Fix various issues with libmicorhttpd2:

projects/libmicrohttpd2/Dockerfile

@@ -18,7 +18,7 @@ FROM gcr.io/oss-fuzz-base/base-builder:ubuntu-24-04
 RUN apt-get update && \
     apt-get install -y autoconf automake libtool pkg-config texinfo \
         gnutls-dev gnutls-bin
-RUN git clone https://git.gnunet.org/libmicrohttpd2.git mhd2
+RUN git clone git://git.gnunet.org/libmicrohttpd2.git mhd2
 WORKDIR mhd2
 COPY build.sh *.cpp *.h $SRC/
 COPY *.options *.dict $SRC/

projects/libmicrohttpd2/build.sh

@@ -18,9 +18,25 @@
 BINARY=$SRC/mhd2/src/mhd2/.libs/libmicrohttpd2.a
 
 # Build libmicrohttpd
+git pull
 ./autogen.sh
-./configure --enable-dauth --enable-md5 --enable-sha256 --enable-sha512-256 \
-  --enable-bauth --enable-upgrade --enable-https --enable-messages
+# Compile MHD with the SAME compiler used later.
+export CC=$CXX
+# Enable most features, force specific TLS library, and disable symbol hiding
+./configure \
+    --enable-dauth \
+    --enable-md5=builtin \
+    --enable-sha256=builtin \
+    --enable-sha512-256=builtin \
+    --enable-bauth \
+    --enable-upgrade \
+    --enable-https \
+    --without-openssl \
+    --enable-messages \
+    --disable-examples \
+    mhd_cv_cc_attr_visibility_default="no" \
+    mhd_cv_cc_attr_visibility_internal="no" \
+    mhd_cv_cc_attr_visibility_hidden="no"
 ASAN_OPTIONS=detect_leaks=0 make -j$(nproc)
 make install
 
@@ -47,9 +63,17 @@ for fuzzer in $FUZZERS; do
     $LIB_FUZZING_ENGINE "$BINARY" -lgnutls -o "$OUT/$fuzzer"
 done
 
-# Rebuild the binary for external crypto
+# Rebuild the binary for external crypto with libgcrypt
 ./autogen.sh
-./configure --enable-md5=tlslib --enable-sha256=tlslib --enable-sha512-256=builtin
+./configure \
+    --enable-md5=tlslib \
+    --enable-sha256=tlslib \
+    --enable-sha512-256=builtin \
+    --without-openssl \
+    --disable-examples \
+    mhd_cv_cc_attr_visibility_default="no" \
+    mhd_cv_cc_attr_visibility_internal="no" \
+    mhd_cv_cc_attr_visibility_hidden="no"
 make clean
 make -j$(nproc)
 make install

projects/libmicrohttpd2/connection_helper.cpp

@@ -17,16 +17,15 @@
 #include <cstring>
 #include <unordered_set>
 
-extern "C" {
-  #include "mhd_action.h"
-  #include "http_post_enc.h"
-  #include "mempool_funcs.h"
-  #include "daemon_funcs.h"
-  #include "post_parser_funcs.h"
-  #include "response_funcs.h"
-  #include "stream_process_request.h"
-  #include "stream_funcs.h"
-}
+#include "mhd_action.h"
+#include "http_post_enc.h"
+#include "mempool_funcs.h"
+#include "daemon_funcs.h"
+#include "post_parser_funcs.h"
+#include "response_funcs.h"
+#include "stream_process_request.h"
+#include "stream_funcs.h"
+
 
 // MHD memory pool
 struct mhd_MemoryPool *g_pool = nullptr;
@@ -365,7 +364,7 @@ void prepare_headers_and_parse(MHD_Connection& connection, size_t size) {
     struct MHD_String value;
     value.len  = vlen;
     value.cstr = vbuf;
-    mhd_stream_add_field(&connection, MHD_VK_HEADER, &name, &value);
+    mhd_stream_add_field(&connection.h1_stream, MHD_VK_HEADER, &name, &value);
   };
   add_hdr("Host", "fuzz");
   if ((size & 3u) == 0u) {

projects/libmicrohttpd2/connection_helper.h

@@ -16,13 +16,13 @@
 #include <string>
 #include "fuzzer/FuzzedDataProvider.h"
 
