mirror of https://github.com/google/oss-fuzz.git
[gnupg] Gnupg integration (#1310)
* Integrating GnuPG with oss-fuzz * Building and running fuzz_verify for gnupg * Add fuzz_import for gnupg * Adding seed corpus for fuzz import and fuzz target decrypt * Automatically generated corpuses
This commit is contained in:
Catena cyber
Max Moroz
parent
1194bc1464
commit
13aca53072
|
|
@ -0,0 +1,32 @@
|
|||
# Copyright 2018 Google Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
################################################################################
|
||||
|
||||
FROM gcr.io/oss-fuzz-base/base-builder
|
||||
MAINTAINER info@g10code.com
|
||||
RUN apt-get update && apt-get install -y make autoconf automake libtool gettext bzip2 gnupg
|
||||
|
||||
#wait for zesty, or backport ?
|
||||
RUN curl -O https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.28.tar.bz2
|
||||
RUN curl -O https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.8.2.tar.bz2
|
||||
RUN curl -O https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.1.tar.bz2
|
||||
RUN curl -O https://www.gnupg.org/ftp/gcrypt/libksba/libksba-1.3.5.tar.bz2
|
||||
RUN curl -O https://www.gnupg.org/ftp/gcrypt/npth/npth-1.5.tar.bz2
|
||||
|
||||
#TODO change when merged into master branch of official repo
|
||||
RUN git clone --depth 1 --branch fuzz https://github.com/catenacyber/gnupg.git gnupg
|
||||
|
||||
WORKDIR gnupg
|
||||
COPY build.sh $SRC/
|
||||
|
|
@ -0,0 +1,75 @@
|
|||
#!/bin/bash -eu
|
||||
# Copyright 2018 Google Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
################################################################################
|
||||
|
||||
#compile and link statically dependencies
|
||||
cd ..
|
||||
tar -xvf libgpg-error-1.28.tar.bz2
|
||||
cd libgpg-error-1.28
|
||||
./configure --enable-static --disable-shared
|
||||
make
|
||||
make install
|
||||
cd ..
|
||||
tar -xvf libgcrypt-1.8.2.tar.bz2
|
||||
cd libgcrypt-1.8.2
|
||||
./configure --enable-static --disable-shared
|
||||
make
|
||||
make install
|
||||
cd ..
|
||||
tar -xvf libassuan-2.5.1.tar.bz2
|
||||
cd libassuan-2.5.1
|
||||
./configure --enable-static --disable-shared
|
||||
make
|
||||
make install
|
||||
cd ..
|
||||
tar -xvf libksba-1.3.5.tar.bz2
|
||||
cd libksba-1.3.5
|
||||
./configure --enable-static --disable-shared
|
||||
make
|
||||
make install
|
||||
cd ..
|
||||
tar -xvf npth-1.5.tar.bz2
|
||||
cd npth-1.5
|
||||
./configure --enable-static --disable-shared
|
||||
make
|
||||
make install
|
||||
cd ..
|
||||
|
||||
|
||||
# build project
|
||||
cd gnupg
|
||||
./autogen.sh
|
||||
./configure --disable-doc --enable-maintainer-mode
|
||||
make -j$(nproc) all
|
||||
|
||||
# build fuzzers
|
||||
cd tests/fuzz
|
||||
#export other associated stuff
|
||||
cp *.options $OUT/
|
||||
cp fuzz_*_seed_corpus.zip $OUT/
|
||||
|
||||
$CC $CFLAGS -DHAVE_CONFIG_H -I. -I../.. -I../../common -I../../g10 -c fuzz_verify.c -o fuzz_verify.o
|
||||
|
||||
$CXX $CXXFLAGS -std=c++11 -DHAVE_CONFIG_H fuzz_verify.o -o $OUT/fuzz_verify ../../g10/libgpg.a ../../kbx/libkeybox.a ../../common/libcommon.a ../../common/libgpgrl.a -lFuzzingEngine -lgcrypt -lgpg-error -lassuan
|
||||
|
||||
|
||||
$CC $CFLAGS -DHAVE_CONFIG_H -I. -I../.. -I../../common -I../../g10 -c fuzz_import.c -o fuzz_import.o
|
||||
|
||||
$CXX $CXXFLAGS -std=c++11 -DHAVE_CONFIG_H fuzz_import.o -o $OUT/fuzz_import ../../g10/libgpg.a ../../kbx/libkeybox.a ../../common/libcommon.a ../../common/libgpgrl.a -lFuzzingEngine -lgcrypt -lgpg-error -lassuan
|
||||
|
||||
$CC $CFLAGS -DHAVE_CONFIG_H -I. -I../.. -I../../common -I../../g10 -c fuzz_decrypt.c -o fuzz_decrypt.o
|
||||
|
||||
$CXX $CXXFLAGS -std=c++11 -DHAVE_CONFIG_H fuzz_decrypt.o -o $OUT/fuzz_decrypt ../../g10/libgpg.a ../../kbx/libkeybox.a ../../common/libcommon.a ../../common/libgpgrl.a -lFuzzingEngine -lgcrypt -lgpg-error -lassuan
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
homepage: "https://www.gnupg.org"
|
||||
primary_contact: "info@g10code.com"
|
||||
auto_ccs : "p.antoine@catenacyber.fr"
|
||||
Loading…
Reference in New Issue