INCLUDE_PATH=$(realpath .) - export LIBSECP256K1_A_PATH=$(realpath .libs/libsecp256k1.a) - - # Build libsecp256k1 Cryptofuzz module - cd $SRC/cryptofuzz/modules/secp256k1/ - make -B -j$(nproc) -} - -# Build Trezor firmware -cd $SRC/trezor-firmware/crypto/ -# Rename blake2b_* functions to avoid symbol collisions with other libraries -sed -i "s/\>extra_options.h -echo -n '--operations=' >>extra_options.h -echo -n 'Digest,' >>extra_options.h -echo -n 'HMAC,' >>extra_options.h -echo -n 'KDF_HKDF,' >>extra_options.h -echo -n 'SymmetricEncrypt,' >>extra_options.h -echo -n 'SymmetricDecrypt,' >>extra_options.h -echo -n 'ECC_PrivateToPublic,' >>extra_options.h -echo -n 'ECC_ValidatePubkey,' >>extra_options.h -echo -n 'ECC_Point_Add,' >>extra_options.h -echo -n 'ECC_Point_Mul,' >>extra_options.h -echo -n 'ECC_Point_Dbl,' >>extra_options.h -echo -n 'ECC_Point_Neg,' >>extra_options.h -echo -n 'ECDSA_Sign,' >>extra_options.h -echo -n 'ECDSA_Verify,' >>extra_options.h -echo -n 'ECDSA_Recover,' >>extra_options.h -echo -n 'Schnorr_Sign,' >>extra_options.h -echo -n 'Schnorr_Verify,' >>extra_options.h -echo -n 'ECDH_Derive,' >>extra_options.h -echo -n 'BignumCalc_Mod_2Exp256 ' >>extra_options.h -echo -n 'BignumCalc_Mod_SECP256K1 ' >>extra_options.h -echo -n '--curves=secp256k1 ' >>extra_options.h -echo -n '--digests=NULL,SHA1,SHA256,SHA512,RIPEMD160,SHA3-256,SIPHASH64 ' >>extra_options.h -echo -n '--ciphers=CHACHA20,AES_256_CBC ' >>extra_options.h -echo -n '--calcops=' >>extra_options.h -# Bitcoin Core arith_uint256.cpp operations -echo -n 'Add,And,Div,IsEq,IsGt,IsGte,IsLt,IsLte,IsOdd,Mul,NumBits,Or,Set,Sub,Xor,' >>extra_options.h -# libsecp256k1 scalar operations -echo -n 'IsZero,IsOne,IsEven,Add,Mul,InvMod,IsEq,CondSet,Bit,Set,RShift ' >>extra_options.h -echo -n '"' >>extra_options.h -cd modules/bitcoin/ -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BITCOIN" -make -B -j$(nproc) -cd ../trezor/ -make -B -j$(nproc) -cd ../botan/ -make -B -j$(nproc) - -# schnorr_fun is currently disabled because it was causing build failures -# See: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39612 -#cd ../schnorr_fun/ -#export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_SCHNORR_FUN" -#if [[ $CFLAGS != *-m32* ]] -#then -# make -#else -# make -f Makefile.i386 -#fi - -cd ../../ - -# Build with 3 configurations of libsecp256k1 -# Discussion: https://github.com/google/oss-fuzz/pull/5717#issuecomment-842765383 - -build_libsecp256k1 "--with-ecmult-window=2" "--with-ecmult-gen-kb=2" -cd $SRC/cryptofuzz/ -make -B -j$(nproc) -cp cryptofuzz $OUT/cryptofuzz-bitcoin-cryptography-w2-kb2 - -build_libsecp256k1 "--with-ecmult-window=15" "--with-ecmult-gen-kb=22" -cd $SRC/cryptofuzz/ -rm cryptofuzz -make -cp cryptofuzz $OUT/cryptofuzz-bitcoin-cryptography-w15-kb22 - -# If the window size is larger than 15, this file must be deleted before proceeding -rm $SRC/secp256k1/src/precomputed_ecmult.c -build_libsecp256k1 "--with-ecmult-window=20" "--with-ecmult-gen-kb=86" -cd $SRC/cryptofuzz/ -rm cryptofuzz -make -cp cryptofuzz $OUT/cryptofuzz-bitcoin-cryptography-w20-kb86 - -# Convert Wycheproof test vectors to Cryptofuzz corpus format -mkdir $SRC/corpus-cryptofuzz-wycheproof/ -find $SRC/wycheproof/testvectors/ -type f -name 'ecdsa_secp256k1_*' -exec $SRC/cryptofuzz/cryptofuzz --from-wycheproof={},$SRC/corpus-cryptofuzz-wycheproof/ \; -# Pack the Wycheproof test vectors -zip -j cryptofuzz-bitcoin-cryptography_seed_corpus.zip $SRC/corpus-cryptofuzz-wycheproof/* -# Use them as the seed corpus for each of the fuzzers -cp cryptofuzz-bitcoin-cryptography_seed_corpus.zip $OUT/cryptofuzz-bitcoin-cryptography-w2-kb2_seed_corpus.zip -cp cryptofuzz-bitcoin-cryptography_seed_corpus.zip $OUT/cryptofuzz-bitcoin-cryptography-w15-kb22_seed_corpus.zip -cp cryptofuzz-bitcoin-cryptography_seed_corpus.zip $OUT/cryptofuzz-bitcoin-cryptography-w20-kb86_seed_corpus.zip diff --git a/projects/bls-signatures/Dockerfile b/projects/bls-signatures/Dockerfile deleted file mode 100644 index 1cbe4090d777..000000000000 --- a/projects/bls-signatures/Dockerfile +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright 2021 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -FROM gcr.io/oss-fuzz-base/base-builder-rust -RUN apt-get update && apt-get install -y make autoconf automake libtool wget python lzip libgmp-dev -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz -RUN git clone --depth 1 https://github.com/supranational/blst -RUN git clone --depth 1 https://github.com/herumi/mcl.git -RUN git clone --depth 1 https://github.com/randombit/botan.git -RUN git clone --depth 1 https://github.com/mratsim/constantine -RUN wget -q https://archives.boost.io/release/1.84.0/source/boost_1_84_0.tar.bz2 -RUN wget -q https://ftp.gnu.org/gnu/gmp/gmp-6.2.1.tar.lz -RUN wget -q https://nim-lang.org/download/nim-2.0.8-linux_x64.tar.xz -RUN wget -q https://nim-lang.org/download/nim-2.0.8-linux_x32.tar.xz -COPY build.sh $SRC/ diff --git a/projects/bls-signatures/build.sh b/projects/bls-signatures/build.sh deleted file mode 100755 index b3717445201e..000000000000 --- a/projects/bls-signatures/build.sh +++ /dev/null @@ -1,239 +0,0 @@ -#!/bin/bash -eu -# Copyright 2021 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL -D_LIBCPP_DEBUG=1" -if [[ "$SANITIZER" = "memory" ]] -then - export CXXFLAGS="$CXXFLAGS -DMSAN" -fi -export LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" -export LINK_FLAGS="" - -# Install Boost headers -cd $SRC/ -tar jxf boost_1_84_0.tar.bz2 -cd boost_1_84_0/ -CFLAGS="" CXXFLAGS="" ./bootstrap.sh -CFLAGS="" CXXFLAGS="" ./b2 headers -cp -R boost/ /usr/include/ - -# Configure Cryptofuzz -cd $SRC/cryptofuzz/ -python gen_repository.py -rm extra_options.h -echo -n '"' >>extra_options.h -echo -n "--force-module=blst " >>extra_options.h -echo -n "--operations=" >>extra_options.h -echo -n "BignumCalc," >>extra_options.h -echo -n "BignumCalc_Fp2," >>extra_options.h -echo -n "BignumCalc_Fp12," >>extra_options.h -echo -n "BLS_BatchVerify," >>extra_options.h -echo -n "BLS_FinalExp," >>extra_options.h -echo -n "BLS_GenerateKeyPair," >>extra_options.h -echo -n "BLS_HashToG1," >>extra_options.h -echo -n "BLS_HashToG2," >>extra_options.h -echo -n "BLS_IsG1OnCurve," >>extra_options.h -echo -n "BLS_IsG2OnCurve," >>extra_options.h -echo -n "BLS_Pairing," >>extra_options.h -echo -n "BLS_PrivateToPublic," >>extra_options.h -echo -n "BLS_PrivateToPublic_G2," >>extra_options.h -echo -n "BLS_Sign," >>extra_options.h -echo -n "BLS_Verify," >>extra_options.h -echo -n "BLS_Compress_G1," >>extra_options.h -echo -n "BLS_Compress_G2," >>extra_options.h -echo -n "BLS_Decompress_G1," >>extra_options.h -echo -n "BLS_Decompress_G2," >>extra_options.h -echo -n "BLS_G1_Add," >>extra_options.h -echo -n "BLS_G1_Mul," >>extra_options.h -echo -n "BLS_G1_IsEq," >>extra_options.h -echo -n "BLS_G1_Neg," >>extra_options.h -echo -n "BLS_G2_Add," >>extra_options.h -echo -n "BLS_G2_Mul," >>extra_options.h -echo -n "BLS_G2_IsEq," >>extra_options.h -echo -n "BLS_G2_Neg," >>extra_options.h -echo -n "BLS_Aggregate_G1", >>extra_options.h -echo -n "BLS_Aggregate_G2", >>extra_options.h -echo -n "BLS_MapToG1", >>extra_options.h -echo -n "BLS_MapToG2", >>extra_options.h -echo -n "BignumCalc_Mod_BLS12_381_P," >>extra_options.h -echo -n "BignumCalc_Mod_BLS12_381_R," >>extra_options.h -echo -n "KDF_HKDF," >>extra_options.h -echo -n "Misc " >>extra_options.h -echo -n "--digests=SHA256 " >>extra_options.h -echo -n "--curves=BLS12_381 " >>extra_options.h -echo -n '"' >>extra_options.h - -# Build arkworks-algebra -if [[ "$SANITIZER" != "memory" ]] -then - cd $SRC/cryptofuzz/modules/arkworks-algebra/ - if [[ $CFLAGS != *-m32* ]] - then - make - else - rustup target add i686-unknown-linux-gnu - make -f Makefile-i386 - fi - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_ARKWORKS_ALGEBRA" -fi - -# Build Constantine -if [[ "$SANITIZER" != "memory" ]] -then - cd $SRC/ - if [[ $CFLAGS != *-m32* ]] - then - tar Jxf nim-2.0.8-linux_x64.tar.xz - else - tar Jxf nim-2.0.8-linux_x32.tar.xz - fi - export NIM_PATH=$(realpath nim-2.0.8) - - export CONSTANTINE_PATH=$SRC/constantine/ - - cd $SRC/cryptofuzz/modules/constantine/ - if [[ $CFLAGS != *-m32* ]] - then - make - else - make -f Makefile-i386 - fi - - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_CONSTANTINE" -fi - -if [[ $CFLAGS = *-m32* ]] -then - # Build and install libgmp - cd $SRC/ - mkdir $SRC/libgmp-install - tar xf gmp-6.2.1.tar.lz - cd $SRC/gmp-6.2.1/ - autoreconf -ivf - if [[ $CFLAGS != *-m32* ]] - then - ./configure --prefix="$SRC/libgmp-install/" --enable-cxx - else - setarch i386 ./configure --prefix="$SRC/libgmp-install/" --enable-cxx - fi - make -j$(nproc) - make install - export CXXFLAGS="$CXXFLAGS -I $SRC/libgmp-install/include/" -fi - -function build_blst() { - if [[ "$SANITIZER" == "memory" ]] - then - CFLAGS="$CFLAGS -D__BLST_NO_ASM__ -D__BLST_PORTABLE__ -Dllimb_t=__uint128_t -D__builtin_assume(x)=(void)(x)" ./build.sh - else - ./build.sh - fi - - export BLST_LIBBLST_A_PATH=$(realpath libblst.a) - export BLST_INCLUDE_PATH=$(realpath bindings/) - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BLST" -} - -# Build blst (normal) -cp -R $SRC/blst/ $SRC/blst_normal/ -cd $SRC/blst_normal/ -build_blst - -# Build mcl -if [[ "$SANITIZER" != "memory" && $CFLAGS != *-m32* ]] -then - cd $SRC/mcl/ - mkdir build/ - cd build/ - if [[ $CFLAGS != *-m32* ]] - then - cmake .. -DMCL_STATIC_LIB=on - export LINK_FLAGS="$LINK_FLAGS -lgmp" - else - cmake .. -DMCL_STATIC_LIB=on \ - -DGMP_INCLUDE_DIR="$SRC/libgmp-install/include/" \ - -DGMP_LIBRARY="$SRC/libgmp-install/lib/libgmp.a" \ - -DGMP_GMPXX_INCLUDE_DIR="$SRC/libgmp-install/include/" \ - -DGMP_GMPXX_LIBRARY="$SRC/libgmp-install/lib/libgmpxx.a" \ - -DMCL_USE_ASM=off - export LINK_FLAGS="$LINK_FLAGS $SRC/libgmp-install/lib/libgmp.a" - fi - make - export MCL_INCLUDE_PATH=$(realpath ../include/) - export MCL_LIBMCL_A_PATH=$(realpath lib/libmcl.a) - export MCL_LIBMCLBN384_A_PATH=$(realpath lib/libmclbn384.a) - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_MCL" -fi - -# Build Botan -cd $SRC/botan/ -if [[ $CFLAGS != *-m32* ]] -then - ./configure.py --cc-bin=$CXX \ - --cc-abi-flags="$CXXFLAGS" \ - --disable-shared \ - --disable-modules=locking_allocator,x509 \ - --build-targets=static \ - --without-documentation -else - ./configure.py --cpu=x86_32 \ - --cc-bin=$CXX \ - --cc-abi-flags="$CXXFLAGS" \ - --disable-shared \ - --disable-modules=locking_allocator,x509 \ - --build-targets=static \ - --without-documentation -fi -make -j$(nproc) - -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BOTAN -DCRYPTOFUZZ_BOTAN_IS_ORACLE" -export LIBBOTAN_A_PATH="$SRC/botan/libbotan-3.a" -export BOTAN_INCLUDE_PATH="$SRC/botan/build/include" - -# Build modules -cd $SRC/cryptofuzz/modules/botan/ -make -B - -cd $SRC/cryptofuzz/modules/blst/ -make -B - -if [[ $CFLAGS != *sanitize=memory* && $CFLAGS != *-m32* ]] -then - cd $SRC/cryptofuzz/modules/mcl/ - make -B -fi - -# Build Cryptofuzz -cd $SRC/cryptofuzz/ -make -B -j - -cp cryptofuzz $OUT/cryptofuzz-bls-signatures - -# Build blst (optimized for size) -cp -R $SRC/blst/ $SRC/blst_optimize_size/ -cd $SRC/blst_optimize_size/ -export CFLAGS="$CFLAGS -D__OPTIMIZE_SIZE__" -build_blst - -cd $SRC/cryptofuzz/modules/blst/ -make -B - -# Build Cryptofuzz -cd $SRC/cryptofuzz/ -rm entry.o; make - -cp cryptofuzz $OUT/cryptofuzz-bls-signatures_optimize_size diff --git a/projects/bls-signatures/project.yaml b/projects/bls-signatures/project.yaml deleted file mode 100644 index 4b192dc8a4f6..000000000000 --- a/projects/bls-signatures/project.yaml +++ /dev/null @@ -1,26 +0,0 @@ -homepage: "https://github.com/supranational/blst" -language: c++ -primary_contact: "guidovranken@gmail.com" -main_repo: "https://github.com/supranational/blst.git" -sanitizers: - - address - - undefined - - memory -architectures: - - x86_64 - - i386 -auto_ccs: - - "kelly@supranational.net" - - "diederik.loerakker@ethereum.org" - - "hoffmang@chia.net" - - "bram@chia.net" - - "mariano@chia.net" - - "arvid@chia.net" - - "bill@chia.net" - - "pratyush795@gmail.com" - -fuzzing_engines: - - afl - - honggfuzz - - libfuzzer - diff --git a/projects/circl/Dockerfile b/projects/circl/Dockerfile deleted file mode 100644 index 1eb76e40fc8f..000000000000 --- a/projects/circl/Dockerfile +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -FROM gcr.io/oss-fuzz-base/base-builder-go - -RUN apt-get update && apt-get install -y make autoconf automake libtool wget python -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz -RUN git clone --depth 1 https://github.com/randombit/botan.git -RUN git clone --depth 1 https://github.com/supranational/blst.git -RUN wget https://archives.boost.io/release/1.84.0/source/boost_1_84_0.tar.bz2 -RUN wget https://storage.googleapis.com/pub/gsutil.tar.gz -O $SRC/gsutil.tar.gz -RUN tar zxf $SRC/gsutil.tar.gz -ENV PATH="${PATH}:$SRC/gsutil" -RUN gsutil cp gs://bls-signatures-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/bls-signatures_cryptofuzz-bls-signatures/public.zip $SRC/cryptofuzz_seed_corpus.zip - -COPY build.sh $SRC/ diff --git a/projects/circl/build.sh b/projects/circl/build.sh deleted file mode 100755 index 7fd7dbfe1129..000000000000 --- a/projects/circl/build.sh +++ /dev/null @@ -1,96 +0,0 @@ -#!/bin/bash -eu -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL -DCRYPTOFUZZ_CIRCL" -export LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" -export LINK_FLAGS="" - -# Install Boost headers -cd $SRC/ -tar jxf boost_1_84_0.tar.bz2 -cd boost_1_84_0/ -CFLAGS="" CXXFLAGS="" ./bootstrap.sh -CFLAGS="" CXXFLAGS="" ./b2 headers -cp -R boost/ /usr/include/ - -# Configure Cryptofuzz -cd $SRC/cryptofuzz/ -python gen_repository.py -echo -n '"' >>extra_options.h -echo -n "--force-module=circl " >>extra_options.h -echo -n "--curves=secp384r1,bls12_381 " >>extra_options.h -echo -n "--operations=" >>extra_options.h -echo -n "ECC_PrivateToPublic," >>extra_options.h -echo -n "ECC_Point_Add," >>extra_options.h -echo -n "ECC_Point_Mul," >>extra_options.h -echo -n "ECC_Point_Dbl," >>extra_options.h -echo -n "BLS_PrivateToPublic," >>extra_options.h -echo -n "BLS_G1_Add," >>extra_options.h -echo -n "BLS_G1_Mul," >>extra_options.h -echo -n "BLS_G1_Neg," >>extra_options.h -echo -n "BLS_G1_IsEq," >>extra_options.h -echo -n "BLS_IsG1OnCurve," >>extra_options.h -echo -n "BLS_HashToG1," >>extra_options.h -echo -n "BLS_PrivateToPublic_G2," >>extra_options.h -echo -n "BLS_G2_Add," >>extra_options.h -echo -n "BLS_G2_Mul," >>extra_options.h -echo -n "BLS_G2_Neg," >>extra_options.h -echo -n "BLS_G2_IsEq," >>extra_options.h -echo -n "BLS_IsG2OnCurve," >>extra_options.h -echo -n "BLS_HashToG2," >>extra_options.h -echo -n "BLS_Compress_G1," >>extra_options.h -echo -n "BLS_Decompress_G1," >>extra_options.h -echo -n "BLS_Pairing," >>extra_options.h -echo -n "BignumCalc_Mod_BLS12_381_P," >>extra_options.h -echo -n "BignumCalc_Mod_BLS12_381_R" >>extra_options.h -echo -n '"' >>extra_options.h - -# Build Botan -cd $SRC/botan -if [[ $CFLAGS != *-m32* ]] -then - ./configure.py --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation -else - ./configure.py --cpu=x86_32 --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation -fi -make -j$(nproc) -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BOTAN -DCRYPTOFUZZ_BOTAN_IS_ORACLE" -export LIBBOTAN_A_PATH="$SRC/botan/libbotan-3.a" -export BOTAN_INCLUDE_PATH="$SRC/botan/build/include" -cd $SRC/cryptofuzz/modules/botan/ -make -f Makefile-oracle -j $(nproc) - -# Build blst -cd $SRC/blst/ -./build.sh -export BLST_LIBBLST_A_PATH=$(realpath libblst.a) -export BLST_INCLUDE_PATH=$(realpath bindings/) -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BLST" -cd $SRC/cryptofuzz/modules/blst/ -make -j $(nproc) - -cd $SRC/cryptofuzz/modules/circl/ -go mod init cryptofuzz/circl -go mod tidy -make -j $(nproc) - -cd $SRC/cryptofuzz/ -make -j $(nproc) - -cp cryptofuzz $OUT/ - -cp $SRC/cryptofuzz_seed_corpus.zip $OUT/ diff --git a/projects/circl/project.yaml b/projects/circl/project.yaml deleted file mode 100644 index 10adebb4d8ec..000000000000 --- a/projects/circl/project.yaml +++ /dev/null @@ -1,11 +0,0 @@ -homepage: "https://github.com/cloudflare/circl" -language: c++ -primary_contact: "guidovranken@gmail.com" -main_repo: "https://github.com/cloudflare/circl.git" -auto_ccs: - - "armfazh@cloudflare.com" - - "bas@cloudflare.com" -sanitizers: - - address -architectures: - - x86_64 diff --git a/projects/cryptofuzz/Dockerfile b/projects/cryptofuzz/Dockerfile deleted file mode 100644 index d6cf1f4605a4..000000000000 --- a/projects/cryptofuzz/Dockerfile +++ /dev/null @@ -1,71 +0,0 @@ -# Copyright 2019 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -FROM gcr.io/oss-fuzz-base/base-builder-rust@sha256:c5216a9896a598dced7ce6708bb3226e443473f567045b4f282595776cc641f1 -# ! Project