-extern "C" {
-  #include "microhttpd2.h"
-  #include "mhd_connection.h"
-  #include "mhd_daemon.h"
-  #include "mhd_post_parser.h"
-  #include "request_funcs.h"
-}
+#include "mhd_sys_options.h"
+#include "microhttpd2.h"
+#include "mhd_connection.h"
+#include "mhd_daemon.h"
+#include "mhd_post_parser.h"
+#include "request_funcs.h"
+
 
 extern struct mhd_MemoryPool *g_pool;
 extern const size_t g_pool_size;

projects/libmicrohttpd2/fuzz_connection.cpp

@@ -21,14 +21,14 @@
 
 #include "fuzzer/FuzzedDataProvider.h"
 #include "connection_helper.h"
+#include "conn_timeout.h"
+
+#include "daemon_funcs.h"
+#include "mempool_funcs.h"
+#include "post_parser_funcs.h"
+#include "stream_funcs.h"
+#include "stream_process_request.h"
 
-extern "C" {
-  #include "daemon_funcs.h"
-  #include "mempool_funcs.h"
-  #include "post_parser_funcs.h"
-  #include "stream_funcs.h"
-  #include "stream_process_request.h"
-}
 
 // Helper to fuzz mhd_stream_process_post_finish
 static void fuzz_mhd_stream_process_post_finish(MHD_Connection& connection, MHD_Daemon& daemon, const std::string& body) {

projects/libmicrohttpd2/fuzz_crypto_ext.cpp

@@ -20,10 +20,10 @@
 #include <algorithm>
 
 #include <fuzzer/FuzzedDataProvider.h>
-extern "C" {
-  #include "md5_ext.h"
-  #include "sha256_ext.h"
-}
+
+#include "md5_ext.h"
+#include "sha256_ext.h"
+
 
 // Fuzzing target function pointer types for the enternal hash APIs
 template <typename HashType> using InitOnceFn = void (*)(HashType*);

projects/libmicrohttpd2/fuzz_crypto_int.cpp

@@ -20,11 +20,11 @@
 #include <algorithm>
 
 #include <fuzzer/FuzzedDataProvider.h>
-extern "C" {
-  #include "md5_int.h"
-  #include "sha256_int.h"
-  #include "sha512_256_int.h"
-}
+
+#include "md5_int.h"
+#include "sha256_int.h"
+#include "sha512_256_int.h"
+
 
 // Fuzzing target function pointer types for the internal hash APIs
 template <typename HashType> using InitFn   = void (*)(HashType*);

projects/libmicrohttpd2/fuzz_daemon_connection.cpp

@@ -22,13 +22,12 @@
 #include "fuzzer/FuzzedDataProvider.h"
 #include "connection_helper.h"
 
-extern "C" {
-  #include "conn_tls_check.h"
-  #include "mempool_funcs.h"
-  #include "mhd_send.h"
-  #include "stream_process_request.h"
-  #include "stream_process_states.h"
-}
+#include "conn_tls_check.h"
+#include "mempool_funcs.h"
+#include "mhd_send.h"
+#include "stream_process_request.h"
+#include "stream_process_states.h"
+
 
 // Initialising the memory pool
 extern "C" int LLVMFuzzerInitialize() {
@@ -96,18 +95,10 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
         }
         break;
       }
-      case 3: {
+      default: case 3: {
         mhd_conn_tls_check(&connection);
         break;
       }
-      case 4: {
-        mhd_connection_set_nodelay_state(&connection, is_nodelay);
-        break;
-      }
-      default: case 5: {
-        mhd_connection_set_cork_state(&connection, is_cork);
-        break;
-      }
     }
   }
 

projects/libmicrohttpd2/fuzz_mhd2.cpp

@@ -187,7 +187,7 @@ void daemon_configuration(FuzzedDataProvider& fdp, MHD_Daemon* d) {
   auto opt2 = MHD_D_OPTION_BIND_PORT(af, port);
   (void) MHD_daemon_set_option(d, &opt2);
 
