From f37def57b089a884df51072cb24e830701ecbeaa Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Fri, 23 Oct 2020 23:10:20 +0800
Subject: [PATCH] Move fuzzing code to fuzz/ subdirectory, improve Makefile.in

---
 Makefile.in                                   | 51 ++++++-------------
 configure.ac                                  |  1 +
 fuzz-common.c => fuzz/fuzz-common.c           |  0
 fuzz-harness.c => fuzz/fuzz-harness.c         |  0
 fuzz-hostkeys.c => fuzz/fuzz-hostkeys.c       |  0
 fuzz-wrapfd.c => fuzz/fuzz-wrapfd.c           |  0
 fuzzer-client.c => fuzz/fuzzer-client.c       |  0
 .../fuzzer-client_nomaths.c                   |  0
 .../fuzzer-kexcurve25519.c                    |  0
 fuzzer-kexdh.c => fuzz/fuzzer-kexdh.c         |  0
 fuzzer-kexecdh.c => fuzz/fuzzer-kexecdh.c     |  0
 fuzzer-preauth.c => fuzz/fuzzer-preauth.c     |  0
 .../fuzzer-preauth_nomaths.c                  |  0
 fuzzer-pubkey.c => fuzz/fuzzer-pubkey.c       |  0
 fuzzer-verify.c => fuzz/fuzzer-verify.c       |  0
 15 files changed, 17 insertions(+), 35 deletions(-)
 rename fuzz-common.c => fuzz/fuzz-common.c (100%)
 rename fuzz-harness.c => fuzz/fuzz-harness.c (100%)
 rename fuzz-hostkeys.c => fuzz/fuzz-hostkeys.c (100%)
 rename fuzz-wrapfd.c => fuzz/fuzz-wrapfd.c (100%)
 rename fuzzer-client.c => fuzz/fuzzer-client.c (100%)
 rename fuzzer-client_nomaths.c => fuzz/fuzzer-client_nomaths.c (100%)
 rename fuzzer-kexcurve25519.c => fuzz/fuzzer-kexcurve25519.c (100%)
 rename fuzzer-kexdh.c => fuzz/fuzzer-kexdh.c (100%)
 rename fuzzer-kexecdh.c => fuzz/fuzzer-kexecdh.c (100%)
 rename fuzzer-preauth.c => fuzz/fuzzer-preauth.c (100%)
 rename fuzzer-preauth_nomaths.c => fuzz/fuzzer-preauth_nomaths.c (100%)
 rename fuzzer-pubkey.c => fuzz/fuzzer-pubkey.c (100%)
 rename fuzzer-verify.c => fuzz/fuzzer-verify.c (100%)

diff --git a/Makefile.in b/Makefile.in
index 182cb42..42a142c 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -62,7 +62,7 @@ CONVERTOBJS=dropbearconvert.o keyimport.o
 SCPOBJS=scp.o progressmeter.o atomicio.o scpmisc.o compat.o
 
 ifeq (@DROPBEAR_FUZZ@, 1)
-	allobjs = $(COMMONOBJS) fuzz-common.o  fuzz-wrapfd.o $(CLISVROBJS) $(CLIOBJS) $(SVROBJS) @CRYPTLIB@
+	allobjs = $(COMMONOBJS) fuzz/fuzz-common.o  fuzz/fuzz-wrapfd.o $(CLISVROBJS) $(CLIOBJS) $(SVROBJS) @CRYPTLIB@
 	allobjs:=$(subst svr-main.o, ,$(allobjs))
 	allobjs:=$(subst cli-main.o, ,$(allobjs))
 
@@ -72,6 +72,7 @@ ifeq (@DROPBEAR_FUZZ@, 1)
 	dropbearconvertobjs=$(allobjs) $(CONVERTOBJS)
 	# CXX only set when fuzzing
 	CXX=@CXX@
+	FUZZ_CLEAN=fuzz-clean
 else
 	dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS)
 	dbclientobjs=$(COMMONOBJS) $(CLISVROBJS) $(CLIOBJS)
@@ -246,7 +247,7 @@ ltm-clean:
 sizes: dropbear
 	objdump -t dropbear|grep ".text"|cut -d "." -f 2|sort -rn
 
