diff --git a/projects/bignum-fuzzer/Dockerfile b/projects/bignum-fuzzer/Dockerfile index 99c597f2f..f09b883b9 100644 --- a/projects/bignum-fuzzer/Dockerfile +++ b/projects/bignum-fuzzer/Dockerfile @@ -15,7 +15,7 @@ ################################################################################ FROM gcr.io/oss-fuzz-base/base-builder -RUN apt-get update && apt-get install -y software-properties-common curl sudo mercurial autoconf bison texinfo libboost-all-dev cmake wget +RUN apt-get update && apt-get install -y software-properties-common curl sudo mercurial autoconf bison texinfo libboost-all-dev cmake wget lzip RUN wget https://go.dev/dl/go1.17.5.linux-amd64.tar.gz && rm -rf /usr/local/go && tar -C /usr/local -xzf go1.17.5.linux-amd64.tar.gz && ldconfig ENV PATH=$PATH:/usr/local/go/bin @@ -32,5 +32,7 @@ RUN wget https://www.bytereef.org/software/mpdecimal/releases/mpdecimal-2.5.1.ta RUN git clone --depth 1 https://github.com/guidovranken/bignum-fuzzer RUN git clone --depth 1 https://github.com/openssl/openssl RUN git clone https://boringssl.googlesource.com/boringssl -RUN hg clone https://gmplib.org/repo/gmp/ libgmp/ +#RUN hg clone https://gmplib.org/repo/gmp/ libgmp/ +RUN wget --no-check-certificate https://gmplib.org/download/gmp/gmp-6.2.1.tar.lz +RUN test "$(sha256sum gmp-6.2.1.tar.lz)" = "2c7f4f0d370801b2849c48c9ef3f59553b5f1d3791d070cffb04599f9fc67b41 gmp-6.2.1.tar.lz" COPY build.sh $SRC/ diff --git a/projects/bignum-fuzzer/build.sh b/projects/bignum-fuzzer/build.sh index 737120006..a97059d41 100755 --- a/projects/bignum-fuzzer/build.sh +++ b/projects/bignum-fuzzer/build.sh @@ -15,6 +15,10 @@ # ################################################################################ +cd $SRC/ +tar --lzip -xvf gmp-6.2.1.tar.lz +mv $SRC/gmp-6.2.1/ $SRC/libgmp/ + # Install Rust nightly #curl https://sh.rustup.rs -sSf | sh -s -- -y #source $HOME/.cargo/env diff --git a/projects/bls-signatures/Dockerfile b/projects/bls-signatures/Dockerfile index 46c823f0a..aeaaf43cb 100644 --- a/projects/bls-signatures/Dockerfile +++ b/projects/bls-signatures/Dockerfile @@ -22,7 +22,8 @@ RUN git clone --depth 1 https://github.com/Chia-Network/bls-signatures.git RUN git clone --depth 1 https://github.com/herumi/mcl.git RUN git clone --depth 1 https://github.com/randombit/botan.git RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.74.0/source/boost_1_74_0.tar.bz2 -RUN wget https://gmplib.org/download/gmp/gmp-6.2.1.tar.lz +RUN wget --no-check-certificate https://gmplib.org/download/gmp/gmp-6.2.1.tar.lz +RUN test "$(sha256sum gmp-6.2.1.tar.lz)" = "2c7f4f0d370801b2849c48c9ef3f59553b5f1d3791d070cffb04599f9fc67b41 gmp-6.2.1.tar.lz" RUN wget https://download.libsodium.org/libsodium/releases/libsodium-1.0.18-stable.tar.gz COPY build.sh $SRC/ # This is to fix Fuzz Introspector build by using LLVM old pass manager diff --git a/projects/cryptofuzz/Dockerfile b/projects/cryptofuzz/Dockerfile index a19d9ce4c..800b34525 100644 --- a/projects/cryptofuzz/Dockerfile +++ b/projects/cryptofuzz/Dockerfile @@ -21,7 +21,7 @@ ENV PATH $PATH:/root/.go/bin:$GOPATH/bin RUN install_go.sh RUN apt-get update && \ - apt-get install -y software-properties-common wget make autoconf automake libtool build-essential cmake mercurial gyp ninja-build zlib1g-dev libsqlite3-dev bison flex texinfo + apt-get install -y software-properties-common wget make autoconf automake libtool build-essential cmake mercurial gyp ninja-build zlib1g-dev libsqlite3-dev bison flex texinfo lzip RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz-corpora @@ -40,7 +40,9 @@ RUN hg clone https://hg.mozilla.org/projects/nss RUN git clone --depth 1 https://github.com/jedisct1/libsodium.git RUN git clone --depth 1 https://github.com/libtom/libtomcrypt.git RUN git clone --depth 1 https://github.com/microsoft/SymCrypt.git -RUN hg clone https://gmplib.org/repo/gmp/ libgmp/ +#RUN