-  auto opt3 = MHD_D_OPTION_DEFAULT_TIMEOUT(fdp.ConsumeIntegralInRange<unsigned>(0, 10));
+  auto opt3 = MHD_D_OPTION_DEFAULT_TIMEOUT_MILSEC(fdp.ConsumeIntegralInRange<unsigned>(0, 10000));
   MHD_daemon_set_option(d, &opt3);
 
   auto opt4 = MHD_D_OPTION_CONN_MEMORY_LIMIT(fdp.ConsumeIntegralInRange<size_t>(0, 1<<16));
@@ -227,7 +227,7 @@ void fuzz_daemon_lifecycle(FuzzedDataProvider& fdp) {
       MHD_DAEMON_INFO_FIXED_BIND_PORT,
       MHD_DAEMON_INFO_FIXED_LISTEN_SOCKET,
       MHD_DAEMON_INFO_FIXED_TLS_BACKEND,
-      MHD_DAEMON_INFO_FIXED_DEFAULT_TIMEOUT,
+      MHD_DAEMON_INFO_FIXED_DEFAULT_TIMEOUT_MILSEC,
       MHD_DAEMON_INFO_FIXED_GLOBAL_CONNECTION_LIMIT,
       MHD_DAEMON_INFO_FIXED_PER_IP_LIMIT,
       MHD_DAEMON_INFO_FIXED_SUPPRESS_DATE_HEADER,

projects/libmicrohttpd2/fuzz_str.cpp

@@ -22,10 +22,10 @@
 #include <vector>
 
 #include <fuzzer/FuzzedDataProvider.h>
-extern "C" {
-  #include "mhd_str.h"
-  #include "microhttpd2.h"
-}
+
+#include "mhd_str.h"
+#include "microhttpd2.h"
+
 
 static void fuzz_tokens(FuzzedDataProvider& fdp) {
   // Prepare random string for string comparison
@@ -203,7 +203,6 @@ static void fuzz_transformation(FuzzedDataProvider& fdp) {
 
     // Fuzz conversion functions
     MHD_http_method_to_string(static_cast<MHD_HTTP_Method>(value));
-    MHD_predef_header_to_string(static_cast<MHD_PredefinedHeader>(value));
     MHD_protocol_version_to_string(static_cast<MHD_HTTP_ProtocolVersion>(value));
   }
 }

projects/libmicrohttpd2/mhd_helper.cpp

@@ -752,14 +752,16 @@ req_cb_stream(void*,
               const struct MHD_String* MHD_RESTRICT path,
               enum MHD_HTTP_Method method,
               uint_fast64_t upload_size) {
+  struct MHD_StringNullable out;
+
   // Fuzz MHD_request_get_value for different parameters on random request
-  MHD_request_get_value(request, MHD_VK_HEADER, "host");
-  MHD_request_get_value(request, MHD_VK_HEADER, "content-type");
-  MHD_request_get_value(request, MHD_VK_COOKIE, "cookie");
-  MHD_request_get_value(request, MHD_VK_GET_ARGUMENT, "q");
+  MHD_request_get_value(request, MHD_VK_HEADER, "host", &out);
+  MHD_request_get_value(request, MHD_VK_HEADER, "content-type", &out);
+  MHD_request_get_value(request, MHD_VK_COOKIE, "cookie", &out);
+  MHD_request_get_value(request, MHD_VK_URI_QUERY_PARAM, "q", &out);
   MHD_request_get_values_cb(request, MHD_VK_HEADER, kv_cb, nullptr);
   MHD_request_get_values_cb(request, MHD_VK_COOKIE, kv_cb, nullptr);
-  MHD_request_get_values_cb(request, MHD_VK_GET_ARGUMENT, kv_cb, nullptr);
+  MHD_request_get_values_cb(request, MHD_VK_URI_QUERY_PARAM, kv_cb, nullptr);
 
   // Fuzz MHD_request_get_post_data_cb on random request
   MHD_request_get_post_data_cb(request, post_cb, nullptr);

projects/libmicrohttpd2/project.yaml

@@ -1,8 +1,8 @@
 base_os_version: ubuntu-24-04
-homepage: "https://git.gnunet.org/libmicrohttpd2.git"
-main_repo: "https://git.gnunet.org/libmicrohttpd2.git"
-primary_contact: "christian@grothoff.org"
-language: c++
+homepage: "https://www.gnu.org/s/libmicrohttpd/"
+main_repo: "git://git.gnunet.org/libmicrohttpd2.git"
+primary_contact: "grothoff@gmail.com"
+language: c
 vendor_ccs:
   - "[email protected]"
   - "[email protected]"
@@ -11,3 +11,6 @@ fuzzing_engines:
   - libfuzzer
 sanitizers:
   - address
+architectures:
+  - x86_64
+builds_per_day: 1