fuzzing: add new fuzzer for fuzzing multiple types at once

* added fuzz target 'crypt2_load_ondisk_fuzz' that tries to load fuzz input as LUKS1, FileVault2, BitLocker in that order.
* added dictionary for this fuzz target
* added fuzz target to relevant files

tests/fuzz/Makefile.am

@@ -3,6 +3,7 @@ dist_noinst_DATA = \
 	LUKS2.proto \
 	LUKS2_plain_JSON.proto \
 	crypt2_load_fuzz.dict \
+	crypt2_load_ondisk_fuzz.dict \
 	crypt2_load_proto_plain_json_fuzz.dict
 CLEANFILES = \
 	LUKS2.pb.h \
@@ -23,6 +24,11 @@ crypt2_load_fuzz_LDADD  = ../../libcryptsetup.la ../../libcrypto_backend.la -L$(
 crypt2_load_fuzz_LDFLAGS = $(AM_LDFLAGS) $(LIB_FUZZING_ENGINE) $(SANITIZER)
 crypt2_load_fuzz_CXXFLAGS = $(AM_CXXFLAGS) -I$(top_srcdir)/lib -I$(top_srcdir)/tests/fuzz
 
+crypt2_load_ondisk_fuzz_SOURCES = FuzzerInterface.h crypt2_load_ondisk_fuzz.cc
+crypt2_load_ondisk_fuzz_LDADD  = ../../libcryptsetup.la -L$(DEPS_PATH)/lib
+crypt2_load_ondisk_fuzz_LDFLAGS = $(AM_LDFLAGS) $(LIB_FUZZING_ENGINE) $(SANITIZER)
+crypt2_load_ondisk_fuzz_CXXFLAGS = $(AM_CXXFLAGS) -I$(top_srcdir)/lib -I$(top_srcdir)/tests/fuzz
+
 test-environment-m:
 	@ if test ! -d $(DEPS_PATH); then \
 		echo "You need to build static libraries first; use oss-fuzz-build.sh script."; \
@@ -104,6 +110,7 @@ plain_json_proto_to_luks2_CXXFLAGS = $(AM_CXXFLAGS) \
 if ENABLE_FUZZ_TARGETS
 noinst_PROGRAMS = \
 	crypt2_load_fuzz \
+	crypt2_load_ondisk_fuzz \
 	crypt2_load_proto_fuzz \
 	crypt2_load_proto_plain_json_fuzz \
 	proto_to_luks2 \

tests/fuzz/crypt2_load_ondisk_fuzz.cc

@@ -0,0 +1,64 @@
+/*
+ * cryptsetup LUKS1, FileVault, BitLocker fuzz target
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+extern "C" {
+#define FILESIZE (16777216)
+#include "src/cryptsetup.h"
+#include <err.h>
+#include "luks1/luks.h"
+#include "crypto_backend/crypto_backend.h"
+#include "FuzzerInterface.h"
+
+void empty_log(int level, const char *msg, void *usrptr) {}
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+	int fd, r;
+	struct crypt_device *cd = NULL;
+	char name[] = "/tmp/test-script-fuzz.XXXXXX";
+
+	fd = mkostemp(name, O_RDWR | O_CREAT | O_EXCL | O_CLOEXEC);
+	if (fd == -1)
+		err(EXIT_FAILURE, "mkostemp() failed");
+
+	/* enlarge header */
+	if (ftruncate(fd, FILESIZE) == -1)
+		goto out;
+
+	if (write_buffer(fd, data, size) != (ssize_t) size)
+		goto out;
+
+	crypt_set_log_callback(NULL, empty_log, NULL);
+
+	if (crypt_init(&cd, name) == 0) {
+		r = crypt_load(cd, CRYPT_LUKS1, NULL);
+		if (r == 0)
+			goto out;
+
+		r = crypt_load(cd, CRYPT_FVAULT2, NULL);
+		if (r == 0)
+			goto out;
+
+		(void) crypt_load(cd, CRYPT_BITLK, NULL);
+	}
+out:
+	crypt_free(cd);
+	close(fd);
+	unlink(name);
+	return 0;
+}
+}

tests/fuzz/crypt2_load_ondisk_fuzz.dict

@@ -0,0 +1,9 @@
+"aegis128-random"
+"aes-cbc:essiv:sha256"
+"aes-xts-plain64"
+"aes-lrv-plain64"
+"twofish-xts-plain64"
+"serpent-xts-plain64"
+"whirpool"
+"sha256"
+"sha1"

tests/fuzz/oss-fuzz-build.sh

@@ -29,7 +29,7 @@ export CFLAGS="${CFLAGS:-$flags} -I$DEPS_PATH/include"
 export CXXFLAGS="${CXXFLAGS:-$flags} -I$DEPS_PATH/include"
 export LDFLAGS="${LDFLAGS-} -L$DEPS_PATH/lib"
 
-ENABLED_FUZZERS=${ENABLED_FUZZERS:-crypt2_load_fuzz crypt2_load_proto_plain_json_fuzz}
+ENABLED_FUZZERS=${ENABLED_FUZZERS:-crypt2_load_fuzz crypt2_load_ondisk_fuzz crypt2_load_proto_plain_json_fuzz}
 
 mkdir -p $SRC
 mkdir -p $OUT