pinned after a clang update and an afl link error. Log: https://oss-fuzz-gcb-logs.storage.googleapis.com/log-8bc8a5ea-9bfb-421d-bfe9-911828e88741.txt - -RUN apt-get update && \ - apt-get install -y software-properties-common wget make autoconf automake libtool build-essential cmake mercurial gyp ninja-build zlib1g-dev libsqlite3-dev bison flex texinfo lzip bsdmainutils - -# mbedtls needs jsonschema which needs rpds-py which needs pip>=20 -# or a Rust toolchain. -RUN pip3 install 'pip>=20' - -RUN wget https://go.dev/dl/go1.22.7.linux-amd64.tar.gz -RUN wget https://go.dev/dl/go1.23.1.linux-amd64.tar.gz -RUN git clone --depth 1 https://github.com/golang/go go-dev -RUN git clone --depth 1 https://github.com/golang/crypto go-crypto -RUN git clone --depth 1 https://github.com/golang/sys.git go-sys -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz-corpora -RUN git clone --depth 1 https://github.com/openssl/openssl -RUN git clone --depth 1 https://boringssl.googlesource.com/boringssl -RUN git clone --depth 1 git://git.gnupg.org/libgcrypt.git -RUN git clone --depth 1 https://github.com/weidai11/cryptopp/ -RUN wget https://gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.49.tar.bz2 -RUN git clone --depth 1 -b oss-fuzz https://github.com/project-everest/hacl-star evercrypt -RUN git clone --depth 1 https://github.com/google/cityhash.git -RUN git clone --depth 1 https://github.com/randombit/botan.git -RUN git clone --depth 1 https://github.com/wolfSSL/wolfssl.git -RUN git clone --depth 1 https://github.com/wolfSSL/wolfsm -RUN git clone --depth 1 --recurse-submodules -b mbedtls-3.6 https://github.com/Mbed-TLS/mbedtls.git -RUN hg clone https://hg.mozilla.org/projects/nspr -RUN hg clone https://hg.mozilla.org/projects/nss -RUN git clone --depth 1 https://github.com/jedisct1/libsodium.git -RUN git clone --depth 1 https://github.com/libtom/libtomcrypt.git -RUN git clone --depth 1 https://github.com/microsoft/SymCrypt.git -RUN hg clone https://gmplib.org/repo/gmp/ libgmp/ || \ - (wget 'https://ftp.gnu.org/gnu/gmp/gmp-6.2.1.tar.lz' && tar xf gmp-6.2.1.tar.lz && mv $SRC/gmp-6.2.1/ $SRC/libgmp/) -RUN wget https://www.bytereef.org/software/mpdecimal/releases/mpdecimal-4.0.0.tar.gz -RUN git clone --depth 1 https://github.com/indutny/bn.js.git -RUN git clone --depth 1 https://github.com/MikeMcl/bignumber.js.git -RUN git clone --depth 1 https://github.com/guidovranken/libfuzzer-js.git -RUN git clone --depth 1 https://github.com/brix/crypto-js.git -RUN git clone --depth 1 https://github.com/trezor/trezor-firmware.git -RUN git clone --depth 1 https://github.com/Cyan4973/xxHash.git -RUN git clone --depth 1 https://github.com/paulmillr/noble-ed25519.git -RUN git clone --depth 1 https://github.com/paulmillr/noble-bls12-381.git -RUN git clone --depth 1 https://github.com/paulmillr/noble-secp256k1.git -RUN git clone --depth 1 https://github.com/supranational/blst.git -RUN git clone --depth 1 https://github.com/bitcoin-core/secp256k1.git -RUN apt-get remove -y libunwind8 -RUN apt-get update && apt-get install -y libssl-dev -RUN wget https://archives.boost.io/release/1.84.0/source/boost_1_84_0.tar.bz2 -RUN wget https://nodejs.org/dist/v14.17.1/node-v14.17.1-linux-x64.tar.xz -RUN pip3 install -r $SRC/mbedtls/scripts/basic.requirements.txt -RUN bash -c "wget $(curl https://ziglang.org/download/index.json | jq -r '.master."x86_64-linux".tarball') -O zig-latest.tar.xz" - -COPY build.sh xxd.c $SRC/ diff --git a/projects/cryptofuzz/README.md b/projects/cryptofuzz/README.md deleted file mode 100644 index 81cf05bbd423..000000000000 --- a/projects/cryptofuzz/README.md +++ /dev/null @@ -1,30 +0,0 @@ -This OSS-Fuzz project is a composite of multiple cryptographic libraries. It invokes a large amount of implementations for cryptographic primitives across multiple popular libraries, coordinated from a single fuzzing harness. - -Its objectives are: - -1. To assert programmatic soundness: find memory bugs, crashes and time-outs with the help of sanitizers. -2. To assert semantic soundness: detect invalid output occurring under legal use of the library's API. - -One method to detect invalid results (point 2) is to assert equivalence between two or more outputs generated by a single library with the same input (but where each output allowed to be computed differently), aka "self-differential" testing. See [here](https://github.com/openssl/openssl/issues/8675) for a bug found with self-differential testing. - -Another method is to compare a result against the result of different library, where both results are expected to be the same. If they are not the same, this indicates a bug in at least one library. This second method is what merits the composite setup of the project; adherence to the normative specification of a cryptographic primitive is implicitly asserted under the assumption that at least one implementation gets it right. Because determining which one of libraries gets it wrong cannot be reliably automated, all library maintainers are notified in this event, so that the cause of discrepancy can be resolved collaboratively. - -Library builds embedding optimized assembly language code and those using pure C implementations have been assigned separate fuzzer targets (binaries), because either implementation can have distinct bugs that will not transpire if only the other one is tested. - -OpenSSL, BoringSSL and LibreSSL are assigned separate fuzzing targets because their exported symbols largely overlap and can therefore not be bundled into a single binary. - -At this time of writing, no differential testing is performed, because support for additional libraries is not ready yet, but I intend to support mbed TLS and libsodium shortly, and support for popular or built-in cryptography implementations for Go, Rust, Java and Javascript is planned. - -To further clear things up, at some point in the future, the matrix of support libraries versus fuzzing binaries could look like this: - -A binary embedding OpenSSL, mbed TLS, libsodium, Go, Rust, Java, Javascript, ..., ... - -A binary embedding BoringSSL, mbed TLS, libsodium, Go, Rust, Java, Javascript, ..., ... - -A binary embedding LibreSSL, mbed TLS, libsodium, Go, Rust, Java, Javascript, ..., ... - -and another 3 binaries for all of the pure C versions (no assembly language optimizations) of these libraries. - -As more libraries are added, I will add a throttle mechanism to Cryptofuzz to ensure that no more than, say, 4 libraries will be called during a single iteration, so that no amount of supported libraries will impact the overall speed of the fuzzing process. - -More information can be found at [Cryptofuzz](https://github.com/guidovranken/cryptofuzz). diff --git a/projects/cryptofuzz/build.sh b/projects/cryptofuzz/build.sh deleted file mode 100755 index 79a88cfad0d9..000000000000 --- a/projects/cryptofuzz/build.sh +++ /dev/null @@ -1,765 +0,0 @@ -#!/bin/bash -eu -# Copyright 2019 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -# TODO(metzman): Switch this to LIB_FUZZING_ENGINE when it works. -# https://github.com/google/oss-fuzz/issues/2336 - -export CXXFLAGS="$CXXFLAGS -D_LIBCPP_DEBUG=1" -export GO111MODULE=off - -# Install Go stable binaries -mkdir $SRC/go-bootstrap -cd $SRC/go-bootstrap - -tar zxf $SRC/go1.23.1.linux-amd64.tar.gz -mv go/ go-123 -export GOROOT_123=$SRC/go-bootstrap/go-123/ -export GOPATH_123=$GOROOT_123/packages/ -mkdir $GOPATH_123 -mkdir -p $GOPATH_123/src/golang.org/x/crypto/ -cp -R $SRC/go-crypto/* $GOPATH_123/src/golang.org/x/crypto/ -mkdir -p $GOPATH_123/src/golang.org/x/sys/ -cp -R $SRC/go-sys/* $GOPATH_123/src/golang.org/x/sys/ -export PATH_GO_123=$GOROOT_123/bin:$GOROOT_123/packages/bin:$PATH - -tar zxf $SRC/go1.22.7.linux-amd64.tar.gz -mv go/ go-122 -export GOROOT_122=$SRC/go-bootstrap/go-122/ -export GOPATH_122=$GOROOT_122/packages/ -mkdir $GOPATH_122 -mkdir -p $GOPATH_122/src/golang.org/x/crypto/ -cp -R $SRC/go-crypto/* $GOPATH_122/src/golang.org/x/crypto/ -mkdir -p $GOPATH_122/src/golang.org/x/sys/ -cp -R $SRC/go-sys/* $GOPATH_122/src/golang.org/x/sys/ -export PATH_GO_122=$GOROOT_122/bin:$GOROOT_122/packages/bin:$PATH - -# Compile Go development version -cd $SRC/go-dev/src/ -export OLD_PATH=$PATH -PATH="$PATH_GO_123" ./make.bash -export GOROOT_DEV=$(realpath ../) -export GOPATH_DEV=$GOROOT_DEV/packages -mkdir $GOPATH_DEV -mkdir -p $GOPATH_DEV/src/golang.org/x/crypto/ -cp -R $SRC/go-crypto/* $GOPATH_DEV/src/golang.org/x/crypto/ -mkdir -p $GOPATH_DEV/src/golang.org/x/sys/ -cp -R $SRC/go-sys/* $GOPATH_DEV/src/golang.org/x/sys/ -export PATH_GO_DEV=$GOROOT_DEV/bin:$GOROOT_DEV/packages/bin:$PATH - -if [[ $CFLAGS != *sanitize=memory* && $CFLAGS != *-m32* ]] -then - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_GOLANG" -fi - -if [[ $CFLAGS != *sanitize=memory* && $CFLAGS != *-m32* ]] -then - # Install nodejs/npm - # It is required for building noble-bls12-381 - cd $SRC/ - tar Jxf node-v14.17.1-linux-x64.tar.xz - export PATH="$PATH:$SRC/node-v14.17.1-linux-x64/bin/" -fi - -# Compile xxd -$CC $SRC/xxd.c -o /usr/bin/xxd - -# Copy the upstream checkout of xxHash over the old version -rm -rf $SRC/cryptofuzz/modules/reference/xxHash/ -cp -R $SRC/xxHash/ $SRC/cryptofuzz/modules/reference/ - -# Install Boost headers -cd $SRC/ -tar jxf boost_1_84_0.tar.bz2 -cd boost_1_84_0/ -CFLAGS="" CXXFLAGS="" ./bootstrap.sh -CFLAGS="" CXXFLAGS="" ./b2 headers -cp -R boost/ /usr/include/ - -export LINK_FLAGS="" -if [[ $CFLAGS = *-m32* ]] -then - export LINK_FLAGS="$LINK_FLAGS -latomic" -fi -export INCLUDE_PATH_FLAGS="" - -# Generate lookup tables. This only needs to be done once. -cd $SRC/cryptofuzz -python gen_repository.py - -# This enables runtime checks for C++-specific undefined behaviour. -export CXXFLAGS="$CXXFLAGS -D_GLIBCXX_DEBUG" - -# wolfCrypt uses a slightly different ECDH algorithm than Trezor and libsecp256k1. -# This disables running ECDH in Trezor and libsecp256k1 to prevent mismatches. -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_DISABLE_SPECIAL_ECDH" - -export CXXFLAGS="$CXXFLAGS -I $SRC/cryptofuzz/fuzzing-headers/include" -if [[ $CFLAGS = *sanitize=memory* ]] -then - export CXXFLAGS="$CXXFLAGS -DMSAN" -fi - -if [[ $CFLAGS != *sanitize=memory* && $CFLAGS != *-m32* ]] -then - # Compile libfuzzer-js (required for all JavaScript libraries) - export LIBFUZZER_A_PATH="$LIB_FUZZING_ENGINE" - cd $SRC/libfuzzer-js/ - make - export LIBFUZZER_JS_PATH=$(realpath .) - export LINK_FLAGS="$LINK_FLAGS $LIBFUZZER_JS_PATH/js.o $LIBFUZZER_JS_PATH/quickjs/libquickjs.a" - - # Compile bn.js module - export BN_JS_PATH="$SRC/bn.js/lib/bn.js" - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BN_JS" - cd $SRC/cryptofuzz/modules/bn.js/ - make - - # Compile bignumber.js module - export BIGNUMBER_JS_PATH="$SRC/bignumber.js/bignumber.js" - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BIGNUMBER_JS" - cd $SRC/cryptofuzz/modules/bignumber.js/ - make - - export CRYPTO_JS_PATH="$SRC/crypto-js/" - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_CRYPTO_JS" - cd $SRC/cryptofuzz/modules/crypto-js/ - make -fi - -if [[ $CFLAGS != *-m32* && "$SANITIZER" != "coverage" ]] -then - cd $SRC/ - tar Jxf zig-latest.tar.xz - export ZIG_BIN=$(realpath zig-linux-x86_64*/zig) - - cd $SRC/cryptofuzz/modules/zig/ - make -j$(nproc) - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_ZIG" -fi - -# Compile NSS -if [[ $CFLAGS != *-m32* ]] -then - mkdir $SRC/nss-nspr - mv $SRC/nss $SRC/nss-nspr/ - mv $SRC/nspr $SRC/nss-nspr/ - cd $SRC/nss-nspr/ - - # Prevent compilation error with Clang - export CFLAGS="$CFLAGS -Wno-unused-but-set-variable" - - CXX="$CXX -stdlib=libc++" LDFLAGS="$CFLAGS" nss/build.sh --enable-fips --static --disable-tests --fuzz=oss - - export NSS_NSPR_PATH=$(realpath $SRC/nss-nspr/) - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NSS" - export LINK_FLAGS="$LINK_FLAGS -lsqlite3" - - # Compile Cryptofuzz NSS module - cd $SRC/cryptofuzz/modules/nss - make -B -fi - -# Rename blake2b_* functions to avoid symbol collisions with other libraries -cd $SRC/trezor-firmware/crypto -sed -i "s/\>new_no_asm.h -#echo "typedef unsigned long long llimb_t;" >>new_no_asm.h -#echo "#else" >>new_no_asm.h -#echo "typedef __uint128_t llimb_t;" >>new_no_asm.h -#echo "#endif" >>new_no_asm.h -#cat src/no_asm.h >>new_no_asm.h -#mv new_no_asm.h src/no_asm.h -#CFLAGS="$CFLAGS -D__BLST_NO_ASM__ -D__BLST_PORTABLE__" ./build.sh -#export BLST_LIBBLST_A_PATH=$(realpath libblst.a) -#export BLST_INCLUDE_PATH=$(realpath bindings/) -#export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BLST" -# -## Compile Cryptofuzz blst module -#cd $SRC/cryptofuzz/modules/blst/ -#make -B -j$(nproc) - -# Build libsecp256k1 -cd $SRC/secp256k1/ -autoreconf -ivf -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_SECP256K1" -if [[ $CFLAGS = *sanitize=memory* ]] -then - ./configure --enable-static --disable-tests --disable-benchmark --disable-exhaustive-tests --enable-module-recovery --enable-experimental --enable-module-schnorrsig --enable-module-ecdh --with-asm=no -else - ./configure --enable-static --disable-tests --disable-benchmark --disable-exhaustive-tests --enable-module-recovery --enable-experimental --enable-module-schnorrsig --enable-module-ecdh -fi -make -export SECP256K1_INCLUDE_PATH=$(realpath .) -export LIBSECP256K1_A_PATH=$(realpath .libs/libsecp256k1.a) - -# Compile Cryptofuzz libsecp256k1 module -cd $SRC/cryptofuzz/modules/secp256k1/ -make -B -j$(nproc) - -#if [[ $CFLAGS != *sanitize=memory* && $CFLAGS != *-m32* ]] -#then -# noble-secp256k1 -# cd $SRC/noble-secp256k1/ -# npm install && npm run build -# export NOBLE_SECP256K1_PATH=$(realpath lib/index.js) -# -# cd $SRC/cryptofuzz/modules/noble-secp256k1/ -# export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NOBLE_SECP256K1" -# make -B - -# noble-bls12-381 -# cd $SRC/noble-bls12-381/ -# cp math.ts new_index.ts -# $(awk '/^export/ {print "tail -n +"FNR+1" index.ts"; exit}' index.ts) >>new_index.ts -# mv new_index.ts index.ts -# npm install && npm run build -# export NOBLE_BLS12_381_PATH=$(realpath index.js) -# export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NOBLE_BLS12_381" -# cd $SRC/cryptofuzz/modules/noble-bls12-381/ -# make -B - -# noble-ed25519 -# cd $SRC/cryptofuzz/modules/noble-ed25519/ -# export NOBLE_ED25519_PATH="$SRC/noble-ed25519/index.js" -# export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NOBLE_ED25519" -# make -B -#fi - -## Compile SymCrypt -if [[ $CFLAGS != *-m32* ]] -then - cd $SRC/SymCrypt/ - - # Disable speculative load hardening because - # this results in MSAN false positives - sed -i '/.*x86-speculative-load-hardening.