-clean: $(LIBTOM_CLEAN) thisclean
+clean: $(LIBTOM_CLEAN) $(FUZZ_CLEAN) thisclean
 
 thisclean:
 	-rm -f dropbear$(EXEEXT) dbclient$(EXEEXT) dropbearkey$(EXEEXT) \
@@ -271,47 +272,24 @@ FUZZ_TARGETS=fuzzer-preauth fuzzer-pubkey fuzzer-verify fuzzer-preauth_nomaths \
 	fuzzer-kexdh fuzzer-kexecdh fuzzer-kexcurve25519 fuzzer-client fuzzer-client_nomaths
 
 FUZZER_OPTIONS = $(addsuffix .options, $(FUZZ_TARGETS))
+FUZZ_OBJS = $(addprefix fuzz/,$(addsuffix .o,$(FUZZ_TARGETS)))
 
 list-fuzz-targets:
 	@echo $(FUZZ_TARGETS)
 
 # fuzzers that don't use libfuzzer, just a standalone harness that feeds inputs
-fuzzstandalone: FUZZLIB=fuzz-harness.o
-fuzzstandalone: fuzz-harness.o fuzz-targets
+fuzzstandalone: FUZZLIB=fuzz/fuzz-harness.o
+fuzzstandalone: fuzz/fuzz-harness.o fuzz-targets
 
-fuzz-harness.o: $(HEADERS) $(LIBTOM_DEPS) Makefile $(allobjs) fuzz-common.o
-
-# build all the fuzzers. This will require fail to link unless built with
-# make fuzz-targets FUZZLIB=-lFuzzer.a 
-# or similar - the library provides main().
+# Build all the fuzzers. Usually like
+#   make fuzz-targets FUZZLIB=-lFuzzer.a 
+# the library provides main(). Otherwise
+#   make fuzzstandalone
+# provides a main in fuzz-harness.c
 fuzz-targets: $(FUZZ_TARGETS) $(FUZZER_OPTIONS)
 
-fuzzer-preauth: fuzzer-preauth.o fuzz-harness.o
-	$(CXX) $(CXXFLAGS) $@.o $(LDFLAGS) $(allobjs) -o $@$(EXEEXT) $(LIBTOM_LIBS) $(LIBS) $(FUZZLIB) @CRYPTLIB@
-
-fuzzer-preauth_nomaths: fuzzer-preauth_nomaths.o fuzz-harness.o
-	$(CXX) $(CXXFLAGS) $@.o $(LDFLAGS) $(allobjs) -o $@$(EXEEXT) $(LIBTOM_LIBS) $(LIBS) $(FUZZLIB) @CRYPTLIB@
-
-fuzzer-pubkey: fuzzer-pubkey.o fuzz-harness.o
-	$(CXX) $(CXXFLAGS) $@.o $(LDFLAGS) $(allobjs) -o $@$(EXEEXT) $(LIBTOM_LIBS) $(LIBS) $(FUZZLIB) @CRYPTLIB@
-
-fuzzer-verify: fuzzer-verify.o fuzz-harness.o
-	$(CXX) $(CXXFLAGS) $@.o $(LDFLAGS) $(allobjs) -o $@$(EXEEXT) $(LIBTOM_LIBS) $(LIBS) $(FUZZLIB) @CRYPTLIB@
-
-fuzzer-kexdh: fuzzer-kexdh.o fuzz-harness.o
-	$(CXX) $(CXXFLAGS) $@.o $(LDFLAGS) $(allobjs) -o $@$(EXEEXT) $(LIBTOM_LIBS) $(LIBS) $(FUZZLIB) @CRYPTLIB@
-
-fuzzer-kexecdh: fuzzer-kexecdh.o fuzz-harness.o
-	$(CXX) $(CXXFLAGS) $@.o $(LDFLAGS) $(allobjs) -o $@$(EXEEXT) $(LIBTOM_LIBS) $(LIBS) $(FUZZLIB) @CRYPTLIB@
-
-fuzzer-kexcurve25519: fuzzer-kexcurve25519.o fuzz-harness.o
-	$(CXX) $(CXXFLAGS) $@.o $(LDFLAGS) $(allobjs) -o $@$(EXEEXT) $(LIBTOM_LIBS) $(LIBS) $(FUZZLIB) @CRYPTLIB@
-
-fuzzer-client: fuzzer-client.o fuzz-harness.o
-	$(CXX) $(CXXFLAGS) $@.o $(LDFLAGS) $(allobjs) -o $@$(EXEEXT) $(LIBTOM_LIBS) $(LIBS) $(FUZZLIB) @CRYPTLIB@
-
-fuzzer-client_nomaths: fuzzer-client_nomaths.o fuzz-harness.o
-	$(CXX) $(CXXFLAGS) $@.o $(LDFLAGS) $(allobjs) -o $@$(EXEEXT) $(LIBTOM_LIBS) $(LIBS) $(FUZZLIB) @CRYPTLIB@
+$(FUZZ_TARGETS): $(FUZZ_OBJS) $(allobjs) $(LIBTOM_DEPS) 
+	$(CXX) $(CXXFLAGS) fuzz/$@.o $(LDFLAGS) $(allobjs) -o $@$(EXEEXT) $(LIBTOM_LIBS) $(LIBS) $(FUZZLIB) -lcrypt
 