hg clone https://gmplib.org/repo/gmp/ libgmp/ +RUN wget --no-check-certificate https://gmplib.org/download/gmp/gmp-6.2.1.tar.lz +RUN test "$(sha256sum gmp-6.2.1.tar.lz)" = "2c7f4f0d370801b2849c48c9ef3f59553b5f1d3791d070cffb04599f9fc67b41 gmp-6.2.1.tar.lz" RUN wget https://www.bytereef.org/software/mpdecimal/releases/mpdecimal-2.5.1.tar.gz RUN git clone --depth 1 https://github.com/indutny/bn.js.git RUN git clone --depth 1 https://github.com/MikeMcl/bignumber.js.git diff --git a/projects/cryptofuzz/build.sh b/projects/cryptofuzz/build.sh index ac3827c5e..635001c73 100755 --- a/projects/cryptofuzz/build.sh +++ b/projects/cryptofuzz/build.sh @@ -15,6 +15,11 @@ # ################################################################################ +cd $SRC/ +tar --lzip -xvf gmp-6.2.1.tar.lz +mv $SRC/gmp-6.2.1/ $SRC/libgmp/ + + # TODO(metzman): Switch this to LIB_FUZZING_ENGINE when it works. # https://github.com/google/oss-fuzz/issues/2336 diff --git a/projects/libecc/Dockerfile b/projects/libecc/Dockerfile index 4d4543ca0..f211ac6a0 100644 --- a/projects/libecc/Dockerfile +++ b/projects/libecc/Dockerfile @@ -22,7 +22,8 @@ RUN git clone https://github.com/ANSSI-FR/libecc.git RUN git clone --depth 1 https://github.com/randombit/botan.git RUN git clone https://github.com/wolfssl/wolfssl RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz -RUN wget https://gmplib.org/download/gmp/gmp-6.2.1.tar.lz +RUN wget --no-check-certificate https://gmplib.org/download/gmp/gmp-6.2.1.tar.lz +RUN test "$(sha256sum gmp-6.2.1.tar.lz)" = "2c7f4f0d370801b2849c48c9ef3f59553b5f1d3791d070cffb04599f9fc67b41 gmp-6.2.1.tar.lz" RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.74.0/source/boost_1_74_0.tar.bz2 COPY build.sh $SRC/ # This is to fix Fuzz Introspector build by using LLVM old pass manager diff --git a/projects/libressl/Dockerfile b/projects/libressl/Dockerfile index 2e0ecbf88..e60aa47f0 100644 --- a/projects/libressl/Dockerfile +++ b/projects/libressl/Dockerfile @@ -24,7 +24,8 @@ RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz-corpora RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.74.0/source/boost_1_74_0.tar.bz2 RUN git clone --depth 1 https://github.com/randombit/botan.git -RUN wget https://gmplib.org/download/gmp/gmp-6.2.1.tar.lz +RUN wget --no-check-certificate https://gmplib.org/download/gmp/gmp-6.2.1.tar.lz +RUN test "$(sha256sum gmp-6.2.1.tar.lz)" = "2c7f4f0d370801b2849c48c9ef3f59553b5f1d3791d070cffb04599f9fc67b41 gmp-6.2.1.tar.lz" WORKDIR libressl RUN ./update.sh COPY build.sh *.options $SRC/ diff --git a/projects/nettle/Dockerfile b/projects/nettle/Dockerfile index cdce6435b..75f2835fa 100644 --- a/projects/nettle/Dockerfile +++ b/projects/nettle/Dockerfile @@ -23,7 +23,8 @@ RUN git clone --depth 1 https://github.com/randombit/botan.git RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz RUN git clone --depth 1 https://github.com/guidovranken/cryptofuzz-corpora RUN wget https://boostorg.jfrog.io/artifactory/main/release/1.74.0/source/boost_1_74_0.tar.bz2 -RUN wget https://gmplib.org/download/gmp/gmp-6.2.0.tar.lz +RUN wget --no-check-certificate https://gmplib.org/download/gmp/gmp-6.2.1.tar.lz +RUN test "$(sha256sum gmp-6.2.1.tar.lz)" = "2c7f4f0d370801b2849c48c9ef3f59553b5f1d3791d070cffb04599f9fc67b41 gmp-6.2.1.tar.lz" COPY build.sh $SRC/ # This is to fix Fuzz Introspector build by using LLVM old pass manager # re https://github.com/ossf/fuzz-introspector/issues/305 diff --git a/projects/nettle/build.sh b/projects/nettle/build.sh index e10c5d7e0..578c1d5b3 100755 --- a/projects/nettle/build.sh +++ b/projects/nettle/build.sh @@ -37,10 +37,10 @@ if [[ $CFLAGS != *sanitize=memory* ]] then # Compile libgmp cd $SRC/ - lzip -d gmp-6.2.0.tar.lz - tar xf gmp-6.2.0.tar + lzip -d gmp-6.2.1.tar.lz + tar xf gmp-6.2.1.tar - cd gmp-6.2.0/ + cd gmp-6.2.1/ autoreconf -ivf if [[ $CFLAGS != *-m32* ]] then