Move the gnutls fuzzers to their own repo. (#188)

Also add two new ones.

4 files changed, 21 insertions, 128 deletions

diff --git a/projects/gnutls/Dockerfile b/projects/gnutls/Dockerfile
index 6b0e9ae8..013889b9 100644
--- a/projects/gnutls/Dockerfile
+++ b/projects/gnutls/Dockerfile
@@ -32,11 +32,24 @@ RUN cd client-testcases/ && curl https://boringssl.googlesource.com/boringssl/+a
 RUN cp openssl/fuzz/corpora/client/* client-testcases/
 RUN zip gnutls_client_fuzzer_seed_corpus.zip client-testcases/*
 
+# Applies to servers as well
+RUN mkdir server-testcases
+RUN cd server-testcases && curl https://boringssl.googlesource.com/boringssl/+archive/master/fuzz/server_corpus.tar.gz | tar -zx
+RUN cd server-testcases/ && curl https://boringssl.googlesource.com/boringssl/+archive/master/fuzz/server_corpus_no_fuzzer_mode.tar.gz | tar -zx
+RUN cp openssl/fuzz/corpora/server/* server-testcases/
+RUN zip gnutls_server_fuzzer_seed_corpus.zip server-testcases/*
+
 # Same thing for X.509
 RUN mkdir x509-testcases
 RUN cd x509-testcases/ && curl https://boringssl.googlesource.com/boringssl/+archive/master/fuzz/cert_corpus.tar.gz | tar -zx
 RUN cp openssl/fuzz/corpora/x509/* x509-testcases/
 RUN zip gnutls_x509_parser_fuzzer_seed_corpus.zip x509-testcases/*
 
+# And private keys
+RUN mkdir private-key-testcases
+RUN cd private-key-testcases && curl https://boringssl.googlesource.com/boringssl/+archive/master/fuzz/privkey_corpus.tar.gz | tar -zx
+RUN cd private-key-testcases && curl https://boringssl.googlesource.com/boringssl/+archive/master/fuzz/pkcs8_corpus.tar.gz | tar -zx
+RUN zip gnutls_private_key_parser_fuzzer_seed_corpus.zip private-key-testcases/*
+
 WORKDIR gnutls
-COPY build.sh gnutls_client_fuzzer.cc gnutls_x509_parser_fuzzer.cc $SRC/
+COPY build.sh $SRC/
diff --git a/projects/gnutls/build.sh b/projects/gnutls/build.sh
index 83e44b68..52c77de4 100755
--- a/projects/gnutls/build.sh
+++ b/projects/gnutls/build.sh
@@ -19,16 +19,16 @@ make bootstrap
 ./configure --enable-gcc-warnings --enable-static --with-included-libtasn1 --with-included-unistring --without-p11-kit --disable-doc
 make "-j$(nproc)"
 
-fuzzers="
-client
-x509_parser
-"
+fuzzers=$(find devel/fuzz/ -name "*_fuzzer.cc")
 
-for fuzzer in $fuzzers; do
+for f in $fuzzers; do
+    fuzzer=$(basename "$f" ".cc")
     $CXX $CXXFLAGS -std=c++11 -Ilib/includes \
-        "$SRC/gnutls_${fuzzer}_fuzzer.cc" -o "$OUT/gnutls_${fuzzer}_fuzzer" \
+        "devel/fuzz/${fuzzer}.cc" -o "$OUT/${fuzzer}" \
         lib/.libs/libgnutls.a -lFuzzingEngine -lpthread -Wl,-Bstatic \
         -lhogweed -lnettle -lgmp -Wl,-Bdynamic
 
-    cp "$SRC/gnutls_${fuzzer}_fuzzer_seed_corpus.zip" "$OUT/"
+    if [ -f "$SRC/${fuzzer}_seed_corpus.zip" ]; then
+        cp "$SRC/${fuzzer}_seed_corpus.zip" "$OUT/"
+    fi
 done
diff --git a/projects/gnutls/gnutls_client_fuzzer.cc b/projects/gnutls/gnutls_client_fuzzer.cc
deleted file mode 100644
index b155ca5e..00000000
--- a/projects/gnutls/gnutls_client_fuzzer.cc
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
-# Copyright 2016 Google Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-################################################################################
-*/
-
-#include <assert.h>
-#include <fcntl.h>
-#include <stdint.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <unistd.h>
-
-#include <gnutls/gnutls.h>
-
-
-extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
-    int res;
-    gnutls_session_t session;
-    gnutls_certificate_credentials_t xcred;
-
-    int socket_fds[2];
-    res = socketpair(AF_UNIX, SOCK_STREAM, 0, socket_fds);
-    assert(res >= 0);
-    ssize_t send_res = send(socket_fds[1], data, size, 0);
-    assert(send_res == size);
-    res = shutdown(socket_fds[1], SHUT_WR);
-    assert(res == 0);
-
-    res = gnutls_init(&session, GNUTLS_CLIENT);
-    assert(res >= 0);
-
-    res = gnutls_certificate_allocate_credentials(&xcred);
-    assert(res >= 0);
-    res = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred);
-    assert(res >= 0);
-
-    res = gnutls_set_default_priority(session);
-    assert(res >= 0);
-
-    gnutls_transport_set_int(session, socket_fds[0]);
-
-    do {
-        res = gnutls_handshake(session);
-    } while (res < 0 && gnutls_error_is_fatal(res) == 0);
-    if (res >= 0) {
-        while (true) {
-            char buf[16384];
-            res = gnutls_record_recv(session, buf, sizeof(buf));
-            if (res <= 0) {
-                break;
-            }
-        }
-    }
-
-    close(socket_fds[0]);
-    close(socket_fds[1]);
-    gnutls_deinit(session);
-    gnutls_certificate_free_credentials(xcred);
-    return 0;
-}
diff --git a/projects/gnutls/gnutls_x509_parser_fuzzer.cc b/projects/gnutls/gnutls_x509_parser_fuzzer.cc
deleted file mode 100644
index 28dc3397..00000000
--- a/projects/gnutls/gnutls_x509_parser_fuzzer.cc
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
-# Copyright 2016 Google Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-################################################################################
-*/
-
-#include <assert.h>
-#include <stdint.h>
-
-#include <gnutls/gnutls.h>
-#include <gnutls/x509.h>
-
-
-extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
-    gnutls_datum_t raw;
-    gnutls_datum_t out;
-    gnutls_x509_crt_t crt;
-    int ret;
-
-    raw.data = (unsigned char *)data;
-    raw.size = size;
-
-    ret = gnutls_x509_crt_init(&crt);
-    assert(ret >= 0);
-
-    ret = gnutls_x509_crt_import(crt, &raw, GNUTLS_X509_FMT_DER);
-    if (ret >= 0) {
-        ret = gnutls_x509_crt_print(crt, GNUTLS_CRT_PRINT_FULL, &out);
-        assert(ret >= 0);
-        gnutls_free(out.data);
-    }
-
-    gnutls_x509_crt_deinit(crt);
-    return 0;
-}