*/d' lib/CMakeLists.txt - - # Unittests don't build with clang and are not needed anyway - sed -i "s/^add_subdirectory(unittest)$//g" CMakeLists.txt - - mkdir b/ - cd b/ - if [[ $CFLAGS = *sanitize=memory* ]] - then - cmake -DSYMCRYPT_USE_ASM=off ../ - else - cmake ../ - fi - - make symcrypt_common symcrypt_generic -j$(nproc) - - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_SYMCRYPT" - export SYMCRYPT_INCLUDE_PATH=$(realpath ../inc/) - export LIBSYMCRYPT_COMMON_A_PATH=$(realpath lib/libsymcrypt_common.a) - export SYMCRYPT_GENERIC_A_PATH=$(realpath lib/symcrypt_generic.a) - - # Compile Cryptofuzz SymCrypt module - cd $SRC/cryptofuzz/modules/symcrypt - make -B -fi - -# Compile libgmp -cd $SRC/libgmp/ -autoreconf -ivf -if [[ $CFLAGS = *-m32* ]] -then - setarch i386 ./configure --enable-maintainer-mode --enable-assert -elif [[ $CFLAGS = *sanitize=memory* ]] -then - ./configure --enable-maintainer-mode --enable-assert --disable-assembly -else - ./configure --enable-maintainer-mode --enable-assert -fi -make -j$(nproc) -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_LIBGMP" -export LIBGMP_INCLUDE_PATH=$(realpath .) -export LIBGMP_A_PATH=$(realpath .libs/libgmp.a) -# Compile Cryptofuzz libgmp module -cd $SRC/cryptofuzz/modules/libgmp -make -B - -# Compile mpdecimal -cd $SRC/ -tar zxf mpdecimal-4.0.0.tar.gz -cd mpdecimal-4.0.0/ -./configure -cd libmpdec/ -make libmpdec.a -j$(nproc) -cd ../ -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_MPDECIMAL" -export LIBMPDEC_A_PATH=$(realpath libmpdec/libmpdec.a) -export LIBMPDEC_INCLUDE_PATH=$(realpath libmpdec/) -# Compile Cryptofuzz mpdecimal module -cd $SRC/cryptofuzz/modules/mpdecimal -make -B - -# Compile Cityhash -cd $SRC/cityhash -if [[ $CFLAGS != *-m32* ]] -then - CXXFLAGS="$CXXFLAGS -msse4.2" ./configure --disable-shared -else - ./configure --disable-shared -fi -make -j$(nproc) - -export CXXFLAGS="$CXXFLAGS -I$SRC/cityhash/src" -export CRYPTOFUZZ_REFERENCE_CITY_O_PATH="$SRC/cityhash/src/city.o" - -############################################################################## -# Compile cryptopp -cd $SRC/cryptopp -if [[ $CFLAGS != *sanitize=memory* ]] -then - make libcryptopp.a -j$(nproc) -else - export CXXFLAGS="$CXXFLAGS -DCRYPTOPP_DISABLE_ASM=1" - make libcryptopp.a -j$(nproc) -fi - -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_CRYPTOPP" -export LIBCRYPTOPP_A_PATH="$SRC/cryptopp/libcryptopp.a" -export CRYPTOPP_INCLUDE_PATH="$SRC/cryptopp" - -# Compile Cryptofuzz cryptopp module -cd $SRC/cryptofuzz/modules/cryptopp -make -B - -############################################################################## -# Compile Mbed TLS -cd $SRC/mbedtls/ -scripts/config.py set MBEDTLS_PLATFORM_MEMORY -scripts/config.py set MBEDTLS_CMAC_C -scripts/config.py set MBEDTLS_NIST_KW_C -scripts/config.py set MBEDTLS_ARIA_C -if [[ $CFLAGS == *sanitize=memory* ]] -then - scripts/config.py unset MBEDTLS_HAVE_ASM - scripts/config.py unset MBEDTLS_PADLOCK_C - scripts/config.py unset MBEDTLS_AESNI_C - scripts/config.py unset MBEDTLS_AESCE_C -fi -mkdir build/ -cd build/ -cmake .. -DENABLE_PROGRAMS=0 -DENABLE_TESTING=0 -make -j$(nproc) -export MBEDTLS_LIBMBEDCRYPTO_A_PATH="$SRC/mbedtls/build/library/libmbedcrypto.a" -export MBEDTLS_INCLUDE_PATH="$SRC/mbedtls/include" -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_MBEDTLS -DCRYPTOFUZZ_TF_PSA_CRYPTO" - -# Compile Cryptofuzz module for Mbed TLS with the legacy crypto API -cd $SRC/cryptofuzz/modules/mbedtls -make -B - -# Compile Cryptofuzz module for Mbed TLS with the PSA crypto API -cd $SRC/cryptofuzz/modules/tf-psa-crypto -make -B - -############################################################################## -# Compile Botan -cd $SRC/botan -if [[ $CFLAGS != *-m32* ]] -then - if [[ $CFLAGS != *sanitize=memory* ]] - then - ./configure.py --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation - else - ./configure.py --disable-asm --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation - fi -else - ./configure.py --cpu=x86_32 --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation -fi -make -j$(nproc) - -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BOTAN" -export LIBBOTAN_A_PATH="$SRC/botan/libbotan-3.a" -export BOTAN_INCLUDE_PATH="$SRC/botan/build/include" - -# Compile Cryptofuzz Botan module -cd $SRC/cryptofuzz/modules/botan -make -B - -############################################################################## -if [[ $CFLAGS != *sanitize=memory* ]] -then - # Compile libgpg-error (dependency of libgcrypt) - cd $SRC/ - tar jxvf libgpg-error-1.49.tar.bz2 - cd libgpg-error-1.49/ - if [[ $CFLAGS != *-m32* ]] - then - ./configure --enable-static - else - ./configure --enable-static --host=i386 - fi - ASAN_OPTIONS=detect_leaks=0 make -j$(nproc) - make install - export LINK_FLAGS="$LINK_FLAGS $SRC/libgpg-error-1.49/src/.libs/libgpg-error.a" - - # Compile libgcrypt - cd $SRC/libgcrypt - autoreconf -ivf - if [[ $CFLAGS = *-m32* ]] - then - ./configure --enable-static --disable-doc --disable-jent-support --host=i386 - else - ./configure --enable-static --disable-doc --disable-jent-support - fi - make -j$(nproc) - - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_LIBGCRYPT" - export LIBGCRYPT_A_PATH="$SRC/libgcrypt/src/.libs/libgcrypt.a" - export LIBGCRYPT_INCLUDE_PATH="$SRC/libgcrypt/src" - - # Compile Cryptofuzz libgcrypt module - cd $SRC/cryptofuzz/modules/libgcrypt - make -B -fi - -# Compile libsodium -cd $SRC/libsodium -autoreconf -ivf -if [[ $CFLAGS != *sanitize=memory* ]] -then - ./configure -else - ./configure --disable-asm -fi -make -j$(nproc) - -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_LIBSODIUM" -export LIBSODIUM_A_PATH="$SRC/libsodium/src/libsodium/.libs/libsodium.a" -export LIBSODIUM_INCLUDE_PATH="$SRC/libsodium/src/libsodium/include" - -# Compile Cryptofuzz libsodium module -cd $SRC/cryptofuzz/modules/libsodium -make -B - -# Disabled because NSS now also embeds evercrypt, leading to symbol collisions -#if [[ $CFLAGS != *sanitize=memory* && $CFLAGS != *-m32* ]] -#then -# # Compile EverCrypt (with assembly) -# cd $SRC/evercrypt/dist -# make -C portable -j$(nproc) libevercrypt.a -# make -C kremlin/kremlib/dist/minimal -j$(nproc) -# -# export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_EVERCRYPT" -# export EVERCRYPT_A_PATH="$SRC/evercrypt/dist/portable/libevercrypt.a" -# export KREMLIN_A_PATH="$SRC/evercrypt/dist/kremlin/kremlib/dist/minimal/*.o" -# export EVERCRYPT_INCLUDE_PATH="$SRC/evercrypt/dist" -# export KREMLIN_INCLUDE_PATH="$SRC/evercrypt/dist/kremlin/include" -# export INCLUDE_PATH_FLAGS="$INCLUDE_PATH_FLAGS -I $EVERCRYPT_INCLUDE_PATH -I $KREMLIN_INCLUDE_PATH" -# -# # Compile Cryptofuzz EverCrypt (with assembly) module -# cd $SRC/cryptofuzz/modules/evercrypt -# make -B -#fi - -############################################################################## -# Compile Cryptofuzz reference (without assembly) module -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_REFERENCE" -cd $SRC/cryptofuzz/modules/reference -make -B - -############################################################################## -# Compile Cryptofuzz Veracrypt (without assembly) module -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_VERACRYPT" -cd $SRC/cryptofuzz/modules/veracrypt -make -B - -############################################################################## -# Compile Cryptofuzz Monero (without assembly) module -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_MONERO" -cd $SRC/cryptofuzz/modules/monero -make -B - -############################################################################## -# Compile Cryptofuzz Golang (123) module -if [[ $CFLAGS != *sanitize=memory* && $CFLAGS != *-m32* ]] -then - cd $SRC/cryptofuzz/modules/golang - GOROOT="$GOROOT_123" GOPATH="$GOPATH_123" PATH="$PATH_GO_123" make -B -fi - -if [[ $CFLAGS != *-m32* ]] -then - # Compile Cryptofuzz (NSS-based) - cd $SRC/cryptofuzz - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL $INCLUDE_PATH_FLAGS" make -B -j$(nproc) - - # Generate dictionary - ./generate_dict - - # Patch fuzzer - if [ "$SANITIZER" = undefined ]; then - patchelf --set-rpath '$ORIGIN/lib/jdk-18.0.1/lib/server/' $SRC/cryptofuzz/cryptofuzz - fi - - # Copy fuzzer - cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz-nss - # Copy dictionary - cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz-nss.dict - # Copy seed corpus - cp $SRC/cryptofuzz-corpora/libressl_latest.zip $OUT/cryptofuzz-nss_seed_corpus.zip - - rm $SRC/cryptofuzz/modules/nss/module.a - - CXXFLAGS=${CXXFLAGS//"-DCRYPTOFUZZ_NSS"/} - LINK_FLAGS=${LINK_FLAGS//"-lsqlite3"/} -fi - -rm -f $SRC/cryptofuzz/modules/golang/module.a - -if [[ $CFLAGS != *sanitize=memory* ]] -then - # libtomcrypt can only be compiled with NSS, because OpenSSL, LibreSSL and - # BoringSSL have symbol collisions with libtomcrypt. - # - # So, now that NSS-based Cryptofuzz has been compiled, remove libtomcrypt - export CXXFLAGS=${CXXFLAGS/-DCRYPTOFUZZ_LIBTOMCRYPT/} - rm -rf "$LIBTOMCRYPT_A_PATH" -fi - -############################################################################## -# Compile wolfCrypt -cd $SRC/wolfsm/ -./install.sh -cd $SRC/wolfssl -# Enable additional wolfCrypt features which cannot be activated through arguments to ./configure -export CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP" -autoreconf -ivf - -export WOLFCRYPT_CONFIGURE_PARAMS="--enable-static --enable-md2 --enable-md4 --enable-ripemd --enable-blake2 --enable-blake2s --enable-pwdbased --enable-scrypt --enable-hkdf --enable-cmac --enable-arc4 --enable-camellia --enable-aesccm --enable-aesctr --enable-xts --enable-des3 --enable-x963kdf --enable-harden --enable-aescfb --enable-aesofb --enable-aeskeywrap --enable-aessiv --enable-shake256 --enable-curve25519 --enable-curve448 --disable-crypttests --disable-examples --enable-keygen --enable-compkey --enable-ed448 --enable-ed25519 --enable-ecccustcurves --enable-xchacha --enable-cryptocb --enable-eccencrypt --enable-aesgcm-stream --enable-shake128 --enable-siphash --enable-eccsi --with-eccminsz=0 --enable-aeseax --enable-ed25519-stream --enable-ed448-stream --enable-sm2 --enable-sm3 --enable-sm4-cbc --enable-sm4-ccm --enable-sm4-ctr --enable-sm4-ecb --enable-sm4-gcm --enable-smallstack" - -if [[ $CFLAGS = *sanitize=memory* ]] -then - export WOLFCRYPT_CONFIGURE_PARAMS="$WOLFCRYPT_CONFIGURE_PARAMS -disable-asm" -fi - -if [[ $CFLAGS = *-m32* ]] -then - export WOLFCRYPT_CONFIGURE_PARAMS="$WOLFCRYPT_CONFIGURE_PARAMS -disable-fastmath" -fi - -./configure $WOLFCRYPT_CONFIGURE_PARAMS -make -j$(nproc) - -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_WOLFCRYPT" -export WOLFCRYPT_LIBWOLFSSL_A_PATH="$SRC/wolfssl/src/.libs/libwolfssl.a" -export WOLFCRYPT_INCLUDE_PATH="$SRC/wolfssl" - -# Compile Cryptofuzz wolfcrypt (without assembly) module -cd $SRC/cryptofuzz/modules/wolfcrypt -make -B - -############################################################################## -# Compile Cryptofuzz Golang (122) module -if [[ $CFLAGS != *sanitize=memory* && $CFLAGS != *-m32* ]] -then - cd $SRC/cryptofuzz/modules/golang - GOROOT="$GOROOT_122" GOPATH="$GOPATH_122" PATH="$PATH_GO_122" make -B -fi - -# OpenSSL can currently not be used together with wolfCrypt due to symbol collisions -export SAVE_CXXFLAGS="$CXXFLAGS" -export CXXFLAGS=${CXXFLAGS/-DCRYPTOFUZZ_WOLFCRYPT/} - -############################################################################## -if [[ $CFLAGS != *sanitize=memory* ]] -then - # Compile Openssl (with assembly) - cd $SRC/openssl - if [[ $CFLAGS != *-m32* ]] - then - ./config --debug enable-md2 enable-rc5 - else - setarch i386 ./config --debug enable-md2 enable-rc5 - fi - make -j$(nproc) - - # Compile Cryptofuzz OpenSSL (with assembly) module - cd $SRC/cryptofuzz/modules/openssl - OPENSSL_INCLUDE_PATH="$SRC/openssl/include" OPENSSL_LIBCRYPTO_A_PATH="$SRC/openssl/libcrypto.a" make -B - - # Compile Cryptofuzz - cd $SRC/cryptofuzz - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include $INCLUDE_PATH_FLAGS" make -B -j$(nproc) - - # Generate dictionary - ./generate_dict - - # Patch fuzzer - if [ "$SANITIZER" = undefined ]; then - patchelf --set-rpath '$ORIGIN/lib/jdk-18.0.1/lib/server/' $SRC/cryptofuzz/cryptofuzz - fi - - # Copy fuzzer - cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz-openssl - # Copy dictionary - cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz-openssl.dict - # Copy seed corpus - cp $SRC/cryptofuzz-corpora/openssl_latest.zip $OUT/cryptofuzz-openssl_seed_corpus.zip -fi - -############################################################################## -# Compile Openssl (without assembly) -cd $SRC/openssl -if [[ $CFLAGS != *-m32* ]] -then - ./config --debug no-asm enable-md2 enable-rc5 -else - setarch i386 ./config --debug no-asm enable-md2 enable-rc5 -fi -make clean -make -j$(nproc) - -# Compile Cryptofuzz OpenSSL (without assembly) module -cd $SRC/cryptofuzz/modules/openssl -OPENSSL_INCLUDE_PATH="$SRC/openssl/include" OPENSSL_LIBCRYPTO_A_PATH="$SRC/openssl/libcrypto.a" make -B - -# Compile Cryptofuzz -cd $SRC/cryptofuzz -LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include $INCLUDE_PATH_FLAGS" make -B -j$(nproc) - -# Generate dictionary -./generate_dict - -# Patch fuzzer -if [ "$SANITIZER" = undefined ]; then - patchelf --set-rpath '$ORIGIN/lib/jdk-18.0.1/lib/server/' $SRC/cryptofuzz/cryptofuzz -fi - -# Copy fuzzer -cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz-openssl-noasm -# Copy dictionary -cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz-openssl-noasm.dict -# Copy seed corpus -cp $SRC/cryptofuzz-corpora/openssl_latest.zip $OUT/cryptofuzz-openssl-noasm_seed_corpus.zip - -rm -f $SRC/cryptofuzz/modules/golang/module.a - -export CXXFLAGS="$SAVE_CXXFLAGS" - -############################################################################## -# Compile Cryptofuzz Golang (dev branch) module -if [[ $CFLAGS != *sanitize=memory* && $CFLAGS != *-m32* ]] -then - cd $SRC/cryptofuzz/modules/golang - GOROOT="$GOROOT_DEV" GOPATH="$GOPATH_DEV" PATH="$PATH_GO_DEV" make -B -fi - -############################################################################## -if [[ $CFLAGS != *sanitize=memory* ]] -then - # Compile BoringSSL (with assembly) - cd $SRC/boringssl - rm -rf build ; mkdir build - cd build - if [[ $CFLAGS = *-m32* ]] - then - GOROOT="$GOROOT_DEV" GOPATH="$GOPATH_DEV" PATH="$PATH_GO_DEV" setarch i386 cmake -DCMAKE_CXX_FLAGS="$CXXFLAGS -fno-sanitize=vptr" -DCMAKE_C_FLAGS="$CFLAGS -fno-sanitize=vptr" -DBORINGSSL_ALLOW_CXX_RUNTIME=1 -DCMAKE_ASM_FLAGS="-m32" .. - else - GOROOT="$GOROOT_DEV" GOPATH="$GOPATH_DEV" PATH="$PATH_GO_DEV" cmake -DCMAKE_CXX_FLAGS="$CXXFLAGS -fno-sanitize=vptr" -DCMAKE_C_FLAGS="$CFLAGS -fno-sanitize=vptr" -DBORINGSSL_ALLOW_CXX_RUNTIME=1 .. - fi - make -j$(nproc) crypto - - # Compile Cryptofuzz BoringSSL (with assembly) module - cd $SRC/cryptofuzz/modules/openssl - OPENSSL_INCLUDE_PATH="$SRC/boringssl/include" OPENSSL_LIBCRYPTO_A_PATH="$SRC/boringssl/build/crypto/libcrypto.a" CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BORINGSSL" make -B - - # Compile Cryptofuzz - cd $SRC/cryptofuzz - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include $INCLUDE_PATH_FLAGS" make -B -j$(nproc) - - # Generate dictionary - ./generate_dict - - # Patch fuzzer - if [ "$SANITIZER" = undefined ]; then - patchelf --set-rpath '$ORIGIN/lib/jdk-18.0.1/lib/server/' $SRC/cryptofuzz/cryptofuzz - fi - - # Copy fuzzer - cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz-boringssl - # Copy dictionary - cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz-boringssl.dict - # Copy seed corpus - cp $SRC/cryptofuzz-corpora/boringssl_latest.zip $OUT/cryptofuzz-boringssl_seed_corpus.zip -fi - -# Compile Cryptofuzz libgmp mini-gmp module -cd $SRC/cryptofuzz/modules/libgmp -make -B -f Makefile-mini-gmp - -############################################################################## -# Compile BoringSSL (without assembly) -cd $SRC/boringssl -rm -rf build ; mkdir build -cd build -GOROOT="$GOROOT_DEV" GOPATH="$GOPATH_DEV" PATH="$PATH_GO_DEV" cmake -DCMAKE_CXX_FLAGS="$CXXFLAGS -fno-sanitize=vptr" -DCMAKE_C_FLAGS="$CFLAGS -fno-sanitize=vptr" -DBORINGSSL_ALLOW_CXX_RUNTIME=1 -DOPENSSL_NO_ASM=1 .. -make -j$(nproc) crypto - -# Compile Cryptofuzz BoringSSL (without assembly) module -cd $SRC/cryptofuzz/modules/openssl -OPENSSL_INCLUDE_PATH="$SRC/boringssl/include" OPENSSL_LIBCRYPTO_A_PATH="$SRC/boringssl/build/crypto/libcrypto.a" CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BORINGSSL" make -B - -# Compile Cryptofuzz -cd $SRC/cryptofuzz -LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include $INCLUDE_PATH_FLAGS" make -B -j$(nproc) - -# Generate dictionary -./generate_dict - -# Patch fuzzer -if [ "$SANITIZER" = undefined ]; then - patchelf --set-rpath '$ORIGIN/lib/jdk-18.0.1/lib/server/' $SRC/cryptofuzz/cryptofuzz -fi - -# Copy fuzzer -cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz-boringssl-noasm -# Copy dictionary -cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz-boringssl-noasm.dict -# Copy seed corpus -cp $SRC/cryptofuzz-corpora/boringssl_latest.zip $OUT/cryptofuzz-boringssl-noasm_seed_corpus.zip diff --git a/projects/cryptofuzz/project.yaml b/projects/cryptofuzz/project.yaml deleted file mode 100644 index 77668acbbd30..000000000000 --- a/projects/cryptofuzz/project.yaml +++ /dev/null @@ -1,53 +0,0 @@ -homepage: "https://github.com/guidovranken/cryptofuzz" -language: c++ -primary_contact: "guidovranken@gmail.com" -auto_ccs: - - kurt@roeckx.be - - agl@google.com - - davidben@google.com - - svaldez@google.com - - beck@obtuse.com - - joel.sing@gmail.com - - kinichiro.inoguchi@gmail.com - - github@pureftpd.org - - jussi.kivilinna@gmail.com - - szanella@gmail.com - - karthik.bhargavan@gmail.com - - jonathan.protzenko@gmail.com - - richard@levitte.org - - ppzgs1@gmail.com - - jack.lloyd@gmail.com - - shane.lontis@hotmail.com - - david@wolfssl.com - - kaleb@wolfssl.com - - jacob@wolfssl.com - - sledru@mozilla.com - - bbeurdouche@mozilla.com - - matthias.st.pierre@gmail.com - - kaleb.himes@gmail.com - - polubelovam@gmail.com - - mbed-tls-security@lists.trustedfirmware.org - - choller@mozilla.com - - djackson@mozilla.com - - dkeeler@mozilla.com - - jkratzer@mozilla.com - - jschanck@mozilla.com - - jschwartzentruber@mozilla.com - - nkulatova@mozilla.com - - twsmith@mozilla.com - - mdauer@mozilla.com -vendor_ccs: - - oss-fuzz@mozilla-fuzzing.iam.gserviceaccount.com -sanitizers: - - address - - undefined - - memory -architectures: - - x86_64 -main_repo: 'https://github.com/guidovranken/cryptofuzz' - -fuzzing_engines: - - afl - - honggfuzz - - libfuzzer - diff --git a/projects/cryptofuzz/xxd.c b/projects/cryptofuzz/xxd.c deleted file mode 100644 index f76adaa3a34c..000000000000 --- a/projects/cryptofuzz/xxd.c +++ /dev/null @@ -1,868 +0,0 @@ -/* xxd: my hexdump facility. jw - * - * 2.10.90 changed to word output - * 3.03.93 new indent style, dumb bug inserted and fixed. - * -c option, mls - * 26.04.94 better option parser, -ps, -l, -s