This patch switches code to SPDX one-line license identifiers according to
https://spdx.dev/learn/handling-license-info/
and replacing long license text headers.
I used C++ format on the first line in style
// SPDX-License-Identifier: <id>
except exported libcryptsetup.h, when only C comments are used.
The only additional changes are:
- switch backend utf8.c from LGPL2+ to LGPL2.1+ (as in systemd)
- add some additional formatting lines.
The crypt2_load_fuzz fuzzer needs to calculate LUKS2 header checksum
to speed up fuzzing. Currently we incorrectly touch const data input.
This patch
- calculates only primary LUKS2 header checksum (ignores secondary header)
- uses temporary struct for modified data
- keps fuzzer going even with original data if checksum calc fails.
Hopefully solves unknown write issue in fuzzer (not real utils) on oss-fuzz.
The scrip for building dependencies statically still builds popt as a
shared library. The libdevmapper library is installed manually, but
incorrectly (libdevmapper.pc is installed, but it should be
devmapper.pc).
Patch libprotobuf-mutator to unpoison buffers obtained from libfuzzer
via LLVMFuzzerMutate. This is required as libfuzzer is usually not
compiled with memory sanitizer support (not even in OSS-Fuzz project,
see https://github.com/google/oss-fuzz/issues/864). Therefore, we
manually mark the buffer as initialized using __msan_unpoison.
Fixes OSS-fuzz bug 52541, 52543 and 52533.
* added fuzz target 'crypt2_load_ondisk_fuzz' that tries to load fuzz input as LUKS1, FileVault2, BitLocker in that order.
* added dictionary for this fuzz target
* added fuzz target to relevant files
- Do not require any libraries installed, download everything
from upstream git, statically compile (use include, libs and pkg-config
from local directory under tests/fuzz).
Script should work both from OSS-Fuzz and locally.
- Do not require local protobuf (only staticallly compiled, see above).
- Add README.md (TBD, still not finished).
- Fix make dist and distcheck.
- Remove common.[ch] as we can use internal function.
This makes fuzzers also C++ only (remove CFLAGS from Makefile).
