From f026fc23392029f92dc2cc8e15cb75e2e5967388 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Iy=C3=A1n=20M=C3=A9ndez=20Veiga?= <me@iyanmv.com>
Date: Thu, 12 Dec 2024 16:17:51 +0100
Subject: [PATCH 1/2] Remove hardcoded build paths
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This fixes #2018 using `helpers.get_current_build_dir_name()`

Signed-off-by: Iyán Méndez Veiga <me@iyanmv.com>
---
 tests/test_acvp_vectors.py | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/tests/test_acvp_vectors.py b/tests/test_acvp_vectors.py
index ee45f8c12..28cd4614c 100644
--- a/tests/test_acvp_vectors.py
+++ b/tests/test_acvp_vectors.py
@@ -120,9 +120,10 @@ def test_acvp_vec_sig_keygen(sig_name):
                     seed = testCase["seed"]
                     pk = testCase["pk"]
                     sk = testCase["sk"]
-                    
+
+                    build_dir = helpers.get_current_build_dir_name()
                     helpers.run_subprocess(
-                        ['build/tests/vectors_sig', sig_name, "keyGen", seed, pk, sk]
+                        [f'{build_dir}/tests/vectors_sig', sig_name, "keyGen", seed, pk, sk]
                     )
 
         assert(variantFound == True)
@@ -146,8 +147,10 @@ def test_acvp_vec_sig_gen_deterministic(sig_name):
                     sk = testCase["sk"]
                     message = testCase["message"]
                     signature = testCase["signature"]
+
+                    build_dir = helpers.get_current_build_dir_name()
                     helpers.run_subprocess(
-                        ['build/tests/vectors_sig', sig_name, "sigGen_det", sk, message, signature]
+                        [f'{build_dir}/tests/vectors_sig', sig_name, "sigGen_det", sk, message, signature]
                     )
 
         assert(variantFound == True)
@@ -173,8 +176,9 @@ def test_acvp_vec_sig_gen_randomized(sig_name):
                     signature = testCase["signature"]
                     rnd = testCase["rnd"]
                     
+                    build_dir = helpers.get_current_build_dir_name()
                     helpers.run_subprocess(
-                        ['build/tests/vectors_sig', sig_name, "sigGen_rnd", sk, message, signature, rnd]
+                        [f'{build_dir}/tests/vectors_sig', sig_name, "sigGen_rnd", sk, message, signature, rnd]
                     )
 
         assert(variantFound == True)
@@ -200,8 +204,9 @@ def test_acvp_vec_sig_ver(sig_name):
                     signature = testCase["signature"]
                     testPassed = "1" if testCase["testPassed"] else "0"
                     
+                    build_dir = helpers.get_current_build_dir_name()
                     helpers.run_subprocess(
-                        ['build/tests/vectors_sig', sig_name, "sigVer", pk, message, signature, testPassed]
+                        [f'{build_dir}/tests/vectors_sig', sig_name, "sigVer", pk, message, signature, testPassed]
                     )
 
         assert(variantFound == True)

From 345c0fe2602389ac2db2dcf8ebd8d6a16909be28 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Iy=C3=A1n=20M=C3=A9ndez=20Veiga?= <me@iyanmv.com>
Date: Fri, 13 Dec 2024 19:34:22 +0100
Subject: [PATCH 2/2] Use a random build path in the basic build test
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Iyán Méndez Veiga <me@iyanmv.com>
---
 .github/workflows/basic.yml | 51 +++++++++++++++++++++----------------
 1 file changed, 29 insertions(+), 22 deletions(-)