added. - * 1.07.94 -r badly needs - as input file. Per default autoskip over - * consecutive lines of zeroes, as unix od does. - * -a shows them too. - * -i dump as c-style #include "file.h" - * 1.11.95 if "xxd -i" knows the filename, an 'unsigned char filename_bits[]' - * array is written in correct c-syntax. - * -s improved, now defaults to absolute seek, relative requires a '+'. - * -r improved, now -r -s -0x... is supported. - * change/suppress leading '\0' bytes. - * -l n improved: stops exactly after n bytes. - * -r improved, better handling of partial lines with trailing garbage. - * -r improved, now -r -p works again! - * -r improved, less flushing, much faster now! (that was silly) - * 3.04.96 Per repeated request of a single person: autoskip defaults to off. - * 15.05.96 -v added. They want to know the version. - * -a fixed, to show last line inf file ends in all zeros. - * -u added: Print upper case hex-letters, as preferred by unix bc. - * -h added to usage message. Usage message extended. - * Now using outfile if specified even in normal mode, aehem. - * No longer mixing of ints and longs. May help doze people. - * Added binify ioctl for same reason. (Enough Doze stress for 1996!) - * 16.05.96 -p improved, removed occasional superfluous linefeed. - * 20.05.96 -l 0 fixed. tried to read anyway. - * 21.05.96 -i fixed. now honours -u, and prepends __ to numeric filenames. - * compile -DWIN32 for NT or W95. George V. Reilly, * -v improved :-) - * support --gnuish-longhorn-options - * 25.05.96 MAC support added: CodeWarrior already uses ``outline'' in Types.h - * which is included by MacHeaders (Axel Kielhorn). Renamed to - * xxdline(). - * 7.06.96 -i printed 'int' instead of 'char'. *blush* - * added Bram's OS2 ifdefs... - * 18.07.96 gcc -Wall @ SunOS4 is now slient. - * Added osver for MSDOS/DJGPP/WIN32. - * 29.08.96 Added size_t to strncmp() for Amiga. - * 24.03.97 Windows NT support (Phil Hanna). Clean exit for Amiga WB (Bram) - * 02.04.97 Added -E option, to have EBCDIC translation instead of ASCII - * (azc10@yahoo.com) - * 22.05.97 added -g (group octets) option (jcook@namerica.kla.com). - * 23.09.98 nasty -p -r misfeature fixed: slightly wrong output, when -c was - * missing or wrong. - * 26.09.98 Fixed: 'xxd -i infile outfile' did not truncate outfile. - * 27.10.98 Fixed: -g option parser required blank. - * option -b added: 01000101 binary output in normal format. - * 16.05.00 Added VAXC changes by Stephen P. Wall - * 16.05.00 Improved MMS file and merge for VMS by Zoltan Arpadffy - * 2011 March Better error handling by Florian Zumbiehl. - * 2011 April Formatting by Bram Moolenaar - * 08.06.2013 Little-endian hexdump (-e) and offset (-o) by Vadim Vygonets. - * - * (c) 1990-1998 by Juergen Weigert (jnweiger@informatik.uni-erlangen.de) - * - * I hereby grant permission to distribute and use xxd - * under X11-MIT or GPL-2.0 (at the user's choice). - * - * Small changes made afterwards by Bram Moolenaar et al. - * - * Distribute freely and credit me, - * make money and share with me, - * lose money and don't ask me. - */ - -/* Visual Studio 2005 has 'deprecated' many of the standard CRT functions */ -#if _MSC_VER >= 1400 -# define _CRT_SECURE_NO_DEPRECATE -# define _CRT_NONSTDC_NO_DEPRECATE -#endif -#if !defined(CYGWIN) && (defined(CYGWIN32) || defined(__CYGWIN__) || defined(__CYGWIN32__)) -# define CYGWIN -#endif - -#include -#ifdef VAXC -# include -#else -# include -#endif -#if defined(WIN32) || defined(__BORLANDC__) || defined(CYGWIN) -# include /* for setmode() */ -#else -# ifdef UNIX -# include -# endif -#endif -#include -#include /* for strncmp() */ -#include /* for isalnum() */ -#if __MWERKS__ && !defined(BEBOX) -# include /* for fdopen() on MAC */ -#endif - -#if defined(__BORLANDC__) && __BORLANDC__ <= 0x0410 && !defined(fileno) -/* Missing define and prototype grabbed from the BC 4.0 */ -# define fileno(f) ((f)->fd) -FILE _FAR *_Cdecl _FARFUNC fdopen(int __handle, char _FAR *__type); -#endif - - -/* This corrects the problem of missing prototypes for certain functions - * in some GNU installations (e.g. SunOS 4.1.x). - * Darren Hiebert (sparc-sun-sunos4.1.3_U1/2.7.2.2) - */ -#if defined(__GNUC__) && defined(__STDC__) -# ifndef __USE_FIXED_PROTOTYPES__ -# define __USE_FIXED_PROTOTYPES__ -# endif -#endif - -#ifndef __USE_FIXED_PROTOTYPES__ -/* - * This is historic and works only if the compiler really has no prototypes: - * - * Include prototypes for Sun OS 4.x, when using an ANSI compiler. - * FILE is defined on OS 4.x, not on 5.x (Solaris). - * if __SVR4 is defined (some Solaris versions), don't include this. - */ -#if defined(sun) && defined(FILE) && !defined(__SVR4) && defined(__STDC__) -# define __P(a) a -/* excerpt from my sun_stdlib.h */ -extern int fprintf __P((FILE *, char *, ...)); -extern int fputs __P((char *, FILE *)); -extern int _flsbuf __P((unsigned char, FILE *)); -extern int _filbuf __P((FILE *)); -extern int fflush __P((FILE *)); -extern int fclose __P((FILE *)); -extern int fseek __P((FILE *, long, int)); -extern int rewind __P((FILE *)); - -extern void perror __P((char *)); -# endif -#endif - -extern long int strtol(); -extern long int ftell(); - -char version[] = "xxd V1.10 27oct98 by Juergen Weigert"; -#ifdef WIN32 -char osver[] = " (Win32)"; -#else -char osver[] = ""; -#endif - -#if defined(WIN32) -# define BIN_READ(yes) ((yes) ? "rb" : "rt") -# define BIN_WRITE(yes) ((yes) ? "wb" : "wt") -# define BIN_CREAT(yes) ((yes) ? (O_CREAT|O_BINARY) : O_CREAT) -# define BIN_ASSIGN(fp, yes) setmode(fileno(fp), (yes) ? O_BINARY : O_TEXT) -# define PATH_SEP '\\' -#elif defined(CYGWIN) -# define BIN_READ(yes) ((yes) ? "rb" : "rt") -# define BIN_WRITE(yes) ((yes) ? "wb" : "w") -# define BIN_CREAT(yes) ((yes) ? (O_CREAT|O_BINARY) : O_CREAT) -# define BIN_ASSIGN(fp, yes) ((yes) ? (void) setmode(fileno(fp), O_BINARY) : (void) (fp)) -# define PATH_SEP '/' -#else -# ifdef VMS -# define BIN_READ(dummy) "r" -# define BIN_WRITE(dummy) "w" -# define BIN_CREAT(dummy) O_CREAT -# define BIN_ASSIGN(fp, dummy) fp -# define PATH_SEP ']' -# define FILE_SEP '.' -# else -# define BIN_READ(dummy) "r" -# define BIN_WRITE(dummy) "w" -# define BIN_CREAT(dummy) O_CREAT -# define BIN_ASSIGN(fp, dummy) fp -# define PATH_SEP '/' -# endif -#endif - -/* open has only to arguments on the Mac */ -#if __MWERKS__ -# define OPEN(name, mode, umask) open(name, mode) -#else -# define OPEN(name, mode, umask) open(name, mode, umask) -#endif - -#ifdef AMIGA -# define STRNCMP(s1, s2, l) strncmp(s1, s2, (size_t)l) -#else -# define STRNCMP(s1, s2, l) strncmp(s1, s2, l) -#endif - -#ifndef __P -# if defined(__STDC__) || defined(WIN32) || defined(__BORLANDC__) -# define __P(a) a -# else -# define __P(a) () -# endif -#endif - -/* Let's collect some prototypes */ -/* CodeWarrior is really picky about missing prototypes */ -static void exit_with_usage __P((void)); -static void die __P((int)); -static int huntype __P((FILE *, FILE *, FILE *, int, int, long)); -static void xxdline __P((FILE *, char *, int)); - -#define TRY_SEEK /* attempt to use lseek, or skip forward by reading */ -#define COLS 256 /* change here, if you ever need more columns */ -#define LLEN (12 + (9*COLS-1) + COLS + 2) - -char hexxa[] = "0123456789abcdef0123456789ABCDEF", *hexx = hexxa; - -/* the different hextypes known by this program: */ -#define HEX_NORMAL 0 -#define HEX_POSTSCRIPT 1 -#define HEX_CINCLUDE 2 -#define HEX_BITS 3 /* not hex a dump, but bits: 01111001 */ -#define HEX_LITTLEENDIAN 4 - -static char *pname; - - static void -exit_with_usage(void) -{ - fprintf(stderr, "Usage:\n %s [options] [infile [outfile]]\n", pname); - fprintf(stderr, " or\n %s -r [-s [-]offset] [-c cols] [-ps] [infile [outfile]]\n", pname); - fprintf(stderr, "Options:\n"); - fprintf(stderr, " -a toggle autoskip: A single '*' replaces nul-lines. Default off.\n"); - fprintf(stderr, " -b binary digit dump (incompatible with -ps,-i,-r). Default hex.\n"); - fprintf(stderr, " -c cols format octets per line. Default 16 (-i: 12, -ps: 30).\n"); - fprintf(stderr, " -E show characters in EBCDIC. Default ASCII.\n"); - fprintf(stderr, " -e little-endian dump (incompatible with -ps,-i,-r).\n"); - fprintf(stderr, " -g number of octets per group in normal output. Default 2 (-e: 4).\n"); - fprintf(stderr, " -h print this summary.\n"); - fprintf(stderr, " -i output in C include file style.\n"); - fprintf(stderr, " -l len stop after octets.\n"); - fprintf(stderr, " -o off add to the displayed file position.\n"); - fprintf(stderr, " -ps output in postscript plain hexdump style.\n"); - fprintf(stderr, " -r reverse operation: convert (or patch) hexdump into binary.\n"); - fprintf(stderr, " -r -s off revert with added to file positions found in hexdump.\n"); - fprintf(stderr, " -s %sseek start at bytes abs. %sinfile offset.\n", -#ifdef TRY_SEEK - "[+][-]", "(or +: rel.) "); -#else - "", ""); -#endif - fprintf(stderr, " -u use upper case hex letters.\n"); - fprintf(stderr, " -v show version: \"%s%s\".\n", version, osver); - exit(1); -} - - static void -die(int ret) -{ - fprintf(stderr, "%s: ", pname); - perror(NULL); - exit(ret); -} - -/* - * Max. cols binary characters are decoded from the input stream per line. - * Two adjacent garbage characters after evaluated data delimit valid data. - * Everything up to the next newline is discarded. - * - * The name is historic and came from 'undo type opt h'. - */ - static int -huntype( - FILE *fpi, - FILE *fpo, - FILE *fperr, - int cols, - int hextype, - long base_off) -{ - int c, ign_garb = 1, n1 = -1, n2 = 0, n3, p = cols; - long have_off = 0, want_off = 0; - - rewind(fpi); - - while ((c = getc(fpi)) != EOF) - { - if (c == '\r') /* Doze style input file? */ - continue; - - /* Allow multiple spaces. This doesn't work when there is normal text - * after the hex codes in the last line that looks like hex, thus only - * use it for PostScript format. */ - if (hextype == HEX_POSTSCRIPT && (c == ' ' || c == '\n' || c == '\t')) - continue; - - n3 = n2; - n2 = n1; - - if (c >= '0' && c <= '9') - n1 = c - '0'; - else if (c >= 'a' && c <= 'f') - n1 = c - 'a' + 10; - else if (c >= 'A' && c <= 'F') - n1 = c - 'A' + 10; - else - { - n1 = -1; - if (ign_garb) - continue; - } - - ign_garb = 0; - - if (p >= cols) - { - if (!hextype) - { - if (n1 < 0) - { - p = 0; - continue; - } - want_off = (want_off << 4) | n1; - continue; - } - else - p = 0; - } - - if (base_off + want_off != have_off) - { - if (fflush(fpo) != 0) - die(3); -#ifdef TRY_SEEK - c = fseek(fpo, base_off + want_off - have_off, 1); - if (c >= 0) - have_off = base_off + want_off; -#endif - if (base_off + want_off < have_off) - { - fprintf(fperr, "%s: sorry, cannot seek backwards.\n", pname); - return 5; - } - for (; have_off < base_off + want_off; have_off++) - if (putc(0, fpo) == EOF) - die(3); - } - - if (n2 >= 0 && n1 >= 0) - { - if (putc((n2 << 4) | n1, fpo) == EOF) - die(3); - have_off++; - want_off++; - n1 = -1; - if ((++p >= cols) && !hextype) - { - /* skip rest of line as garbage */ - want_off = 0; - while ((c = getc(fpi)) != '\n' && c != EOF) - ; - if (c == EOF && ferror(fpi)) - die(2); - ign_garb = 1; - } - } - else if (n1 < 0 && n2 < 0 && n3 < 0) - { - /* already stumbled into garbage, skip line, wait and see */ - if (!hextype) - want_off = 0; - while ((c = getc(fpi)) != '\n' && c != EOF) - ; - if (c == EOF && ferror(fpi)) - die(2); - ign_garb = 1; - } - } - if (fflush(fpo) != 0) - die(3); -#ifdef TRY_SEEK - fseek(fpo, 0L, 2); -#endif - if (fclose(fpo) != 0) - die(3); - if (fclose(fpi) != 0) - die(2); - return 0; -} - -/* - * Print line l. If nz is false, xxdline regards the line a line of - * zeroes. If there are three or more consecutive lines of zeroes, - * they are replaced by a single '*' character. - * - * If the output ends with more than two lines of zeroes, you - * should call xxdline again with l being the last line and nz - * negative. This ensures that the last line is shown even when - * it is all zeroes. - * - * If nz is always positive, lines are never suppressed. - */ - static void -xxdline(FILE *fp, char *l, int nz) -{ - static char z[LLEN+1]; - static int zero_seen = 0; - - if (!nz && zero_seen == 1) - strcpy(z, l); - - if (nz || !zero_seen++) - { - if (nz) - { - if (nz < 0) - zero_seen--; - if (zero_seen == 2) - if (fputs(z, fp) == EOF) - die(3); - if (zero_seen > 2) - if (fputs("*\n", fp) == EOF) - die(3); - } - if (nz >= 0 || zero_seen > 0) - if (fputs(l, fp) == EOF) - die(3); - if (nz) - zero_seen = 0; - } -} - -/* This is an EBCDIC to ASCII conversion table */ -/* from a proposed BTL standard April 16, 1979 */ -static unsigned char etoa64[] = -{ - 0040,0240,0241,0242,0243,0244,0245,0246, - 0247,0250,0325,0056,0074,0050,0053,0174, - 0046,0251,0252,0253,0254,0255,0256,0257, - 0260,0261,0041,0044,0052,0051,0073,0176, - 0055,0057,0262,0263,0264,0265,0266,0267, - 0270,0271,0313,0054,0045,0137,0076,0077, - 0272,0273,0274,0275,0276,0277,0300,0301, - 0302,0140,0072,0043,0100,0047,0075,0042, - 0303,0141,0142,0143,0144,0145,0146,0147, - 0150,0151,0304,0305,0306,0307,0310,0311, - 0312,0152,0153,0154,0155,0156,0157,0160, - 0161,0162,0136,0314,0315,0316,0317,0320, - 0321,0345,0163,0164,0165,0166,0167,0170, - 0171,0172,0322,0323,0324,0133,0326,0327, - 0330,0331,0332,0333,0334,0335,0336,0337, - 0340,0341,0342,0343,0344,0135,0346,0347, - 0173,0101,0102,0103,0104,0105,0106,0107, - 0110,0111,0350,0351,0352,0353,0354,0355, - 0175,0112,0113,0114,0115,0116,0117,0120, - 0121,0122,0356,0357,0360,0361,0362,0363, - 0134,0237,0123,0124,0125,0126,0127,0130, - 0131,0132,0364,0365,0366,0367,0370,0371, - 0060,0061,0062,0063,0064,0065,0066,0067, - 0070,0071,0372,0373,0374,0375,0376,0377 -}; - - int -main(int argc, char *argv[]) -{ - FILE *fp, *fpo; - int c, e, p = 0, relseek = 1, negseek = 0, revert = 0; - int cols = 0, nonzero = 0, autoskip = 0, hextype = HEX_NORMAL; - int ebcdic = 0; - int octspergrp = -1; /* number of octets grouped in output */ - int grplen; /* total chars per octet group */ - long length = -1, n = 0, seekoff = 0, displayoff = 0; - static char l[LLEN+1]; /* static because it may be too big for stack */ - char *pp; - -#ifdef AMIGA - /* This program doesn't work when started from the Workbench */ - if (argc == 0) - exit(1); -#endif - - pname = argv[0]; - for (pp = pname; *pp; ) - if (*pp++ == PATH_SEP) - pname = pp; -#ifdef FILE_SEP - for (pp = pname; *pp; pp++) - if (*pp == FILE_SEP) - { - *pp = '\0'; - break; - } -#endif - - while (argc >= 2) - { - pp = argv[1] + (!STRNCMP(argv[1], "--", 2) && argv[1][2]); - if (!STRNCMP(pp, "-a", 2)) autoskip = 1 - autoskip; - else if (!STRNCMP(pp, "-b", 2)) hextype = HEX_BITS; - else if (!STRNCMP(pp, "-e", 2)) hextype = HEX_LITTLEENDIAN; - else if (!STRNCMP(pp, "-u", 2)) hexx = hexxa + 16; - else if (!STRNCMP(pp, "-p", 2)) hextype = HEX_POSTSCRIPT; - else if (!STRNCMP(pp, "-i", 2)) hextype = HEX_CINCLUDE; - else if (!STRNCMP(pp, "-r", 2)) revert++; - else if (!STRNCMP(pp, "-E", 2)) ebcdic++; - else if (!STRNCMP(pp, "-v", 2)) - { - fprintf(stderr, "%s%s\n", version, osver); - exit(0); - } - else if (!STRNCMP(pp, "-c", 2)) - { - if (pp[2] && STRNCMP("ols", pp + 2, 3)) - cols = (int)strtol(pp + 2, NULL, 0); - else - { - if (!argv[2]) - exit_with_usage(); - cols = (int)strtol(argv[2], NULL, 0); - argv++; - argc--; - } - } - else if (!STRNCMP(pp, "-g", 2)) - { - if (pp[2] && STRNCMP("group", pp + 2, 5)) - octspergrp = (int)strtol(pp + 2, NULL, 0); - else - { - if (!argv[2]) - exit_with_usage(); - octspergrp = (int)strtol(argv[2], NULL, 0); - argv++; - argc--; - } - } - else if (!STRNCMP(pp, "-o", 2)) - { - if (pp[2] && STRNCMP("ffset", pp + 2, 5)) - displayoff = (int)strtol(pp + 2, NULL, 0); - else - { - if (!argv[2]) - exit_with_usage(); - displayoff = (int)strtol(argv[2], NULL, 0); - argv++; - argc--; - } - } - else if (!STRNCMP(pp, "-s", 2)) - { - relseek = 0; - negseek = 0; - if (pp[2] && STRNCMP("kip", pp+2, 3) && STRNCMP("eek", pp+2, 3)) - { -#ifdef TRY_SEEK - if (pp[2] == '+') - relseek++; - if (pp[2+relseek] == '-') - negseek++; -#endif - seekoff = strtol(pp + 2+relseek+negseek, (char **)NULL, 0); - } - else - { - if (!argv[2]) - exit_with_usage(); -#ifdef TRY_SEEK - if (argv[2][0] == '+') - relseek++; - if (argv[2][relseek] == '-') - negseek++; -#endif - seekoff = strtol(argv[2] + relseek+negseek, (char **)NULL, 0); - argv++; - argc--; - } - } - else if (!STRNCMP(pp, "-l", 2)) - { - if (pp[2] && STRNCMP("en", pp + 2, 2)) - length = strtol(pp + 2, (char **)NULL, 0); - else - { - if (!argv[2]) - exit_with_usage(); - length = strtol(argv[2], (char **)NULL, 0); - argv++; - argc--; - } - } - else if (!strcmp(pp, "--")) /* end of options */ - { - argv++; - argc--; - break; - } - else if (pp[0] == '-' && pp[1]) /* unknown option */ - exit_with_usage(); - else - break; /* not an option */ - - argv++; /* advance to next argument */ - argc--; - } - - if (!cols) - switch (hextype) - { - case HEX_POSTSCRIPT: cols = 30; break; - case HEX_CINCLUDE: cols = 12; break; - case HEX_BITS: cols = 6; break; - case HEX_NORMAL: - case HEX_LITTLEENDIAN: - default: cols = 16; break; - } - - if (octspergrp < 0) - switch (hextype) - { - case HEX_BITS: octspergrp = 1; break; - case HEX_NORMAL: octspergrp = 2; break; - case HEX_LITTLEENDIAN: octspergrp = 4; break; - case HEX_POSTSCRIPT: - case HEX_CINCLUDE: - default: octspergrp = 0; break; - } - - if (cols < 1 || ((hextype == HEX_NORMAL || hextype == HEX_BITS || hextype == HEX_LITTLEENDIAN) - && (cols > COLS))) - { - fprintf(stderr, "%s: invalid number of columns (max. %d).