 fuzzer-%.options: Makefile
 	echo "[libfuzzer]"               > $@
@@ -329,3 +307,6 @@ fuzz-hostkeys:
 	/usr/bin/xxd -i -a keye >> hostkeys.c
 	/usr/bin/xxd -i -a keyd >> hostkeys.c
 	/usr/bin/xxd -i -a keyed25519 >> hostkeys.c
+
+fuzz-clean:
+	-rm -f fuzz/*.o $(FUZZ_TARGETS) $(FUZZER_OPTIONS)
diff --git a/configure.ac b/configure.ac
index 473cea5..8f552a8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -347,6 +347,7 @@ AC_ARG_ENABLE(fuzz,
             DROPBEAR_FUZZ=1
             # libfuzzer needs linking with c++ libraries
             AC_PROG_CXX
+			mkdir -pv fuzz
         else
             AC_DEFINE(DROPBEAR_FUZZ, 0, Fuzzing)
             AC_MSG_NOTICE(Disabling fuzzing)
diff --git a/fuzz-common.c b/fuzz/fuzz-common.c
similarity index 100%
rename from fuzz-common.c
rename to fuzz/fuzz-common.c
diff --git a/fuzz-harness.c b/fuzz/fuzz-harness.c
similarity index 100%
rename from fuzz-harness.c
rename to fuzz/fuzz-harness.c
diff --git a/fuzz-hostkeys.c b/fuzz/fuzz-hostkeys.c
similarity index 100%
rename from fuzz-hostkeys.c
rename to fuzz/fuzz-hostkeys.c
diff --git a/fuzz-wrapfd.c b/fuzz/fuzz-wrapfd.c
similarity index 100%
rename from fuzz-wrapfd.c
rename to fuzz/fuzz-wrapfd.c
diff --git a/fuzzer-client.c b/fuzz/fuzzer-client.c
similarity index 100%
rename from fuzzer-client.c
rename to fuzz/fuzzer-client.c
diff --git a/fuzzer-client_nomaths.c b/fuzz/fuzzer-client_nomaths.c
similarity index 100%
rename from fuzzer-client_nomaths.c
rename to fuzz/fuzzer-client_nomaths.c
diff --git a/fuzzer-kexcurve25519.c b/fuzz/fuzzer-kexcurve25519.c
similarity index 100%
rename from fuzzer-kexcurve25519.c
rename to fuzz/fuzzer-kexcurve25519.c
diff --git a/fuzzer-kexdh.c b/fuzz/fuzzer-kexdh.c
similarity index 100%
rename from fuzzer-kexdh.c
rename to fuzz/fuzzer-kexdh.c
diff --git a/fuzzer-kexecdh.c b/fuzz/fuzzer-kexecdh.c
similarity index 100%
rename from fuzzer-kexecdh.c
rename to fuzz/fuzzer-kexecdh.c
diff --git a/fuzzer-preauth.c b/fuzz/fuzzer-preauth.c
similarity index 100%
rename from fuzzer-preauth.c
rename to fuzz/fuzzer-preauth.c
diff --git a/fuzzer-preauth_nomaths.c b/fuzz/fuzzer-preauth_nomaths.c
similarity index 100%
rename from fuzzer-preauth_nomaths.c
rename to fuzz/fuzzer-preauth_nomaths.c
diff --git a/fuzzer-pubkey.c b/fuzz/fuzzer-pubkey.c
similarity index 100%
rename from fuzzer-pubkey.c
rename to fuzz/fuzzer-pubkey.c
diff --git a/fuzzer-verify.c b/fuzz/fuzzer-verify.c
similarity index 100%
rename from fuzzer-verify.c
rename to fuzz/fuzzer-verify.c