diff options
| -rw-r--r-- | loftix/emulation.scm | 5 | ||||
| -rw-r--r-- | loftix/fuzzing.scm | 17 |
2 files changed, 22 insertions, 0 deletions
diff --git a/loftix/emulation.scm b/loftix/emulation.scm index 0f7cbe2..a0d4a9c 100644 --- a/loftix/emulation.scm +++ b/loftix/emulation.scm @@ -78,6 +78,11 @@ ,(string-append "--prefix=" out) ,(string-append "--sysconfdir=/etc") ,@configure-flags))))) + (add-after 'install 'install-qasan-header + (lambda* (#:key outputs #:allow-other-keys) + (install-file "qemuafl/qasan.h" + (string-append (assoc-ref outputs "out") + "/include")))) (delete 'delete-firmwares))))))))) (define-public qemu-for-fuzzolic diff --git a/loftix/fuzzing.scm b/loftix/fuzzing.scm index c715bbc..de1ac77 100644 --- a/loftix/fuzzing.scm +++ b/loftix/fuzzing.scm @@ -33,6 +33,23 @@ (package (inherit aflplusplus) (name "afl++") + (arguments + (substitute-keyword-arguments (package-arguments aflplusplus) + ((#:phases phases) + #~(modify-phases #$phases + (add-after 'build 'build-qasan + (lambda* (#:key make-flags #:allow-other-keys) + (apply invoke + "make" "-C" "qemu_mode/libqasan" + make-flags))) + ;; afl-qemu-trace is a symbolic link to QEMU's binary. + ;; Substituting its source code with AFL++'s output path + ;; would result in a dependency cycle. + (add-after 'install-qemu 'wrap-qemu + (lambda* (#:key outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out"))) + (wrap-program (string-append out "/bin/afl-qemu-trace") + `("AFL_PATH" = (,(string-append out "/lib/afl"))))))))))) (inputs (modify-inputs (package-inputs aflplusplus) (replace "qemu" qemu-for-aflplusplus))))) |