\n", pname, COLS); - exit(1); - } - - if (octspergrp < 1 || octspergrp > cols) - octspergrp = cols; - else if (hextype == HEX_LITTLEENDIAN && (octspergrp & (octspergrp-1))) - { - fprintf(stderr, - "%s: number of octets per group must be a power of 2 with -e.\n", - pname); - exit(1); - } - - if (argc > 3) - exit_with_usage(); - - if (argc == 1 || (argv[1][0] == '-' && !argv[1][1])) - BIN_ASSIGN(fp = stdin, !revert); - else - { - if ((fp = fopen(argv[1], BIN_READ(!revert))) == NULL) - { - fprintf(stderr,"%s: ", pname); - perror(argv[1]); - return 2; - } - } - - if (argc < 3 || (argv[2][0] == '-' && !argv[2][1])) - BIN_ASSIGN(fpo = stdout, revert); - else - { - int fd; - int mode = revert ? O_WRONLY : (O_TRUNC|O_WRONLY); - - if (((fd = OPEN(argv[2], mode | BIN_CREAT(revert), 0666)) < 0) || - (fpo = fdopen(fd, BIN_WRITE(revert))) == NULL) - { - fprintf(stderr, "%s: ", pname); - perror(argv[2]); - return 3; - } - rewind(fpo); - } - - if (revert) - { - if (hextype && (hextype != HEX_POSTSCRIPT)) - { - fprintf(stderr, "%s: sorry, cannot revert this type of hexdump\n", pname); - return -1; - } - return huntype(fp, fpo, stderr, cols, hextype, - negseek ? -seekoff : seekoff); - } - - if (seekoff || negseek || !relseek) - { -#ifdef TRY_SEEK - if (relseek) - e = fseek(fp, negseek ? -seekoff : seekoff, 1); - else - e = fseek(fp, negseek ? -seekoff : seekoff, negseek ? 2 : 0); - if (e < 0 && negseek) - { - fprintf(stderr, "%s: sorry cannot seek.\n", pname); - return 4; - } - if (e >= 0) - seekoff = ftell(fp); - else -#endif - { - long s = seekoff; - - while (s--) - if (getc(fp) == EOF) - { - if (ferror(fp)) - { - die(2); - } - else - { - fprintf(stderr, "%s: sorry cannot seek.\n", pname); - return 4; - } - } - } - } - - if (hextype == HEX_CINCLUDE) - { - if (fp != stdin) - { - if (fprintf(fpo, "unsigned char %s", isdigit((int)argv[1][0]) ? "__" : "") < 0) - die(3); - for (e = 0; (c = argv[1][e]) != 0; e++) - if (putc(isalnum(c) ? c : '_', fpo) == EOF) - die(3); - if (fputs("[] = {\n", fpo) == EOF) - die(3); - } - - p = 0; - c = 0; - while ((length < 0 || p < length) && (c = getc(fp)) != EOF) - { - if (fprintf(fpo, (hexx == hexxa) ? "%s0x%02x" : "%s0X%02X", - (p % cols) ? ", " : &",\n "[2*!p], c) < 0) - die(3); - p++; - } - if (c == EOF && ferror(fp)) - die(2); - - if (p && fputs("\n", fpo) == EOF) - die(3); - if (fputs(&"};\n"[3 * (fp == stdin)], fpo) == EOF) - die(3); - - if (fp != stdin) - { - if (fprintf(fpo, "unsigned int %s", isdigit((int)argv[1][0]) ? "__" : "") < 0) - die(3); - for (e = 0; (c = argv[1][e]) != 0; e++) - if (putc(isalnum(c) ? c : '_', fpo) == EOF) - die(3); - if (fprintf(fpo, "_len = %d;\n", p) < 0) - die(3); - } - - if (fclose(fp)) - die(2); - if (fclose(fpo)) - die(3); - return 0; - } - - if (hextype == HEX_POSTSCRIPT) - { - p = cols; - e = 0; - while ((length < 0 || n < length) && (e = getc(fp)) != EOF) - { - if (putc(hexx[(e >> 4) & 0xf], fpo) == EOF - || putc(hexx[e & 0xf], fpo) == EOF) - die(3); - n++; - if (!--p) - { - if (putc('\n', fpo) == EOF) - die(3); - p = cols; - } - } - if (e == EOF && ferror(fp)) - die(2); - if (p < cols) - if (putc('\n', fpo) == EOF) - die(3); - if (fclose(fp)) - die(2); - if (fclose(fpo)) - die(3); - return 0; - } - - /* hextype: HEX_NORMAL or HEX_BITS or HEX_LITTLEENDIAN */ - - if (hextype != HEX_BITS) - grplen = octspergrp + octspergrp + 1; /* chars per octet group */ - else /* hextype == HEX_BITS */ - grplen = 8 * octspergrp + 1; - - e = 0; - while ((length < 0 || n < length) && (e = getc(fp)) != EOF) - { - if (p == 0) - { - sprintf(l, "%08lx:", - ((unsigned long)(n + seekoff + displayoff)) & 0xffffffff); - for (c = 9; c < LLEN; l[c++] = ' '); - } - if (hextype == HEX_NORMAL) - { - l[c = (10 + (grplen * p) / octspergrp)] = hexx[(e >> 4) & 0xf]; - l[++c] = hexx[ e & 0xf]; - } - else if (hextype == HEX_LITTLEENDIAN) - { - int x = p ^ (octspergrp-1); - l[c = (10 + (grplen * x) / octspergrp)] = hexx[(e >> 4) & 0xf]; - l[++c] = hexx[ e & 0xf]; - } - else /* hextype == HEX_BITS */ - { - int i; - - c = (10 + (grplen * p) / octspergrp) - 1; - for (i = 7; i >= 0; i--) - l[++c] = (e & (1 << i)) ? '1' : '0'; - } - if (ebcdic) - e = (e < 64) ? '.' : etoa64[e-64]; - /* When changing this update definition of LLEN above. */ - l[12 + (grplen * cols - 1)/octspergrp + p] = -#ifdef __MVS__ - (e >= 64) -#else - (e > 31 && e < 127) -#endif - ? e : '.'; - if (e) - nonzero++; - n++; - if (++p == cols) - { - l[c = (12 + (grplen * cols - 1)/octspergrp + p)] = '\n'; l[++c] = '\0'; - xxdline(fpo, l, autoskip ? nonzero : 1); - nonzero = 0; - p = 0; - } - } - if (e == EOF && ferror(fp)) - die(2); - if (p) - { - l[c = (12 + (grplen * cols - 1)/octspergrp + p)] = '\n'; l[++c] = '\0'; - xxdline(fpo, l, 1); - } - else if (autoskip) - xxdline(fpo, l, -1); /* last chance to flush out suppressed lines */ - - if (fclose(fp)) - die(2); - if (fclose(fpo)) - die(3); - return 0; -} - -/* vi:set ts=8 sw=4 sts=2 cino+={2 cino+=n-2 : */ diff --git a/projects/django/project.yaml b/projects/django/project.yaml index 7a0eecbc78d9..71a9d58a32ef 100644 --- a/projects/django/project.yaml +++ b/projects/django/project.yaml @@ -1,6 +1,5 @@ auto_ccs: - jammamarkus@gmail.com -- guidovranken@gmail.com - info+django+security@markusholtermann.eu fuzzing_engines: - libfuzzer diff --git a/projects/lame/project.yaml b/projects/lame/project.yaml index 3ebbafc9f3b4..dcde202b9978 100644 --- a/projects/lame/project.yaml +++ b/projects/lame/project.yaml @@ -1,9 +1,7 @@ homepage: "https://sourceforge.net/projects/lame/" main_repo: "https://svn.code.sf.net/p/lame/svn/trunk/lame" language: c++ -primary_contact: "guidovranken@gmail.com" -auto_ccs: - - "bouvigne@gmail.com" +primary_contact: "bouvigne@gmail.com" sanitizers: - address # Disabled MSAN because of https://github.com/google/oss-fuzz/issues/6294 diff --git a/projects/libecc/Dockerfile b/projects/libecc/Dockerfile deleted file mode 100644 index b7d1919aacfd..000000000000 --- a/projects/libecc/Dockerfile +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright 2021 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -FROM gcr.io/oss-fuzz-base/base-builder@sha256:19782f7fe8092843368894dbc471ce9b30dd6a2813946071a36e8b05f5b1e27e -# ! Project pinned after a clang update and an afl link error. Log: https://oss-fuzz-gcb-logs.storage.googleapis.com/log-bca72181-cfb2-4b2f-98f1-c2addee0aa4b.txt -RUN apt-get update && apt-get install -y make autoconf automake libtool wget python bison flex texinfo lzip bsdmainutils -RUN git clone --depth 1 --branch cryptofuzz https://github.com/libecc/libecc.git -RUN git clone --depth 1 https://github.com/randombit/botan.git -RUN git clone https://github.com/wolfssl/wolfssl -RUN git clone --depth 1 https://github.com/wolfssl/wolfsm -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz -RUN wget -q https://ftp.gnu.org/gnu/gmp/gmp-6.2.1.tar.lz -RUN test "$(sha256sum gmp-6.2.1.tar.lz)" = "2c7f4f0d370801b2849c48c9ef3f59553b5f1d3791d070cffb04599f9fc67b41 gmp-6.2.1.tar.lz" -RUN wget -q https://archives.boost.io/release/1.84.0/source/boost_1_84_0.tar.bz2 -COPY build.sh $SRC/ diff --git a/projects/libecc/build.sh b/projects/libecc/build.sh deleted file mode 100755 index b7b64c67c9d9..000000000000 --- a/projects/libecc/build.sh +++ /dev/null @@ -1,123 +0,0 @@ -#!/bin/bash -eu -# Copyright 2021 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL" -export LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" - -# Install Boost headers -cd $SRC/ -tar jxf boost_1_84_0.tar.bz2 -cd boost_1_84_0/ -CFLAGS="" CXXFLAGS="" ./bootstrap.sh -CFLAGS="" CXXFLAGS="" ./b2 headers -cp -R boost/ /usr/include/ - -# Build libecc -cd $SRC/libecc -python3 scripts/expand_libecc.py --name="secp112r2" --prime=0xdb7c2abf62e35e668076bead208b --order=0x36df0aafd8b8d7597ca10520d04b --a=0x6127c24c05f38a0aaaf65c0ef02c --b=0x51def1815db5ed74fcc34c85d709 --gx=0x4ba30ab5e892b4e1649dd0928643 --gy=0xadcd46f5882e3747def36e956e97 --cofactor=4 -python3 scripts/expand_libecc.py --name="secp128r2" --prime=0xfffffffdffffffffffffffffffffffff --order=0x3fffffff7fffffffbe0024720613b5a3 --a=0xd6031998d1b3bbfebf59cc9bbff9aee1 --b=0x5eeefca380d02919dc2c6558bb6d8a5d --gx=0x7b6aa5d85e572983e6fb32a7cdebc140 --gy=0x27b6916a894d3aee7106fe805fc34b44 --cofactor=4 -export CFLAGS="$CFLAGS -DUSE_CRYPTOFUZZ" -make -j$(nproc) build/libsign.a -export LIBECC_PATH=$(realpath .) -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_LIBECC" - -# Build Botan -cd $SRC/botan -if [[ $CFLAGS != *-m32* ]] -then - if [[ $CFLAGS != *sanitize=memory* ]] - then - ./configure.py --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator,x509 --build-targets=static --without-documentation - else - ./configure.py --disable-asm --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator,x509 --build-targets=static --without-documentation - fi -else - ./configure.py --cpu=x86_32 --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator,x509 --build-targets=static --without-documentation -fi -make -j$(nproc) - -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BOTAN -DCRYPTOFUZZ_BOTAN_IS_ORACLE" -export LIBBOTAN_A_PATH="$SRC/botan/libbotan-3.a" -export BOTAN_INCLUDE_PATH="$SRC/botan/build/include" - -# Compile libgmp -cd $SRC/ -tar --lzip -xvf gmp-6.2.1.tar.lz -cd $SRC/gmp-6.2.1/ -autoreconf -ivf -if [[ $CFLAGS = *-m32* ]] -then - setarch i386 ./configure --enable-maintainer-mode --enable-assert -elif [[ $CFLAGS = *sanitize=memory* ]] -then - ./configure --enable-maintainer-mode --enable-assert --disable-assembly -else - ./configure --enable-maintainer-mode --enable-assert -fi -make -j$(nproc) -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_LIBGMP" -export LIBGMP_INCLUDE_PATH=$(realpath .) -export LIBGMP_A_PATH=$(realpath .libs/libgmp.a) - -cd $SRC/wolfssl/ -# Checkout at commit that's known to be bug-free -git checkout b7b20ededda4cea208fb7745629904fda64c7524 - -# Install support for wolfCrypt SM algorithms -cd $SRC/wolfsm/ -./install.sh - -# Compile wolfSSL -cd $SRC/wolfssl/ -# Note (to self): -# Compiling wolfCrypt with SP math instead of normal math due to symbol collisions (specifically fp_* functions) between libecc and wolfCrypt otherwise. -export CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP -DWOLFSSL_SP_INT_NEGATIVE" -autoreconf -ivf -export WOLFCRYPT_CONFIGURE_PARAMS="--enable-static --enable-md2 --enable-md4 --enable-ripemd --enable-blake2 --enable-blake2s --enable-pwdbased --enable-scrypt --enable-hkdf --enable-cmac --enable-arc4 --enable-camellia --enable-aesccm --enable-aesctr --enable-xts --enable-des3 --enable-x963kdf --enable-harden --enable-aescfb --enable-aesofb --enable-aeskeywrap --enable-aessiv --enable-keygen --enable-curve25519 --enable-curve448 --enable-shake256 --disable-crypttests --disable-examples --enable-compkey --enable-ed448 --enable-ed25519 --enable-ecccustcurves --enable-xchacha --enable-cryptocb --enable-eccencrypt --enable-smallstack --enable-ed25519-stream --enable-ed448-stream --enable-sp-math-all --enable-aesgcm-stream --enable-shake128 --enable-siphash --enable-sm2 --enable-sm3" -if [[ $CFLAGS = *sanitize=memory* ]] -then - export WOLFCRYPT_CONFIGURE_PARAMS="$WOLFCRYPT_CONFIGURE_PARAMS -disable-asm" -fi -./configure $WOLFCRYPT_CONFIGURE_PARAMS -make -j$(nproc) -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_WOLFCRYPT" -export WOLFCRYPT_LIBWOLFSSL_A_PATH=`realpath src/.libs/libwolfssl.a` -export WOLFCRYPT_INCLUDE_PATH=`realpath .` - -# Build Cryptofuzz -cd $SRC/cryptofuzz -python gen_repository.py -rm extra_options.h -echo -n '"' >>extra_options.h -echo -n '--force-module=libecc ' >>extra_options.h -echo -n '--operations=Digest,HMAC,ECC_PrivateToPublic,ECC_ValidatePubkey,ECDSA_Sign,ECDSA_Verify,ECGDSA_Sign,ECGDSA_Verify,ECRDSA_Sign,ECRDSA_Verify,ECDH_Derive,ECC_Point_Add,ECC_Point_Mul,ECC_Point_Dbl,ECC_Point_Neg,BignumCalc ' >>extra_options.h -echo -n '--curves=brainpool192r1,brainpool192t1,brainpool224r1,brainpool224t1,brainpool256r1,brainpool256t1,brainpool320r1,brainpool320t1,brainpool384r1,brainpool384t1,brainpool512r1,brainpool512t1,secp112r2,secp128r2,secp192r1,secp192k1,secp224r1,secp224k1,secp256r1,secp256k1,secp384r1,secp521r1,frp256v1,secp256k1,sm2p256v1,gost_256A,gost_512A,gostr3410_2001_cryptopro_a,gostr3410_2001_cryptopro_b,gostr3410_2001_cryptopro_c,gostr3410_2001_cryptopro_xcha,gostr3410_2001_cryptopro_xchb,gostr3410_2001_test,tc26_gost_3410_12_256_a,tc26_gost_3410_12_256_b,tc26_gost_3410_12_256_c,tc26_gost_3410_12_256_d,tc26_gost_3410_12_512_a,tc26_gost_3410_12_512_b,tc26_gost_3410_12_512_c,tc26_gost_3410_12_512_test ' >>extra_options.h -echo -n '--digests=NULL,SHA224,SHA256,SHA3-224,SHA3-256,SHA3-384,SHA3-512,SHA384,SHA512,SHA512-224,SHA512-256,SM3,SHAKE256_114,STREEBOG-256,STREEBOG-512,RIPEMD160,BASH224,BASH256,BASH384,BASH512 ' >>extra_options.h -echo -n '--calcops=Add,AddMod,And,Bit,Cmp,CondAdd,CondSub,Div,ExpMod,ExtGCD_X,ExtGCD_Y,GCD,InvMod,IsOdd,IsOne,IsZero,LRot,LShift1,Mod,Mul,MulMod,NegMod,NumBits,One,Or,RRot,RShift,RandMod,Sqr,Sub,SubMod,Xor,Zero ' >>extra_options.h -echo -n '"' >>extra_options.h -cd modules/libecc/ -make -B -j$(nproc) -cd ../botan/ -make -B -j$(nproc) -cd ../libgmp/ -make -B -j$(nproc) -cd ../wolfcrypt/ -make -B -j$(nproc) -cd ../../ -make -B -j$(nproc) - -cp cryptofuzz $OUT/cryptofuzz-libecc diff --git a/projects/libecc/project.yaml b/projects/libecc/project.yaml deleted file mode 100644 index 6e295ed5ee2c..000000000000 --- a/projects/libecc/project.yaml +++ /dev/null @@ -1,13 +0,0 @@ -homepage: "https://github.com/ANSSI-FR/libecc" -language: c++ -primary_contact: "guidovranken@gmail.com" -main_repo: "https://github.com/ANSSI-FR/libecc.git" -auto_ccs: - - "dev.libecc@gmail.com" -sanitizers: - - address - - undefined - - memory -architectures: - - x86_64 - - i386 diff --git a/projects/libressl/Dockerfile b/projects/libressl/Dockerfile index a130572c08b9..e74896c1c80c 100644 --- a/projects/libressl/Dockerfile +++ b/projects/libressl/Dockerfile @@ -20,12 +20,6 @@ FROM gcr.io/oss-fuzz-base/base-builder@sha256:19782f7fe8092843368894dbc471ce9b30 RUN apt-get update && apt-get install -y make cmake wget autoconf automake libtool bison flex texinfo lzip RUN git clone --depth 1 https://github.com/libressl/portable.git libressl RUN git clone --depth 1 https://github.com/libressl/fuzz.git libressl.fuzzers -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz-corpora -RUN wget https://archives.boost.io/release/1.84.0/source/boost_1_84_0.tar.bz2 -RUN git clone --depth 1 https://github.com/randombit/botan.git -RUN wget https://ftp.gnu.org/gnu/gmp/gmp-6.2.1.tar.lz -RUN test "$(sha256sum gmp-6.2.1.tar.lz)" = "2c7f4f0d370801b2849c48c9ef3f59553b5f1d3791d070cffb04599f9fc67b41 gmp-6.2.1.tar.lz" WORKDIR libressl RUN ./update.sh COPY build.sh *.options $SRC/ diff --git a/projects/libressl/build.sh b/projects/libressl/build.sh index a0e206c31f09..d1f5e89e0dd6 100755 --- a/projects/libressl/build.sh +++ b/projects/libressl/build.sh @@ -16,14 +16,6 @@ # ################################################################################ -# Install Boost headers -cd $SRC/ -tar jxf boost_1_84_0.tar.bz2 -cd boost_1_84_0/ -CFLAGS="" CXXFLAGS="" ./bootstrap.sh -CFLAGS="" CXXFLAGS="" ./b2 headers -cp -R boost/ /usr/include/ - mkdir -p $WORK/libressl cd $WORK/libressl @@ -67,68 +59,3 @@ done cp $SRC/*.options $OUT/ cp $LIBRESSL_FUZZERS/oids.txt $OUT/asn1.dict cp $LIBRESSL_FUZZERS/oids.txt $OUT/x509.dict - -# Cryptofuzz -cd $SRC/cryptofuzz/ -sed -i 's/kNegativeIntegers = false/kNegativeIntegers = true/g' config.h -if [[ $CFLAGS = *sanitize=memory* ]] -then - export CXXFLAGS="$CXXFLAGS -DMSAN" -fi - -# Build Botan -cd $SRC/botan -if [[ $CFLAGS != *-m32* ]] -then - ./configure.py --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator,x509 --build-targets=static --without-documentation -else - ./configure.py --cpu=x86_32 --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator,x509 --build-targets=static --without-documentation -fi -make -j$(nproc) - -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BOTAN -DCRYPTOFUZZ_BOTAN_IS_ORACLE" -export LIBBOTAN_A_PATH="$SRC/botan/libbotan-3.a" -export BOTAN_INCLUDE_PATH="$SRC/botan/build/include" - -# Compile