From 1ea634a278e03d3dfd58ac444449c21ee1ba7784 Mon Sep 17 00:00:00 2001
From: Guido Vranken <guidovranken@users.noreply.github.com>
Date: Thu, 18 Apr 2019 22:07:09 +0200
Subject: [PATCH] Cryptofuzz fixes (#2337)

* [cryptofuzz] Use latest OpenSSL version

This is a workaround for an issue OpenSSL's build system is currently
having. I've appended || true to the build command so failure is not
signaled to the Docker process running the build script, and the build
is not aborted.

Multithreaded compiling has been removed temporarily to avoid a race
condition that causes the make procedure to abort before libcrypto.a
has been compiled.

* [cryptofuzz] Build against LIB_FUZZING_ENGINE_DEPRECATED to prevent crashes
---
 projects/cryptofuzz/Dockerfile |  7 +------
 projects/cryptofuzz/build.sh   | 17 ++++++++++-------
 2 files changed, 11 insertions(+), 13 deletions(-)

diff --git a/projects/cryptofuzz/Dockerfile b/projects/cryptofuzz/Dockerfile
index b6e69d1fe..a60b1e449 100644
--- a/projects/cryptofuzz/Dockerfile
+++ b/projects/cryptofuzz/Dockerfile
@@ -25,12 +25,7 @@ RUN ln -s /usr/lib/go-1.9/bin/go /usr/bin/go
 
 RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz
 RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz-corpora
-RUN git clone https://github.com/openssl/openssl
-
-# The OpenSSL build system is currently broken, see also: https://github.com/google/oss-fuzz/issues/2314
-# Lock OpenSSL to an older commit that does not cause build problems.
-# This should be removed as soon as OpenSSL's build system is repaired.
-RUN cd openssl && git checkout 9efa0ae0b602c1c0e356009a58410a2e8b80201a
+RUN git clone --depth 1 https://github.com/openssl/openssl
 
 RUN git clone --depth 1 https://boringssl.googlesource.com/boringssl
 RUN git clone --depth 1 https://github.com/libressl-portable/portable libressl
diff --git a/projects/cryptofuzz/build.sh b/projects/cryptofuzz/build.sh
index 71192bc1a..6630b057f 100755
--- a/projects/cryptofuzz/build.sh
+++ b/projects/cryptofuzz/build.sh
@@ -15,6 +15,9 @@
 #
 ################################################################################
 
+# TODO(metzman): Switch this to LIB_FUZZING_ENGINE when it works.
+# https://github.com/google/oss-fuzz/issues/2336
+
 # Generate lookup tables. This only needs to be done once.
 cd $SRC/cryptofuzz
 python gen_repository.py
@@ -43,7 +46,7 @@ then
 
     # Compile Cryptofuzz
     cd $SRC/cryptofuzz
-    LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/libressl/include -DCRYPTOFUZZ_LIBRESSL" make -B -j$(nproc)
+    LIBFUZZER_LINK="$LIB_FUZZING_ENGINE_DEPRECATED" CXXFLAGS="$CXXFLAGS -I $SRC/libressl/include -DCRYPTOFUZZ_LIBRESSL" make -B -j$(nproc)
 
     # Generate dictionary
     ./generate_dict
@@ -62,7 +65,7 @@ then
     # Compile Openssl (with assembly)
     cd $SRC/openssl
     ./config --debug enable-md2 enable-rc5
-    make -j$(nproc)
+    make || true
 
     # Compile Cryptofuzz OpenSSL (with assembly) module
     cd $SRC/cryptofuzz/modules/openssl
@@ -70,7 +73,7 @@ then
 
     # Compile Cryptofuzz
     cd $SRC/cryptofuzz
-    LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc)
+    LIBFUZZER_LINK="$LIB_FUZZING_ENGINE_DEPRECATED" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc)
 
     # Generate dictionary
     ./generate_dict
@@ -88,7 +91,7 @@ fi
 cd $SRC/openssl
 ./config --debug no-asm enable-md2 enable-rc5
 make clean
-make -j$(nproc)
+make || true
 
 # Compile Cryptofuzz OpenSSL (without assembly) module
 cd $SRC/cryptofuzz/modules/openssl
@@ -96,7 +99,7 @@ OPENSSL_INCLUDE_PATH="$SRC/openssl/include" OPENSSL_LIBCRYPTO_A_PATH="$SRC/opens
 
 # Compile Cryptofuzz
 cd $SRC/cryptofuzz
-LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc)
+LIBFUZZER_LINK="$LIB_FUZZING_ENGINE_DEPRECATED" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc)
 
 # Generate dictionary
 ./generate_dict
@@ -124,7 +127,7 @@ then
 
     # Compile Cryptofuzz
     cd $SRC/cryptofuzz
-    LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc)
+    LIBFUZZER_LINK="$LIB_FUZZING_ENGINE_DEPRECATED" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc)
 
     # Generate dictionary
     ./generate_dict
@@ -151,7 +154,7 @@ OPENSSL_INCLUDE_PATH="$SRC/boringssl/include" OPENSSL_LIBCRYPTO_A_PATH="$SRC/bor
 
 # Compile Cryptofuzz
 cd $SRC/cryptofuzz
-LIBFUZZER_LINK="$LIB_FUZZING_ENGINE" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc)
+LIBFUZZER_LINK="$LIB_FUZZING_ENGINE_DEPRECATED" CXXFLAGS="$CXXFLAGS -I $SRC/openssl/include" make -B -j$(nproc)
 
 # Generate dictionary
 ./generate_dict