diff --git a/.github/workflows/basic.yml b/.github/workflows/basic.yml
index ca9485e02..57b637493 100644
--- a/.github/workflows/basic.yml
+++ b/.github/workflows/basic.yml
@@ -67,25 +67,27 @@ jobs:
       KEM_NAME: ml_kem_768
       SIG_NAME: ml_dsa_65
     steps:
+      - name: Create random build folder
+        run: tmp_build=$(mktemp -d) && echo "RANDOM_BUILD_DIR=$tmp_build" >> $GITHUB_ENV
       - name: Checkout code
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
       - name: Configure
         run: |
-          mkdir build && \
-          cd build && \
-          cmake -GNinja -DOQS_STRICT_WARNINGS=ON \
+          cmake \
+            -B ${{ env.RANDOM_BUILD_DIR }} \
             -GNinja \
+            -DOQS_STRICT_WARNINGS=ON \
             -DOQS_MINIMAL_BUILD="KEM_$KEM_NAME;SIG_$SIG_NAME" \
-            --warn-uninitialized .. > config.log 2>&1 && \
+            --warn-uninitialized . > config.log 2>&1 && \
           cat config.log && \
-          cmake -LA -N .. && \
+          cmake -LA -N . && \
           ! (grep -i "uninitialized variable" config.log)
       - name: Build code
         run: ninja
-        working-directory: build
+        working-directory: ${{ env.RANDOM_BUILD_DIR }}
       - name: Build documentation
         run: ninja gen_docs
-        working-directory: build
+        working-directory: ${{ env.RANDOM_BUILD_DIR }}
 
   cppcheck:
     name: Check C++ linking with example program
@@ -94,28 +96,30 @@ jobs:
     env:
       SIG_NAME: dilithium_2
     steps:
+      - name: Create random build folder
+        run: tmp_build=$(mktemp -d) && echo "RANDOM_BUILD_DIR=$tmp_build" >> $GITHUB_ENV
       - name: Checkout code
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
       - name: Configure
         run: |
-          mkdir build && \
-          cd build && \
-          cmake -GNinja -DOQS_STRICT_WARNINGS=ON \
+          cmake \
+            -B ${{ env.RANDOM_BUILD_DIR }} \
             -GNinja \
+            -DOQS_STRICT_WARNINGS=ON \
             -DOQS_MINIMAL_BUILD="SIG_$SIG_NAME" \
-            --warn-uninitialized .. > config.log 2>&1 && \
+            --warn-uninitialized . > config.log 2>&1 && \
           cat config.log && \
-          cmake -LA -N .. && \
+          cmake -LA -N . && \
           ! (grep -i "uninitialized variable" config.log)
       - name: Build liboqs
         run: ninja
-        working-directory: build
+        working-directory: ${{ env.RANDOM_BUILD_DIR }}
       - name: Link with C++ program
         run: |
-          g++ ../cpp/sig_linking_test.cpp -g \
+          g++ "$GITHUB_WORKSPACE"/cpp/sig_linking_test.cpp -g \
           -I./include -L./lib -loqs -lcrypto -std=c++11 -o example_sig && \
           ./example_sig
-        working-directory: build
+        working-directory: ${{ env.RANDOM_BUILD_DIR }}
 
   fuzzbuildcheck:
     name: Check that code passes a basic fuzzing build
@@ -129,23 +133,26 @@ jobs:
       CFLAGS: -fsanitize=fuzzer-no-link,address
       LDFLAGS: -fsanitize=address
     steps:
+      - name: Create random build folder
+        run: tmp_build=$(mktemp -d) && echo "RANDOM_BUILD_DIR=$tmp_build" >> $GITHUB_ENV
       - name: Checkout code
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
       - name: Configure
         run: |
-          mkdir build && \
-          cd build && \
-          cmake -GNinja -DOQS_STRICT_WARNINGS=ON \
+          cmake \
+            -B ${{ env.RANDOM_BUILD_DIR }} \
+            -GNinja \
+            -DOQS_STRICT_WARNINGS=ON \
             -DOQS_BUILD_FUZZ_TESTS=ON \
             -DOQS_MINIMAL_BUILD="SIG_$SIG_NAME" \
-            --warn-uninitialized .. > config.log 2>&1 && \
+            --warn-uninitialized . > config.log 2>&1 && \
           cat config.log && \
-          cmake -LA -N .. && \
+          cmake -LA -N . && \
           ! (grep -i "uninitialized variable" config.log)
       - name: Build code
         run: ninja fuzz_test_sig
-        working-directory: build
+        working-directory: ${{ env.RANDOM_BUILD_DIR }}
 
       - name: Short fuzz check (30s)
         run: ./tests/fuzz_test_sig -max_total_time=30
-        working-directory: build
+        working-directory: ${{ env.RANDOM_BUILD_DIR }}