libgmp -cd $SRC/ -tar --lzip -xvf gmp-6.2.1.tar.lz -cd $SRC/gmp-6.2.1/ -autoreconf -ivf -if [[ $CFLAGS = *-m32* ]] -then - setarch i386 ./configure --enable-maintainer-mode --enable-assert -elif [[ $CFLAGS = *sanitize=memory* ]] -then - ./configure --enable-maintainer-mode --enable-assert --disable-assembly -else - ./configure --enable-maintainer-mode --enable-assert -fi -make -j$(nproc) -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_LIBGMP" -export LIBGMP_INCLUDE_PATH=$(realpath .) -export LIBGMP_A_PATH=$(realpath .libs/libgmp.a) - -cd $SRC/cryptofuzz/ -# Generate lookup tables -python3 gen_repository.py -# Compile Cryptofuzz LibreSSL module -cd $SRC/cryptofuzz/modules/openssl -OPENSSL_INCLUDE_PATH="$SRC/libressl/include" OPENSSL_LIBCRYPTO_A_PATH="$WORK/libressl/crypto/libcrypto.a" CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_LIBRESSL" make -# Compile Cryptofuzz libgmp module -cd ../libgmp/ -make -B -j$(nproc) -# Compile Cryptofuzz Botan module -cd ../botan/ -make -B -f Makefile-oracle -j$(nproc) -# Compile Cryptofuzz -cd $SRC/cryptofuzz/ -LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_LIBRESSL -I $SRC/libressl/include" make -j$(nproc) -# Generate dictionary -./generate_dict -# Copy fuzzer -cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz -# Copy dictionary -cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz.dict -# Copy seed corpus -cp $SRC/cryptofuzz-corpora/libressl_latest.zip $OUT/cryptofuzz_seed_corpus.zip diff --git a/projects/libressl/project.yaml b/projects/libressl/project.yaml index 49eee7cb7ce5..2780c013d83b 100644 --- a/projects/libressl/project.yaml +++ b/projects/libressl/project.yaml @@ -8,7 +8,6 @@ auto_ccs: - "kinichiro.inoguchi@gmail.com" - "ted.unangst@gmail.com" - "miwaxe@gmail.com" - - "guidovranken@gmail.com" sanitizers: - address - undefined diff --git a/projects/libsrtp/project.yaml b/projects/libsrtp/project.yaml index 982ca1e42f04..5e8623ba5379 100644 --- a/projects/libsrtp/project.yaml +++ b/projects/libsrtp/project.yaml @@ -1,8 +1,6 @@ homepage: "https://github.com/cisco/libsrtp" language: c++ primary_contact: "richbarn@cisco.com" -auto_ccs: - - "guidovranken@gmail.com" sanitizers: - address - memory diff --git a/projects/libtheora/project.yaml b/projects/libtheora/project.yaml index 330ed43d0f05..5b273307f732 100644 --- a/projects/libtheora/project.yaml +++ b/projects/libtheora/project.yaml @@ -1,9 +1,7 @@ homepage: "https://www.theora.org/" language: c++ -primary_contact: "guidovranken@gmail.com" +primary_contact: "le.businessman@gmail.com" main_repo: "https://git.xiph.org/theora.git" -auto_ccs: - - "le.businessman@gmail.com" vendor_ccs: - "daede003@umn.edu" - "twsmith@mozilla.com" diff --git a/projects/nettle/Dockerfile b/projects/nettle/Dockerfile deleted file mode 100644 index 389cef37cbb4..000000000000 --- a/projects/nettle/Dockerfile +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright 2020 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -FROM gcr.io/oss-fuzz-base/base-builder@sha256:19782f7fe8092843368894dbc471ce9b30dd6a2813946071a36e8b05f5b1e27e -# ! Project pinned after a clang update and an afl link error. Log: https://oss-fuzz-gcb-logs.storage.googleapis.com/log-e701b6fa-f3a0-414e-ad6e-0223e6d42ebd.txt -RUN apt-get update && apt-get install -y software-properties-common make autoconf build-essential wget lzip libtool python -RUN git clone --depth 1 https://git.lysator.liu.se/nettle/nettle -RUN git clone --depth 1 https://github.com/randombit/botan.git -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz-corpora -RUN wget https://archives.boost.io/release/1.84.0/source/boost_1_84_0.tar.bz2 -RUN wget https://ftp.gnu.org/gnu/gmp/gmp-6.2.1.tar.lz -RUN test "$(sha256sum gmp-6.2.1.tar.lz)" = "2c7f4f0d370801b2849c48c9ef3f59553b5f1d3791d070cffb04599f9fc67b41 gmp-6.2.1.tar.lz" -COPY build.sh $SRC/ diff --git a/projects/nettle/build.sh b/projects/nettle/build.sh deleted file mode 100755 index 466f6dbda101..000000000000 --- a/projects/nettle/build.sh +++ /dev/null @@ -1,150 +0,0 @@ -#!/bin/bash -eu -# Copyright 2020 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -export LINK_FLAGS="" - -# Not using OpenSSL - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL" - -# Install Boost headers - cd $SRC/ - tar jxf boost_1_84_0.tar.bz2 - cd boost_1_84_0/ - CFLAGS="" CXXFLAGS="" ./bootstrap.sh - CFLAGS="" CXXFLAGS="" ./b2 headers - cp -R boost/ /usr/include/ - - -# Generate lookup tables. This only needs to be done once. - cd $SRC/cryptofuzz - python gen_repository.py - -if [[ $CFLAGS != *sanitize=memory* ]] -then - # Compile libgmp - cd $SRC/ - lzip -d gmp-6.2.1.tar.lz - tar xf gmp-6.2.1.tar - - cd gmp-6.2.1/ - autoreconf -ivf - if [[ $CFLAGS != *-m32* ]] - then - ./configure --enable-maintainer-mode - else - setarch i386 ./configure --enable-maintainer-mode - fi - make -j$(nproc) - make install - - # Compile Nettle (with libgmp) - mkdir $SRC/nettle-with-libgmp-install/ - cp -R $SRC/nettle $SRC/nettle-with-libgmp/ - cd $SRC/nettle-with-libgmp/ - bash .bootstrap - export NETTLE_LIBDIR=`realpath ../nettle-with-libgmp-install`/lib - if [[ $CFLAGS != *sanitize=memory* ]] - then - ./configure --disable-documentation --disable-openssl --prefix=`realpath ../nettle-with-libgmp-install` --libdir="$NETTLE_LIBDIR" - else - ./configure --disable-documentation --disable-openssl --disable-assembler --prefix=`realpath ../nettle-with-libgmp-install` --libdir="$NETTLE_LIBDIR" - fi - make -j$(nproc) - make install - - export LIBNETTLE_A_PATH=$NETTLE_LIBDIR/libnettle.a - export LIBHOGWEED_A_PATH=$NETTLE_LIBDIR/libhogweed.a - export NETTLE_INCLUDE_PATH=`realpath ../nettle-with-libgmp-install/include` - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NETTLE" - export LINK_FLAGS="$LINK_FLAGS /usr/local/lib/libgmp.a" - - # Compile Cryptofuzz Nettle module - cd $SRC/cryptofuzz/modules/nettle - make -f Makefile-hogweed -B - - ############################################################################## - # Compile Botan - cd $SRC/botan - if [[ $CFLAGS != *-m32* ]] - then - ./configure.py --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation - else - ./configure.py --cpu=x86_32 --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation - fi - make -j$(nproc) - - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BOTAN" - export LIBBOTAN_A_PATH="$SRC/botan/libbotan-3.a" - export BOTAN_INCLUDE_PATH="$SRC/botan/build/include" - - # Compile Cryptofuzz Botan module - cd $SRC/cryptofuzz/modules/botan - make -B - - # Compile Cryptofuzz - cd $SRC/cryptofuzz - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make -B -j$(nproc) >/dev/null - - # Generate dictionary - ./generate_dict - - # Copy fuzzer - cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz-nettle-with-libgmp - # Copy dictionary - cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz-nettle-with-libgmp.dict - # Copy seed corpus - cp $SRC/cryptofuzz-corpora/libressl_latest.zip $OUT/cryptofuzz-nettle-with-libgmp_seed_corpus.zip -fi - -# Compile Nettle (with mini gmp) - mkdir $SRC/nettle-with-mini-gmp-install/ - cp -R $SRC/nettle $SRC/nettle-with-mini-gmp/ - cd $SRC/nettle-with-mini-gmp/ - bash .bootstrap - export NETTLE_LIBDIR=`realpath ../nettle-with-mini-gmp-install`/lib - if [[ $CFLAGS != *sanitize=memory* ]] - then - ./configure --enable-mini-gmp --disable-documentation --disable-openssl --prefix=`realpath ../nettle-with-mini-gmp-install` --libdir="$NETTLE_LIBDIR" - else - ./configure --enable-mini-gmp --disable-documentation --disable-openssl --disable-assembler --prefix=`realpath ../nettle-with-mini-gmp-install` --libdir="$NETTLE_LIBDIR" - fi - make -j$(nproc) - make install - - export LIBNETTLE_A_PATH=$NETTLE_LIBDIR/libnettle.a - export LIBHOGWEED_A_PATH=$NETTLE_LIBDIR/libhogweed.a - export NETTLE_INCLUDE_PATH=`realpath ../nettle-with-mini-gmp-install/include` - export LINK_FLAGS="" - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NETTLE" - - # Compile Cryptofuzz Nettle module - cd $SRC/cryptofuzz/modules/nettle - make -f Makefile-hogweed -B - -# Compile Cryptofuzz - cd $SRC/cryptofuzz - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make -B -j$(nproc) >/dev/null - - # Generate dictionary - ./generate_dict - - # Copy fuzzer - cp $SRC/cryptofuzz/cryptofuzz $OUT/cryptofuzz-nettle-with-mini-gmp - # Copy dictionary - cp $SRC/cryptofuzz/cryptofuzz-dict.txt $OUT/cryptofuzz-nettle-with-mini-gmp.dict - # Copy seed corpus - cp $SRC/cryptofuzz-corpora/libressl_latest.zip $OUT/cryptofuzz-nettle-with-mini-gmp_seed_corpus.zip diff --git a/projects/nettle/project.yaml b/projects/nettle/project.yaml deleted file mode 100644 index a2ba3c4ddce6..000000000000 --- a/projects/nettle/project.yaml +++ /dev/null @@ -1,19 +0,0 @@ -homepage: "https://www.lysator.liu.se/~nisse/nettle/" -language: c++ -primary_contact: guidovranken@gmail.com -auto_ccs: - - "nisse@lysator.liu.se" -sanitizers: - - address - - undefined - - memory -architectures: - - x86_64 - - i386 -main_repo: 'https://git.lysator.liu.se/nettle/nettle' - -fuzzing_engines: - - afl - - honggfuzz - - libfuzzer - diff --git a/projects/num-bigint/Dockerfile b/projects/num-bigint/Dockerfile deleted file mode 100644 index 19e7eaba3b46..000000000000 --- a/projects/num-bigint/Dockerfile +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2021 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -FROM gcr.io/oss-fuzz-base/base-builder -RUN apt-get update && apt-get install -y make autoconf automake libtool wget python -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz -RUN git clone --depth 1 https://github.com/randombit/botan.git -RUN wget https://archives.boost.io/release/1.84.0/source/boost_1_84_0.tar.bz2 -COPY build.sh $SRC/ diff --git a/projects/num-bigint/build.sh b/projects/num-bigint/build.sh deleted file mode 100755 index 908b3083156e..000000000000 --- a/projects/num-bigint/build.sh +++ /dev/null @@ -1,71 +0,0 @@ -#!/bin/bash -eu -# Copyright 2021 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NUM_BIGINT -DCRYPTOFUZZ_NO_OPENSSL" -export LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" - -rm -f /usr/local/bin/cargo - -curl https://sh.rustup.rs -sSf | sh -s -- -y -source $HOME/.cargo/env - -# Install Boost headers -cd $SRC/ -tar jxf boost_1_84_0.tar.bz2 -cd boost_1_84_0/ -CFLAGS="" CXXFLAGS="" ./bootstrap.sh -CFLAGS="" CXXFLAGS="" ./b2 headers -cp -R boost/ /usr/include/ - -cd $SRC/cryptofuzz/ -sed -i 's/kNegativeIntegers = false/kNegativeIntegers = true/g' config.h -python gen_repository.py - -rm extra_options.h -echo -n '"' >>extra_options.h -echo -n '--force-module=num-bigint ' >>extra_options.h -echo -n '--operations=BignumCalc ' >>extra_options.h -echo -n '"' >>extra_options.h - -cd $SRC/botan -if [[ $CFLAGS != *-m32* ]] -then - ./configure.py --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator,x509 --build-targets=static --without-documentation -else - ./configure.py --cpu=x86_32 --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator,x509 --build-targets=static --without-documentation -fi -make -j$(nproc) -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BOTAN -DCRYPTOFUZZ_BOTAN_IS_ORACLE" -export LIBBOTAN_A_PATH="$SRC/botan/libbotan-3.a" -export BOTAN_INCLUDE_PATH="$SRC/botan/build/include" - -cd $SRC/cryptofuzz/modules/botan/ -make -j$(nproc) -f Makefile-oracle - -cd $SRC/cryptofuzz/modules/num-bigint/ -if [[ $CFLAGS != *-m32* ]] -then - make -else - rustup target add i686-unknown-linux-gnu - make -f Makefile.i386 -fi - -cd $SRC/cryptofuzz/ -make -j$(nproc) - -cp $SRC/cryptofuzz/cryptofuzz $OUT/ diff --git a/projects/num-bigint/project.yaml b/projects/num-bigint/project.yaml deleted file mode 100644 index bb6fb654a6f5..000000000000 --- a/projects/num-bigint/project.yaml +++ /dev/null @@ -1,17 +0,0 @@ -homepage: "https://crates.io/crates/num-bigint" -language: c++ -primary_contact: "guidovranken@gmail.com" -main_repo: "https://github.com/rust-num/num-bigint.git" -auto_ccs: - - "cuviper@gmail.com" -sanitizers: - - address -architectures: - - x86_64 - - i386 - -fuzzing_engines: - - afl - - honggfuzz - - libfuzzer - diff --git a/projects/protobuf-c/project.yaml b/projects/protobuf-c/project.yaml index ae370518df72..c22c2acd2a85 100644 --- a/projects/protobuf-c/project.yaml +++ b/projects/protobuf-c/project.yaml @@ -1,8 +1,6 @@ homepage: "https://github.com/protobuf-c/protobuf-c" language: c -primary_contact: "guidovranken@gmail.com" -auto_ccs: - - "ilya.lipnitskiy@gmail.com" +primary_contact: "ilya.lipnitskiy@gmail.com" sanitizers: - address # Disabled MSAN because of https://github.com/google/oss-fuzz/issues/6294 diff --git a/projects/python3-libraries/Dockerfile b/projects/python3-libraries/Dockerfile deleted file mode 100644 index 37f6706ecaf3..000000000000 --- a/projects/python3-libraries/Dockerfile +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2019 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -FROM gcr.io/oss-fuzz-base/base-builder -RUN apt-get update && \ - apt-get install -y build-essential libncursesw5-dev libreadline-dev libssl-dev libgdbm-dev libc6-dev libsqlite3-dev tk-dev libbz2-dev zlib1g-dev libffi-dev -RUN git clone https://github.com/python/cpython.git cpython -RUN git clone --depth 1 https://github.com/guidovranken/python-library-fuzzers.git -COPY build.sh $SRC/ diff --git a/projects/python3-libraries/build.sh b/projects/python3-libraries/build.sh deleted file mode 100755 index 4860285d3a5a..000000000000 --- a/projects/python3-libraries/build.sh +++ /dev/null @@ -1,99 +0,0 @@ -#!/bin/bash -eu -# Copyright 2019 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -# Ignore memory leaks from python scripts invoked in the build -export ASAN_OPTIONS="detect_leaks=0" -export MSAN_OPTIONS="halt_on_error=0:exitcode=0:report_umrs=0" - -# Remove -pthread from CFLAGS, this trips up ./configure -# which thinks pthreads are available without any CLI flags -CFLAGS=${CFLAGS//"-pthread"/} - -FLAGS=() -case $SANITIZER in - address) - FLAGS+=("--with-address-sanitizer") - ;; - memory) - FLAGS+=("--with-memory-sanitizer") - # installing ensurepip takes a while with MSAN instrumentation, so - # we disable it here - FLAGS+=("--without-ensurepip") - # -msan-keep-going is needed to allow MSAN's halt_on_error to function - FLAGS+=("CFLAGS=-mllvm -msan-keep-going=1") - ;; - undefined) - FLAGS+=("--with-undefined-behavior-sanitizer") - ;; -esac - -export CPYTHON_INSTALL_PATH=$SRC/cpython-install -rm -rf $CPYTHON_INSTALL_PATH -mkdir $CPYTHON_INSTALL_PATH - -cd $SRC/cpython -cp $SRC/python-library-fuzzers/python_coverage.h Python/ - -# Patch the interpreter to record code coverage -sed -i '1 s/^.*$/#include "python_coverage.h"/g' Python/ceval.c -sed -i 's/case TARGET\(.*\): {/\0\nfuzzer_record_code_coverage(f->f_code, f->f_lasti);/g' Python/ceval.c - -./configure "${FLAGS[@]:-}" --prefix=$CPYTHON_INSTALL_PATH -make -j$(nproc) -make install - -cp -R $CPYTHON_INSTALL_PATH $OUT/ - -cd $SRC/python-library-fuzzers -make - -cp $SRC/python-library-fuzzers/fuzzer-html $OUT/ -cp $SRC/python-library-fuzzers/html.py $OUT/ -zip -j $OUT/fuzzer-html_seed_corpus.zip corp-html/* - -cp $SRC/python-library-fuzzers/fuzzer-email $OUT/ -cp $SRC/python-library-fuzzers/email.py $OUT/ -zip -j $OUT/fuzzer-email_seed_corpus.zip corp-email/* - -cp $SRC/python-library-fuzzers/fuzzer-httpclient $OUT/ -cp $SRC/python-library-fuzzers/httpclient.py $OUT/ -zip -j $OUT/fuzzer-httpclient_seed_corpus.zip corp-httpclient/* - -cp $SRC/python-library-fuzzers/fuzzer-json $OUT/ -cp $SRC/python-library-fuzzers/json.py $OUT/ -zip -j $OUT/fuzzer-json_seed_corpus.zip corp-json/* - -cp $SRC/python-library-fuzzers/fuzzer-difflib $OUT/ -cp $SRC/python-library-fuzzers/difflib.py $OUT/ -zip -j $OUT/fuzzer-difflib_seed_corpus.zip corp-difflib/* - -cp $SRC/python-library-fuzzers/fuzzer-csv $OUT/ -cp $SRC/python-library-fuzzers/csv.py $OUT/ -zip -j $OUT/fuzzer-csv_seed_corpus.zip corp-csv/* - -cp $SRC/python-library-fuzzers/fuzzer-decode $OUT/ -cp $SRC/python-library-fuzzers/decode.py $OUT/ -zip -j $OUT/fuzzer-decode_seed_corpus.zip corp-decode/* -cp $SRC/python-library-fuzzers/fuzzer-decode.dict $OUT/ - -cp $SRC/python-library-fuzzers/fuzzer-ast $OUT/ -cp $SRC/python-library-fuzzers/ast.py $OUT/ -cp $SRC/python-library-fuzzers/fuzzer-ast.dict $OUT/ -# Use CPython source code as seed corpus -mkdir corp-ast/ -find $SRC/cpython -type f -name '*.py' -size -4097c -exec cp {} corp-ast/ \; -zip -j $OUT/fuzzer-ast_seed_corpus.zip corp-ast/* diff --git a/projects/python3-libraries/project.yaml b/projects/python3-libraries/project.yaml deleted file mode 100644 index 7d3f8c9e0344..000000000000 --- a/projects/python3-libraries/project.yaml +++ /dev/null @@ -1,15 +0,0 @@ -homepage: "https://www.python.org/" -main_repo: "https://github.com/python/cpython" -language: c -primary_contact: "guidovranken@gmail.com" -auto_ccs: - - "greg@krypto.org" - - "alex.gaynor@gmail.com" - - "ammar@ammaraskar.com" - - "pablogsal@python.org" -fuzzing_engines: - - libfuzzer - - honggfuzz -sanitizers: - - address - - undefined diff --git a/projects/rapidjson/Dockerfile b/projects/rapidjson/Dockerfile deleted file mode 100644 index 81df5f1eb113..000000000000 --- a/projects/rapidjson/Dockerfile +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright 2019 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -FROM gcr.io/oss-fuzz-base/base-builder -RUN apt-get update && apt-get install -y make autoconf automake libtool cmake -RUN git clone --depth 1 https://github.com/Tencent/rapidjson.git rapidjson -RUN git clone --depth 1 https://github.com/guidovranken/rapidjson-fuzzers.git rapidjson-fuzzers -RUN git clone --depth 1 https://github.com/guidovranken/fuzzing-headers.git -WORKDIR rapidjson-fuzzers -COPY build.sh $SRC/ diff --git a/projects/rapidjson/build.sh b/projects/rapidjson/build.sh deleted file mode 100755 index d94be1abf88d..000000000000 --- a/projects/rapidjson/build.