diff options
author | 2019-04-18 22:07:09 +0200 | |
---|---|---|
committer | 2019-04-18 13:07:09 -0700 | |
commit | 1ea634a278e03d3dfd58ac444449c21ee1ba7784 (patch) | |
tree | 9780b201d93b5eb227c783f686456861d769fc2f | |
parent | 028c9c486a44dd17bcbe66d3dec40e000706eaea (diff) |
Cryptofuzz fixes (#2337)
* [cryptofuzz] Use latest OpenSSL version
This is a workaround for an issue OpenSSL's build system is currently
having. I've appended || true to the build command so failure is not
signaled to the Docker process running the build script, and the build
is not aborted.
Multithreaded compiling has been removed temporarily to avoid a race
condition that causes the make procedure to abort before libcrypto.a
has been compiled.
* [cryptofuzz] Build against LIB_FUZZING_ENGINE_DEPRECATED to prevent crashes
-rw-r--r-- | projects/cryptofuzz/Dockerfile | 7 | ||||
-rwxr-xr-x | projects/cryptofuzz/build.sh | 17 |
2 files changed, 11 insertions, 13 deletions
diff --git a/projects/cryptofuzz/Dockerfile b/projects/cryptofuzz/Dockerfile index b6e69d1f..a60b1e44 100644 --- a/projects/cryptofuzz/Dockerfile +++ b/projects/cryptofuzz/Dockerfile @@ -25,12 +25,7 @@ RUN ln -s /usr/lib/go-1.9/bin/go /usr/bin/go RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz-corpora -RUN git clone https://github.com/openssl/openssl - -# The OpenSSL build system is currently broken, see also: https://github.com/google/oss-fuzz/issues/2314 -# Lock OpenSSL to an older commit that does not cause build problems. -# This should be removed as soon as OpenSSL's build system is repaired. -RUN cd openssl && git checkout 9efa0ae0b602c1c0e356009a58410a2e8b80201a +RUN git clone --depth 1 https://github.com/openssl/openssl RUN git clone --depth 1 https://boringssl.googlesource.com/boringssl RUN git clone --depth 1 https://github.com/libressl-portable/portable libressl diff --git a/projects/cryptofuzz/build.sh b/projects/cryptofuzz/build.sh index 71192bc1..6630b057 100755 --- a/projects/cryptofuzz/build.sh +++ b/projects/cryptofuzz/build.sh @@ -15,6 +15,9 @@ # ################################################################################ +# TODO(metzman): Switch this to LIB_FUZZING_ENGINE when it works. +# https://github.com/google/oss-fuzz/issues/2336 + # Generate lookup tables. This only needs to be done once. cd $SRC/cryptofuzz python gen_repository.py @@ -43,7 +46,7 @@ then # Compile Cryptofuzz cd $SRC/cryptofuzz - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/libressl/include -DCRYPTOFUZZ_LIBRESSL" make -B -j$(nproc) + LIBFUZZER_LINK="$LIB_FUZZING_ENGINE_DEPRECATED" CXXFLAGS="$CXXFLAGS -I $SRC/libressl/include -DCRYPTOFUZZ_LIBRESSL" make -B -j$(nproc) # Generate dictionary ./generate_dict @@ -62,7 +65,7 @@ then # Compile Openssl (with assembly) cd $SRC/openssl ./config --debug enable-md2 enable-rc5 - make -j$(nproc) + make || true # Compile Cryptofuzz OpenSSL (with assembly) module cd $SRC/cryptofuzz/modules/openssl @@ -70,7 +73,7 @@ then # Compile Cryptofuzz cd $SRC/cryptofuzz - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc) + LIBFUZZER_LINK="$LIB_FUZZING_ENGINE_DEPRECATED" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc) # Generate dictionary ./generate_dict @@ -88,7 +91,7 @@ fi cd $SRC/openssl ./config --debug no-asm enable-md2 enable-rc5 make clean -make -j$(nproc) +make || true # Compile Cryptofuzz OpenSSL (without assembly) module cd $SRC/cryptofuzz/modules/openssl @@ -96,7 +99,7 @@ OPENSSL_INCLUDE_PATH="$SRC/openssl/include" OPENSSL_LIBCRYPTO_A_PATH="$SRC/opens # Compile Cryptofuzz cd $SRC/cryptofuzz -LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc) +LIBFUZZER_LINK="$LIB_FUZZING_ENGINE_DEPRECATED" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc) # Generate dictionary ./generate_dict @@ -124,7 +127,7 @@ then # Compile Cryptofuzz cd $SRC/cryptofuzz - LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc) + LIBFUZZER_LINK="$LIB_FUZZING_ENGINE_DEPRECATED" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc) # Generate dictionary ./generate_dict @@ -151,7 +154,7 @@ OPENSSL_INCLUDE_PATH="$SRC/boringssl/include" OPENSSL_LIBCRYPTO_A_PATH="$SRC/bor # Compile Cryptofuzz cd $SRC/cryptofuzz -LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc) +LIBFUZZER_LINK="$LIB_FUZZING_ENGINE_DEPRECATED" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc) # Generate dictionary ./generate_dict |