[CIFuzz] MSan not using its own zlib library

[catenacyber]

cc @jonathanmetzman
Reopening #4614

We get a false positive from CIFuzz with MSAN because of not using the MSAN-compiled zlib
See https://github.com/OISF/suricata/pull/6170/checks?check_run_id=2745368209

==12==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x180e10d in htp_gzip_decompressor_probe /src/suricata/libhtp/htp/htp_decompressors.c:61:25

[jonathanmetzman]

Hi @catenacyber
We're actually a little unsure about the future of MSAN in OSS-Fuzz right now since MSAN isn't really supported on newer versions of ubuntu and we want to upgrade our docker images at some point.

Since I have limited cycles right now, I don't think I'm going to spend much time on MSAN for CIFuzz right now.

[maflcko]

Is there further reading available about "MSAN isn't really supported on newer versions of ubuntu"?

[jonathanmetzman]

Is there further reading available about "MSAN isn't really supported on newer versions of ubuntu"?

I need to write something on this. You're not the first to ask.
If everything goes as planned, I should send something out this week explaining why, since we are going to upgrade the ubuntu version soon (and also have to drop msan support for a lot of projects :-(

[jonathanmetzman]

Closing this bug since I think it only makes sense in a world where OSS-Fuzz is providing prebuilt msan libraries, which it won't be doing anymore with #6180.
More details on this later.