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -eu -# Copyright 2019 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -if [[ $CFLAGS = *sanitize=memory* ]] -then - export CXXFLAGS="$CXXFLAGS -DMSAN" -fi - -if [[ $CFLAGS = *sanitize=address* ]] -then - export CXXFLAGS="$CXXFLAGS -DASAN" -fi - -$CXX $CXXFLAGS -D_GLIBCXX_DEBUG -I $SRC/rapidjson/include fuzzer.cpp $LIB_FUZZING_ENGINE -o $OUT/fuzzer -cp fuzzer_seed_corpus.zip $OUT - -# Disabled because compiliation fails for reasons unknown. -# Using the exact same compile commands locally does not fail. -# Try enabling again in the future. -#cd $SRC/fuzzing-headers/tests -#$CXX $CXXFLAGS -std=c++2a -D_GLIBCXX_DEBUG -I $SRC/rapidjson/include -I ../include rapidjson.cpp $LIB_FUZZING_ENGINE -o $OUT/fuzzer-extended diff --git a/projects/rapidjson/project.yaml b/projects/rapidjson/project.yaml deleted file mode 100644 index ae74d04452ff..000000000000 --- a/projects/rapidjson/project.yaml +++ /dev/null @@ -1,18 +0,0 @@ -homepage: "https://github.com/tencent/rapidjson" -language: c++ -primary_contact: "guidovranken@gmail.com" -sanitizers: - - address - - undefined - - memory: - experimental: True -architectures: - - x86_64 - - i386 -main_repo: 'https://github.com/Tencent/rapidjson.git' - -fuzzing_engines: - - afl - - honggfuzz - - libfuzzer - diff --git a/projects/relic/Dockerfile b/projects/relic/Dockerfile deleted file mode 100644 index 9e3f2287fe61..000000000000 --- a/projects/relic/Dockerfile +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright 2021 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -FROM gcr.io/oss-fuzz-base/base-builder -RUN apt-get update && apt-get install -y make autoconf automake libtool wget python -RUN git clone --depth 1 https://github.com/relic-toolkit/relic.git -RUN git clone --depth 1 https://github.com/randombit/botan.git -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz -RUN wget https://archives.boost.io/release/1.84.0/source/boost_1_84_0.tar.bz2 -COPY build.sh $SRC/ -# This is to fix Fuzz Introspector build by using LLVM old pass manager -# re https://github.com/ossf/fuzz-introspector/issues/305 -ENV OLD_LLVMPASS 1 diff --git a/projects/relic/build.sh b/projects/relic/build.sh deleted file mode 100755 index ef1087c98dcd..000000000000 --- a/projects/relic/build.sh +++ /dev/null @@ -1,78 +0,0 @@ -#!/bin/bash -eu -# Copyright 2021 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL" -export LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" - -# Install Boost headers -cd $SRC/ -tar jxf boost_1_84_0.tar.bz2 -cd boost_1_84_0/ -CFLAGS="" CXXFLAGS="" ./bootstrap.sh -CFLAGS="" CXXFLAGS="" ./b2 headers -cp -R boost/ /usr/include/ - -# Build Relic -cd $SRC/relic/ -mkdir build/ -cd build/ -if [[ $CFLAGS = *-m32* ]] -then - export RELIC_ARCH="X86" -else - export RELIC_ARCH="X64" -fi -cmake .. -DCOMP="$CFLAGS" -DQUIET=on -DRAND=CALL -DSHLIB=off -DSTBIN=off -DTESTS=0 -DBENCH=0 -DALLOC=DYNAMIC -DARCH=$RELIC_ARCH -make -j$(nproc) -cd ../.. -export RELIC_PATH=$(realpath relic) -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_RELIC" - -# Build Botan -cd $SRC/botan -if [[ $CFLAGS != *-m32* ]] -then - ./configure.py --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation -else - ./configure.py --cpu=x86_32 --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation -fi -make -j$(nproc) - -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BOTAN -DCRYPTOFUZZ_BOTAN_IS_ORACLE" -export LIBBOTAN_A_PATH="$SRC/botan/libbotan-3.a" -export BOTAN_INCLUDE_PATH="$SRC/botan/build/include" - -# Build Cryptofuzz -cd $SRC/cryptofuzz -python gen_repository.py -rm extra_options.h -echo -n '"' >>extra_options.h -echo -n '--force-module=relic ' >>extra_options.h -echo -n '--operations=BignumCalc,ECC_PrivateToPublic,ECC_ValidatePubkey,ECDSA_Sign,ECDSA_Verify,Digest,HMAC,KDF_X963,SymmetricEncrypt,SymmetricDecrypt,ECC_Point_Add,ECC_Point_Mul,ECC_Point_Dbl,ECC_Point_Neg ' >>extra_options.h -echo -n '--curves=secp256k1,secp256r1 ' >>extra_options.h -echo -n '--digests=NULL,SHA224,SHA256,SHA384,SHA512,BLAKE2S160,BLAKE2S256 ' >>extra_options.h -echo -n '--ciphers=AES_128_CBC,AES_192_CBC,AES_256_CBC ' >>extra_options.h -echo -n '--calcops=Abs,Add,Bit,ClearBit,Cmp,CmpAbs,Div,ExpMod,GCD,InvMod,IsEven,IsOdd,IsZero,Jacobi,LCM,LShift1,Mod,Mul,Neg,NumBits,RShift,SetBit,Sqr,Sqrt,Sub ' >>extra_options.h -echo -n '"' >>extra_options.h -cd modules/relic/ -make -B -j$(nproc) -cd ../botan/ -make -B -j$(nproc) -cd ../../ -make -B -j$(nproc) - -cp cryptofuzz $OUT/cryptofuzz-relic diff --git a/projects/relic/project.yaml b/projects/relic/project.yaml deleted file mode 100644 index e3781a282781..000000000000 --- a/projects/relic/project.yaml +++ /dev/null @@ -1,19 +0,0 @@ -homepage: "https://github.com/relic-toolkit/relic" -language: c++ -primary_contact: "guidovranken@gmail.com" -main_repo: "https://github.com/relic-toolkit/relic" -auto_ccs: - - "dfaranha@gmail.com" -sanitizers: - - address - - undefined - - memory -architectures: - - x86_64 - - i386 - -fuzzing_engines: - - afl - - honggfuzz - - libfuzzer - diff --git a/projects/rustcrypto/Dockerfile b/projects/rustcrypto/Dockerfile deleted file mode 100644 index 21ae73d8c1d3..000000000000 --- a/projects/rustcrypto/Dockerfile +++ /dev/null @@ -1,30 +0,0 @@ -# Copyright 2021 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -# Held back because of github.com/google/oss-fuzz/pull/8313 -# Please fix failure and upgrade. -FROM gcr.io/oss-fuzz-base/base-builder@sha256:111d6b9d3a52bd3392602c71dc8936c628607a7a9bc86d381db7586f9b1e840f -# ! This project was pinned after a clang bump. Please remove the pin, Try to fix any build warnings and errors, as well as runtime errors -RUN apt-get update && apt-get install -y make autoconf automake libtool wget python -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz -RUN git clone --depth 1 https://github.com/randombit/botan.git -RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.74.0/source/boost_1_74_0.tar.bz2 -RUN wget https://storage.googleapis.com/pub/gsutil.tar.gz -O $SRC/gsutil.tar.gz -RUN tar zxf $SRC/gsutil.tar.gz -ENV PATH="${PATH}:$SRC/gsutil" -# Retrieve corpus from the OSS-Fuzz 'cryptofuzz' project -RUN gsutil cp gs://cryptofuzz-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/cryptofuzz_cryptofuzz-openssl/public.zip $SRC/corpus_cryptofuzz.zip -COPY build.sh $SRC/ diff --git a/projects/rustcrypto/build.sh b/projects/rustcrypto/build.sh deleted file mode 100755 index efeeaf657697..000000000000 --- a/projects/rustcrypto/build.sh +++ /dev/null @@ -1,87 +0,0 @@ -#!/bin/bash -eu -# Copyright 2021 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_RUSTCRYPTO -DCRYPTOFUZZ_NO_OPENSSL" -export LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" - -rm -f /usr/local/bin/cargo - -curl https://sh.rustup.rs -sSf | sh -s -- -y -source $HOME/.cargo/env - -# Install Boost headers -cd $SRC/ -tar jxf boost_1_74_0.tar.bz2 -cd boost_1_74_0/ -CFLAGS="" CXXFLAGS="" ./bootstrap.sh -CFLAGS="" CXXFLAGS="" ./b2 headers -cp -R boost/ /usr/include/ - -cd $SRC/cryptofuzz/ -python gen_repository.py - -rm extra_options.h -echo -n '"' >>extra_options.h -echo -n '--force-module=RustCrypto ' >>extra_options.h -echo -n '--operations=' >>extra_options.h -echo -n 'Digest,' >>extra_options.h -echo -n 'HMAC,' >>extra_options.h -echo -n 'CMAC,' >>extra_options.h -echo -n 'SymmetricEncrypt,' >>extra_options.h -echo -n 'SymmetricDecrypt,' >>extra_options.h -echo -n 'KDF_HKDF,' >>extra_options.h -echo -n 'KDF_ARGON2,' >>extra_options.h -echo -n 'KDF_BCRYPT,' >>extra_options.h -echo -n 'KDF_PBKDF2,' >>extra_options.h -echo -n 'KDF_SCRYPT,' >>extra_options.h -echo -n 'BignumCalc_Mod_2Exp256' >>extra_options.h -echo -n '"' >>extra_options.h - -cd $SRC/botan -if [[ $CFLAGS != *-m32* ]] -then - ./configure.py --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator,x509,tls --build-targets=static --without-documentation -else - ./configure.py --cpu=x86_32 --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator,x509,tls --build-targets=static --without-documentation -fi -make -j$(nproc) -export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BOTAN -DCRYPTOFUZZ_BOTAN_IS_ORACLE" -export LIBBOTAN_A_PATH="$SRC/botan/libbotan-3.a" -export BOTAN_INCLUDE_PATH="$SRC/botan/build/include" - -cd $SRC/cryptofuzz/modules/botan/ -make -j$(nproc) -f Makefile-oracle - -cd $SRC/cryptofuzz/modules/rustcrypto/ -if [[ $CFLAGS != *-m32* ]] -then - make -else - rustup target add i686-unknown-linux-gnu - make -f Makefile.i386 -fi - -cd $SRC/cryptofuzz/ -make -j$(nproc) - -cp $SRC/cryptofuzz/cryptofuzz $OUT/ - -# Create seed corpus -unzip -n $SRC/corpus_cryptofuzz.zip -d $SRC/cryptofuzz_seed_corpus/ -cd $SRC/cryptofuzz_seed_corpus -zip -r $SRC/cryptofuzz_seed_corpus.zip . -cp $SRC/cryptofuzz_seed_corpus.zip $OUT/ diff --git a/projects/rustcrypto/project.yaml b/projects/rustcrypto/project.yaml deleted file mode 100644 index bcc6b6b39312..000000000000 --- a/projects/rustcrypto/project.yaml +++ /dev/null @@ -1,18 +0,0 @@ -homepage: "https://github.com/RustCrypto" -language: c++ -primary_contact: "guidovranken@gmail.com" -main_repo: "https://github.com/RustCrypto/hashes.git" -auto_ccs: - - "newpavlov@gmail.com" - - "bascule@gmail.com" -sanitizers: - - address -architectures: - - x86_64 - - i386 - -fuzzing_engines: - - afl - - honggfuzz - - libfuzzer - diff --git a/projects/rustls/Dockerfile b/projects/rustls/Dockerfile index 0e7f10b8e6ff..ceabd365f867 100644 --- a/projects/rustls/Dockerfile +++ b/projects/rustls/Dockerfile @@ -25,7 +25,6 @@ RUN apt-get --yes update \ && rm --recursive --force /var/lib/apt/lists/* RUN git clone https://github.com/ctz/rustls -RUN git clone --depth 1 https://github.com/guidovranken/rustls-fuzzing-corpora WORKDIR $SRC diff --git a/projects/rustls/build.sh b/projects/rustls/build.sh index 6fb06f4355a0..79aa8f185666 100755 --- a/projects/rustls/build.sh +++ b/projects/rustls/build.sh @@ -27,11 +27,6 @@ for f in $SRC/rustls/fuzz/fuzzers/*.rs do FUZZ_TARGET=$(basename ${f%.*}) cp fuzz/target/x86_64-unknown-linux-gnu/release/${FUZZ_TARGET} $OUT/ - if [[ -d $SRC/rustls-fuzzing-corpora/$FUZZ_TARGET/ ]]; then - zip -jr \ - $OUT/${FUZZ_TARGET}_seed_corpus.zip \ - $SRC/rustls-fuzzing-corpora/$FUZZ_TARGET/ - fi done if [ "$SANITIZER" == "coverage" ] diff --git a/projects/wolfssl/Dockerfile b/projects/wolfssl/Dockerfile index 6f576d9a3836..87f83dd4614f 100644 --- a/projects/wolfssl/Dockerfile +++ b/projects/wolfssl/Dockerfile @@ -22,41 +22,8 @@ RUN git clone --depth 1 https://github.com/wolfSSL/wolfsm RUN git clone --depth 1 https://github.com/wolfSSL/wolfssh.git RUN git clone --depth 1 https://github.com/guidovranken/fuzzing-headers.git RUN git clone --depth 1 https://github.com/guidovranken/wolf-ssl-ssh-fuzzers -RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz -RUN git clone --depth 1 https://github.com/randombit/botan.git -RUN git clone --depth 1 https://github.com/google/wycheproof.git -RUN wget https://archives.boost.io/release/1.82.0/source/boost_1_82_0.tar.bz2 RUN git clone https://github.com/wolfssl/oss-fuzz-targets --depth 1 $SRC/fuzz-targets -# Retrieve corpora from other projects -RUN wget https://storage.googleapis.com/pub/gsutil.tar.gz -O $SRC/gsutil.tar.gz -RUN tar zxf $SRC/gsutil.tar.gz -ENV PATH="${PATH}:$SRC/gsutil" -RUN gsutil cp gs://bearssl-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/bearssl_cryptofuzz-bearssl/public.zip $SRC/corpus_bearssl.zip -RUN gsutil cp gs://nettle-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/nettle_cryptofuzz-nettle-with-mini-gmp/public.zip $SRC/corpus_nettle.zip -RUN gsutil cp gs://libecc-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/libecc_cryptofuzz-libecc/public.zip $SRC/corpus_libecc.zip -RUN gsutil cp gs://relic-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/relic_cryptofuzz-relic/public.zip $SRC/corpus_relic.zip -RUN gsutil cp gs://cryptofuzz-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/cryptofuzz_cryptofuzz-openssl/public.zip $SRC/corpus_cryptofuzz-openssl.zip -RUN gsutil cp gs://cryptofuzz-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/cryptofuzz_cryptofuzz-boringssl/public.zip $SRC/corpus_cryptofuzz-boringssl.zip -RUN gsutil cp gs://cryptofuzz-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/cryptofuzz_cryptofuzz-nss/public.zip $SRC/corpus_cryptofuzz-nss.zip -RUN gsutil cp gs://bitcoin-core-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/bitcoin-core_cryptofuzz-bitcoin-cryptography-w2-p2/public.zip $SRC/corpus_bitcoin-core-w2-p2.zip -RUN gsutil cp gs://bitcoin-core-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/bitcoin-core_cryptofuzz-bitcoin-cryptography-w15-p4/public.zip $SRC/corpus_bitcoin-core-w15-p4.zip -RUN gsutil cp gs://bitcoin-core-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/bitcoin-core_cryptofuzz-bitcoin-cryptography-w20-p8/public.zip $SRC/corpus_bitcoin-core-w20-p8.zip -RUN gsutil cp gs://num-bigint-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/num-bigint_cryptofuzz/public.zip $SRC/corpus_num-bigint.zip -RUN gsutil cp gs://wolfssl-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/wolfssl_cryptofuzz-sp-math-all/public.zip $SRC/corpus_wolfssl_sp-math-all.zip -RUN gsutil cp gs://wolfssl-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/wolfssl_cryptofuzz-sp-math-all-8bit/public.zip $SRC/corpus_wolfssl_sp-math-all-8bit.zip -RUN gsutil cp gs://wolfssl-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/wolfssl_cryptofuzz-sp-math/public.zip $SRC/corpus_wolfssl_sp-math.zip - -# Botan corpora, which require a special import procedure -RUN gsutil cp gs://botan-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/botan_ecc_p256/public.zip $SRC/corpus_botan_ecc_p256.zip -RUN gsutil cp gs://botan-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/botan_ecc_p384/public.zip $SRC/corpus_botan_ecc_p384.zip -RUN gsutil cp gs://botan-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/botan_ecc_p521/public.zip $SRC/corpus_botan_ecc_p521.zip -RUN gsutil cp gs://botan-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/botan_ecc_bp256/public.zip $SRC/corpus_botan_ecc_bp256.zip - -# OpenSSL/LibreSSL corpora, which require a special import procedure -RUN gsutil cp gs://openssl-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/openssl_bignum/public.zip $SRC/corpus_openssl_expmod.zip -RUN gsutil cp gs://libressl-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/libressl_bignum/public.zip $SRC/corpus_libressl_expmod.zip - WORKDIR wolfssl COPY build.sh $SRC/ diff --git a/projects/wolfssl/build.sh b/projects/wolfssl/build.sh index 777d93a482e1..1200d71c287e 100755 --- a/projects/wolfssl/build.sh +++ b/projects/wolfssl/build.sh @@ -20,336 +20,6 @@ then cd $SRC/wolfsm/ ./install.sh - cd $SRC/wolfssl/ - WOLFCRYPT_CONFIGURE_PARAMS="--enable-static --enable-md2 --enable-md4 --enable-ripemd --enable-blake2 --enable-blake2s --enable-pwdbased --enable-scrypt --enable-hkdf --enable-cmac --enable-arc4 --enable-camellia --enable-aesccm --enable-aesctr --enable-xts --enable-des3 --enable-x963kdf --enable-harden --enable-aescfb --enable-aesofb --enable-aeskeywrap --enable-aessiv --enable-keygen --enable-curve25519 --enable-curve448 --enable-shake256 --disable-crypttests --disable-examples --enable-compkey --enable-ed448 --enable-ed25519 --enable-ecccustcurves --enable-xchacha --enable-cryptocb --enable-eccencrypt --enable-aesgcm-stream --enable-smallstack --enable-ed25519-stream --enable-ed448-stream --enable-aesgcm-stream --enable-shake128 --enable-siphash --enable-eccsi --with-eccminsz=0 --enable-sm2 --enable-sm3 --enable-sm4-cbc --enable-sm4-ccm --enable-sm4-ctr --enable-sm4-ecb --enable-sm4-gcm" - if [[ $CFLAGS = *sanitize=memory* ]] - then - WOLFCRYPT_CONFIGURE_PARAMS="$WOLFCRYPT_CONFIGURE_PARAMS --disable-asm" - fi - - # Install Boost headers - cd $SRC/ - tar jxf boost_1_82_0.tar.bz2 - cd boost_1_82_0/ - CFLAGS="" CXXFLAGS="" ./bootstrap.sh - CFLAGS="" CXXFLAGS="" ./b2 headers - cp -R boost/ /usr/include/ - - # Build Botan - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_BOTAN_IS_ORACLE" - cd $SRC/botan - if [[ $CFLAGS != *-m32* ]] - then - if [[ $CFLAGS != *sanitize=memory* ]] - then - ./configure.py --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation - else - ./configure.py --disable-asm --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation - fi - else - ./configure.py --cpu=x86_32 --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" --disable-shared --disable-modules=locking_allocator --build-targets=static --without-documentation - fi - make -j$(nproc) - export LIBBOTAN_A_PATH="$SRC/botan/libbotan-3.a" - export BOTAN_INCLUDE_PATH="$SRC/botan/build/include" - - OLD_CFLAGS="$CFLAGS" - OLD_CXXFLAGS="$CXXFLAGS" - - # Configure Cryptofuzz - cd $SRC/cryptofuzz - sed -i 's/kNegativeIntegers = false/kNegativeIntegers = true/g' config.h - cp -R $SRC/cryptofuzz/ $SRC/cryptofuzz-openssl-api/ - cd $SRC/cryptofuzz-openssl-api/ - python gen_repository.py - rm extra_options.h - echo -n '"' >>extra_options.h - echo -n '--force-module=wolfCrypt-OpenSSL ' >>extra_options.h - echo -n '"' >>extra_options.h - - # Build OpenSSL API fuzzer - cp -R $SRC/wolfssl/ $SRC/wolfssl-openssl-api/ - cd $SRC/wolfssl-openssl-api/ - autoreconf -ivf - CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP" - if [[ $CFLAGS = *-m32* ]] - then - ./configure $WOLFCRYPT_CONFIGURE_PARAMS --enable-opensslall --enable-opensslextra --disable-fastmath - else - ./configure $WOLFCRYPT_CONFIGURE_PARAMS --enable-opensslall --enable-opensslextra - fi - make -j$(nproc) - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL -DCRYPTOFUZZ_WOLFCRYPT_OPENSSL" - export WOLFCRYPT_LIBWOLFSSL_A_PATH="$SRC/wolfssl-openssl-api/src/.libs/libwolfssl.a" - export WOLFCRYPT_INCLUDE_PATH="$SRC/wolfssl-openssl-api/" - cd $SRC/cryptofuzz-openssl-api/modules/wolfcrypt-openssl - make -j$(nproc) - cd $SRC/cryptofuzz-openssl-api/ - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make -B -j$(nproc) - cp cryptofuzz $OUT/cryptofuzz-openssl-api - CFLAGS="$OLD_CFLAGS" - CXXFLAGS="$OLD_CXXFLAGS" - unset WOLFCRYPT_LIBWOLFSSL_A_PATH - unset WOLFCRYPT_INCLUDE_PATH - - # Configure Cryptofuzz - cd $SRC/cryptofuzz/ - python gen_repository.py - - rm extra_options.h - echo -n '"' >>extra_options.h - echo -n '--force-module=wolfCrypt ' >>extra_options.h - echo -n '--digests=NULL ' >>extra_options.h - echo -n '--operations=' >>extra_options.h - echo -n 'BignumCalc,' >>extra_options.h - echo -n 'DH_GenerateKeyPair,' >>extra_options.h - echo -n 'DH_Derive,' >>extra_options.h - echo -n 'ECC_GenerateKeyPair,' >>extra_options.h - echo -n 'ECC_PrivateToPublic,' >>extra_options.h - echo -n 'ECC_ValidatePubkey,' >>extra_options.h - echo -n 'ECDSA_Verify,' >>extra_options.h - echo -n 'ECDSA_Sign,' >>extra_options.h - echo -n 'ECIES_Encrypt,' >>extra_options.h - echo -n 'ECIES_Decrypt,' >>extra_options.h - echo -n 'ECC_Point_Add,' >>extra_options.h - echo -n 'ECC_Point_Mul,' >>extra_options.h - echo -n 'ECC_Point_Dbl,' >>extra_options.h - echo -n 'ECDH_Derive,' >>extra_options.h - echo -n 'ECCSI_Sign,' >>extra_options.h - echo -n 'ECCSI_Verify ' >>extra_options.h - echo -n '"' >>extra_options.h - - # Build normal math fuzzer - cp -R $SRC/cryptofuzz/ $SRC/cryptofuzz-normal-math/ - cp -R $SRC/wolfssl/ $SRC/wolfssl-normal-math/ - cd $SRC/wolfssl-normal-math/ - autoreconf -ivf - CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP" - if [[ $CFLAGS != *-m32* ]] - then - ./configure $WOLFCRYPT_CONFIGURE_PARAMS - else - # Compiling instrumented 32 bit normal math with asm is currently - # not possible because it results in Clang error messages such as: - # - # wolfcrypt/src/tfm.c:3154:11: error: inline assembly requires more registers than available - ./configure $WOLFCRYPT_CONFIGURE_PARAMS --disable-asm - fi - make -j$(nproc) - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL -DCRYPTOFUZZ_WOLFCRYPT -DCRYPTOFUZZ_BOTAN" - export WOLFCRYPT_LIBWOLFSSL_A_PATH="$SRC/wolfssl-normal-math/src/.libs/libwolfssl.a" - export WOLFCRYPT_INCLUDE_PATH="$SRC/wolfssl-normal-math/" - cd $SRC/cryptofuzz-normal-math/modules/wolfcrypt - make -j$(nproc) - cd $SRC/cryptofuzz-normal-math/modules/botan - make -j$(nproc) - cd $SRC/cryptofuzz-normal-math/ - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make -B -j$(nproc) - cp cryptofuzz $OUT/cryptofuzz-normal-math - CFLAGS="$OLD_CFLAGS" - CXXFLAGS="$OLD_CXXFLAGS" - unset WOLFCRYPT_LIBWOLFSSL_A_PATH - unset WOLFCRYPT_INCLUDE_PATH - - # Build sp-math-all fuzzer - cp -R $SRC/cryptofuzz/ $SRC/cryptofuzz-sp-math-all/ - cp -R $SRC/wolfssl/ $SRC/wolfssl-sp-math-all/ - cd $SRC/wolfssl-sp-math-all/ - autoreconf -ivf - CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP -DWOLFSSL_SP_INT_NEGATIVE" - ./configure $WOLFCRYPT_CONFIGURE_PARAMS --enable-sp-math-all - make -j$(nproc) - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL -DCRYPTOFUZZ_WOLFCRYPT -DCRYPTOFUZZ_BOTAN" - export WOLFCRYPT_LIBWOLFSSL_A_PATH="$SRC/wolfssl-sp-math-all/src/.libs/libwolfssl.a" - export WOLFCRYPT_INCLUDE_PATH="$SRC/wolfssl-sp-math-all/" - cd $SRC/cryptofuzz-sp-math-all/modules/wolfcrypt - make -j$(nproc) - cd $SRC/cryptofuzz-sp-math-all/modules/botan - make -j$(nproc) - cd $SRC/cryptofuzz-sp-math-all/ - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make -B -j$(nproc) - cp cryptofuzz $OUT/cryptofuzz-sp-math-all - CFLAGS="$OLD_CFLAGS" - CXXFLAGS="$OLD_CXXFLAGS" - unset WOLFCRYPT_LIBWOLFSSL_A_PATH - unset WOLFCRYPT_INCLUDE_PATH - - # Build sp-math-all 8bit fuzzer - cp -R $SRC/cryptofuzz/ $SRC/cryptofuzz-sp-math-all-8bit/ - cp -R $SRC/wolfssl/ $SRC/wolfssl-sp-math-all-8bit/ - cd $SRC/wolfssl-sp-math-all-8bit/ - autoreconf -ivf - CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP -DSP_WORD_SIZE=8 -DWOLFSSL_SP_INT_NEGATIVE" - ./configure $WOLFCRYPT_CONFIGURE_PARAMS --enable-sp-math-all - make -j$(nproc) - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL -DCRYPTOFUZZ_WOLFCRYPT -DCRYPTOFUZZ_BOTAN" - export WOLFCRYPT_LIBWOLFSSL_A_PATH="$SRC/wolfssl-sp-math-all-8bit/src/.libs/libwolfssl.a" - export WOLFCRYPT_INCLUDE_PATH="$SRC/wolfssl-sp-math-all-8bit/" - cd $SRC/cryptofuzz-sp-math-all-8bit/modules/wolfcrypt - make -j$(nproc) - cd $SRC/cryptofuzz-sp-math-all-8bit/modules/botan - make -j$(nproc) - cd $SRC/cryptofuzz-sp-math-all-8bit/ - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make -B -j$(nproc) - cp cryptofuzz $OUT/cryptofuzz-sp-math-all-8bit - CFLAGS="$OLD_CFLAGS" - CXXFLAGS="$OLD_CXXFLAGS" - unset WOLFCRYPT_LIBWOLFSSL_A_PATH - unset WOLFCRYPT_INCLUDE_PATH - - # Build sp-math fuzzer - cp -R $SRC/cryptofuzz/ $SRC/cryptofuzz-sp-math/ - cp -R $SRC/wolfssl/ $SRC/wolfssl-sp-math/ - cd $SRC/wolfssl-sp-math/ - autoreconf -ivf - # -DHAVE_ECC_BRAINPOOL and -DHAVE_ECC_KOBLITZ are lacking from the CFLAGS; these are not supported by SP math - CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP -DWOLFSSL_PUBLIC_ECC_ADD_DBL" - # SP math does not support custom curves, so remove that flag - export WOLFCRYPT_CONFIGURE_PARAMS_SP_MATH=${WOLFCRYPT_CONFIGURE_PARAMS//"--enable-ecccustcurves"/} - if [[ $CFLAGS = *-m32* ]] - then - setarch i386 ./configure $WOLFCRYPT_CONFIGURE_PARAMS_SP_MATH --enable-sp --enable-sp-math - elif [[ $CFLAGS = *sanitize=memory* ]] - then - ./configure $WOLFCRYPT_CONFIGURE_PARAMS_SP_MATH --enable-sp --enable-sp-math --disable-sp-asm - else - ./configure $WOLFCRYPT_CONFIGURE_PARAMS_SP_MATH --enable-sp --enable-sp-math - fi - make -j$(nproc) - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL -DCRYPTOFUZZ_WOLFCRYPT -DCRYPTOFUZZ_BOTAN" - export WOLFCRYPT_LIBWOLFSSL_A_PATH="$SRC/wolfssl-sp-math/src/.libs/libwolfssl.a" - export WOLFCRYPT_INCLUDE_PATH="$SRC/wolfssl-sp-math/" - cd $SRC/cryptofuzz-sp-math/modules/wolfcrypt - make -j$(nproc) - cd $SRC/cryptofuzz-sp-math/modules/botan - make -j$(nproc) - cd $SRC/cryptofuzz-sp-math/ - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make -B -j$(nproc) - cp cryptofuzz $OUT/cryptofuzz-sp-math - CFLAGS="$OLD_CFLAGS" - CXXFLAGS="$OLD_CXXFLAGS" - unset WOLFCRYPT_LIBWOLFSSL_A_PATH - unset WOLFCRYPT_INCLUDE_PATH - - # Build fastmath fuzzer - cp -R $SRC/cryptofuzz/ $SRC/cryptofuzz-fastmath/ - cp -R $SRC/wolfssl/ $SRC/wolfssl-fastmath/ - cd $SRC/wolfssl-fastmath/ - autoreconf -ivf - CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP" - ./configure $WOLFCRYPT_CONFIGURE_PARAMS --enable-fastmath - make -j$(nproc) - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL -DCRYPTOFUZZ_WOLFCRYPT -DCRYPTOFUZZ_BOTAN" - export WOLFCRYPT_LIBWOLFSSL_A_PATH="$SRC/wolfssl-fastmath/src/.libs/libwolfssl.a" - export WOLFCRYPT_INCLUDE_PATH="$SRC/wolfssl-fastmath/" - cd $SRC/cryptofuzz-fastmath/modules/wolfcrypt - make -j$(nproc) - cd $SRC/cryptofuzz-fastmath/modules/botan - make -j$(nproc) - cd $SRC/cryptofuzz-fastmath/ - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make -B -j$(nproc) - cp cryptofuzz $OUT/cryptofuzz-fastmath - CFLAGS="$OLD_CFLAGS" - CXXFLAGS="$OLD_CXXFLAGS" - unset WOLFCRYPT_LIBWOLFSSL_A_PATH - unset WOLFCRYPT_INCLUDE_PATH - - # Build heapmath fuzzer - cp -R $SRC/cryptofuzz/ $SRC/cryptofuzz-heapmath/ - cp -R $SRC/wolfssl/ $SRC/wolfssl-heapmath/ - cd $SRC/wolfssl-heapmath/ - autoreconf -ivf - CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP" - ./configure $WOLFCRYPT_CONFIGURE_PARAMS --enable-heapmath - make -j$(nproc) - export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL -DCRYPTOFUZZ_WOLFCRYPT -DCRYPTOFUZZ_BOTAN" - export WOLFCRYPT_LIBWOLFSSL_A_PATH="$SRC/wolfssl-heapmath/src/.libs/libwolfssl.a" - export WOLFCRYPT_INCLUDE_PATH="$SRC/wolfssl-heapmath/" - cd $SRC/cryptofuzz-heapmath/modules/wolfcrypt - make -j$(nproc) - cd $SRC/cryptofuzz-heapmath/modules/botan - make -j$(nproc) - cd $SRC/cryptofuzz-heapmath/ - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" make -B -j$(nproc) - cp cryptofuzz $OUT/cryptofuzz-heapmath - CFLAGS="$OLD_CFLAGS" - CXXFLAGS="$OLD_CXXFLAGS" - unset WOLFCRYPT_LIBWOLFSSL_A_PATH - unset WOLFCRYPT_INCLUDE_PATH - - mkdir $SRC/cryptofuzz-seed-corpus/ - - # Convert Wycheproof test vectors to Cryptofuzz corpus format - find $SRC/wycheproof/testvectors/ -type f -name 'ecdsa_*' -exec $SRC/cryptofuzz-fastmath/cryptofuzz --from-wycheproof={},$SRC/cryptofuzz-seed-corpus/ \; - find $SRC/wycheproof/testvectors/ -type f -name 'ecdh_*' -exec $SRC/cryptofuzz-fastmath/cryptofuzz --from-wycheproof={},$SRC/cryptofuzz-seed-corpus/ \; - - # Unpack corpora from other projects - unzip -n $SRC/corpus_bearssl.zip -d $SRC/cryptofuzz_seed_corpus/ >/dev/null - unzip -n $SRC/corpus_nettle.zip -d $SRC/cryptofuzz_seed_corpus/ >/dev/null - unzip -n $SRC/corpus_libecc.zip -d $SRC/cryptofuzz_seed_corpus/ >/dev/null - unzip -n $SRC/corpus_relic.zip -d $SRC/cryptofuzz_seed_corpus/ >/dev/null - unzip -n $SRC/corpus_cryptofuzz-openssl.zip -d $SRC/cryptofuzz_seed_corpus/ >/dev/null - unzip -n $SRC/corpus_cryptofuzz-boringssl.zip -d $SRC/cryptofuzz_seed_corpus/ >/dev/null - unzip -n $SRC/corpus_cryptofuzz-nss.zip -d $SRC/cryptofuzz_seed_corpus/ >/dev/null - unzip -n $SRC/corpus_bitcoin-core-w2-p2.zip -d $SRC/cryptofuzz_seed_corpus/ >/dev/null - unzip -n $SRC/corpus_bitcoin-core-w15-p4.zip -d $SRC/cryptofuzz_seed_corpus/ >/dev/null - unzip -n $SRC/corpus_bitcoin-core-w20-p8.zip -d $SRC/cryptofuzz_seed_corpus/ >/dev/null - unzip -n $SRC/corpus_num-bigint.zip -d $SRC/cryptofuzz_seed_corpus/ >/dev/null - unzip -n $SRC/corpus_wolfssl_sp-math-all.zip -d $SRC/cryptofuzz_seed_corpus/ >/dev/null - unzip -n $SRC/corpus_wolfssl_sp-math-all-8bit.zip -d $SRC/cryptofuzz_seed_corpus/ >/dev/null - unzip -n $SRC/corpus_wolfssl_sp-math.zip -d $SRC/cryptofuzz_seed_corpus/ >/dev/null - - # Import Botan corpora - mkdir $SRC/botan-p256-corpus/ - unzip $SRC/corpus_botan_ecc_p256.zip -d $SRC/botan-p256-corpus/ >/dev/null - find $SRC/botan-p256-corpus/ -type f -exec $SRC/cryptofuzz-fastmath/cryptofuzz --from-botan={},$SRC/cryptofuzz-seed-corpus/,secp256r1 \; - - mkdir $SRC/botan-p384-corpus/ - unzip $SRC/corpus_botan_ecc_p384.zip -d $SRC/botan-p384-corpus/ >/dev/null - find $SRC/botan-p384-corpus/ -type f -exec $SRC/cryptofuzz-fastmath/cryptofuzz --from-botan={},$SRC/cryptofuzz-seed-corpus/,secp384r1 \; - - mkdir $SRC/botan-p521-corpus/ - unzip $SRC/corpus_botan_ecc_p521.zip -d $SRC/botan-p521-corpus/ >/dev/null - find $SRC/botan-p521-corpus/ -type f -exec $SRC/cryptofuzz-fastmath/cryptofuzz --from-botan={},$SRC/cryptofuzz-seed-corpus/,secp521r1 \; - - mkdir $SRC/botan-bp256-corpus/ - unzip $SRC/corpus_botan_ecc_bp256.zip -d $SRC/botan-bp256-corpus/ >/dev/null - find $SRC/botan-bp256-corpus/ -type f -exec $SRC/cryptofuzz-fastmath/cryptofuzz --from-botan={},$SRC/cryptofuzz-seed-corpus/,brainpool256r1 \; - - # Import OpenSSL/LibreSSL corpora - mkdir $SRC/openssl-expmod-corpus/ - unzip $SRC/corpus_openssl_expmod.zip -d $SRC/openssl-expmod-corpus/ >/dev/null - find $SRC/openssl-expmod-corpus/ -type f -exec $SRC/cryptofuzz-fastmath/cryptofuzz --from-openssl-expmod={},$SRC/cryptofuzz-seed-corpus/ \; - - mkdir $SRC/libressl-expmod-corpus/ - unzip $SRC/corpus_libressl_expmod.zip -d $SRC/libressl-expmod-corpus/ >/dev/null - find $SRC/libressl-expmod-corpus/ -type f -exec $SRC/cryptofuzz-fastmath/cryptofuzz --from-openssl-expmod={},$SRC/cryptofuzz-seed-corpus/ \; - - # Write Cryptofuzz built-in tests - $SRC/cryptofuzz-fastmath/cryptofuzz --from-builtin-tests=$SRC/cryptofuzz-seed-corpus/ - - # Pack it - cd $SRC/cryptofuzz_seed_corpus - zip -r $SRC/cryptofuzz_seed_corpus.zip . >/dev/null - - # Use it as the seed corpus for each Cryptofuzz-based fuzzer - cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-normal-math_seed_corpus.zip - cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-sp-math-all_seed_corpus.zip - cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-sp-math-all-8bit_seed_corpus.zip - cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-sp-math_seed_corpus.zip - cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-fastmath_seed_corpus.zip - cp $SRC/cryptofuzz_seed_corpus.zip $OUT/cryptofuzz-heapmath_seed_corpus.zip - - # Remove files that are no longer needed to prevent running out of disk space - rm -rf $SRC/botan-p256-corpus/ - rm -rf $SRC/botan-p384-corpus/ - rm -rf $SRC/botan-p521-corpus/ - rm -rf $SRC/botan-bp256-corpus/ - rm -rf $SRC/openssl-expmod-corpus/ - rm -rf $SRC/libressl-expmod-corpus/ - rm -rf $SRC/cryptofuzz_seed_corpus/ - rm -rf $SRC/cryptofuzz_seed_corpus.zip - # Build SSL/SSH fuzzers NEW_SRC=$SRC/wolf-ssl-ssh-fuzzers/oss-fuzz/projects/wolf-ssl-ssh/ cp -R $SRC/wolfssl/ $NEW_SRC diff --git a/projects/xvid/Dockerfile b/projects/xvid/Dockerfile deleted file mode 100644 index 9b767630f27e..000000000000 --- a/projects/xvid/Dockerfile +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2019 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -FROM gcr.io/oss-fuzz-base/base-builder -RUN apt-get update && apt-get install -y make autoconf automake libtool subversion -RUN svn checkout http://svn.xvid.org/trunk --username anonymous --password "" --non-interactive --no-auth-cache -RUN git clone --depth 1 https://github.com/guidovranken/fuzzing-headers.git -RUN git clone --depth 1 https://github.com/guidovranken/oss-fuzz-fuzzers.git -COPY build.sh $SRC/ diff --git a/projects/xvid/build.sh b/projects/xvid/build.sh deleted file mode 100755 index 5a1eca569780..000000000000 --- a/projects/xvid/build.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -eu -# Copyright 2019 Google Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -################################################################################ - -cd $SRC/trunk/xvidcore/build/generic/ -./bootstrap.sh -mkdir $SRC/xvidcore-install/ -if [[ $CFLAGS = *sanitize=memory* ]] -then - ./configure --prefix=$SRC/xvidcore-install/ --disable-assembly -else - if [[ $CFLAGS = *-m32* ]] - then - LDFLAGS="-m32" ./configure --prefix=$SRC/xvidcore-install/ --disable-assembly - else - ./configure --prefix=$SRC/xvidcore-install/ - fi -fi -make -j $(nproc) libxvidcore.a - -find . -name "libxvidcore.a" -exec cp {} . \; - -$CXX $CXXFLAGS -I $SRC/trunk/xvidcore/src/ \ - $SRC/oss-fuzz-fuzzers/xvid/fuzzer.cpp ./libxvidcore.a \ - $LIB_FUZZING_ENGINE -o $OUT/fuzzer-decoder diff --git a/projects/xvid/project.yaml b/projects/xvid/project.yaml deleted file mode 100644 index 547c265330d3..000000000000 --- a/projects/xvid/project.yaml +++ /dev/null @@ -1,13 +0,0 @@ -homepage: "https://www.xvid.com/" -main_repo: "http://svn.xvid.org/trunk" -language: c++ -primary_contact: "guidovranken@gmail.com" -auto_ccs: - - "mm@xvid.org" - - "xvidsolutions@gmail.com" -sanitizers: - - address - - memory -architectures: - - x86_64 - - i386