diff options
| -rw-r--r-- | REUSE.toml | 3 | ||||
| -rw-r--r-- | loftix/fuzzing.scm | 88 | ||||
| -rw-r--r-- | patches/evocatio-argv-fuzz-amd64-only.patch | 30 |
3 files changed, 83 insertions, 38 deletions
diff --git a/REUSE.toml b/REUSE.toml index 413ff62..e689574 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -143,7 +143,8 @@ SPDX-License-Identifier = 'CC0-1.0' [[annotations]] path = [ 'patches/afl++-*.patch', - 'patches/e9patch-*.patch' ] + 'patches/e9patch-*.patch', + 'patches/evocatio-*.patch' ] SPDX-FileCopyrightText = 'Nguyễn Gia Phong' SPDX-License-Identifier = 'GPL-3.0-or-later' diff --git a/loftix/fuzzing.scm b/loftix/fuzzing.scm index 9cdb4fc..6e904ae 100644 --- a/loftix/fuzzing.scm +++ b/loftix/fuzzing.scm @@ -62,44 +62,58 @@ (file-name (git-file-name name version)) (sha256 (base32 - "16kc2xa4dk9lq1sg7sl5489n7r3p8kc6hmfgy0gh7i1n6h269bry")))) + "16kc2xa4dk9lq1sg7sl5489n7r3p8kc6hmfgy0gh7i1n6h269bry")) + (patches + (search-patches "patches/evocatio-argv-fuzz-amd64-only.patch")))) + ;;(patches + ;; (search-patches "patches/evocatio-keep-all-crashes.patch")))) (arguments - `(#:make-flags - (list "-C" "bug-severity-AFLplusplus" "source-only" - (string-append "PREFIX=" (assoc-ref %outputs "out")) - (string-append "DOC_PATH=$(PREFIX)/share/doc/evocatio") - (string-append "CC=" ,(cc-for-target)) - "CFLAGS=-O2 -g -fcommon" - "NO_SPLICING=1") - #:modules ((ice-9 string-fun) - ,@%default-gnu-modules) - #:phases - (modify-phases %standard-phases - ;; For GCC plugins. - (add-after 'unpack 'patch-gcc-path - (lambda* (#:key inputs #:allow-other-keys) - (substitute* "bug-severity-AFLplusplus/src/afl-cc.c" - (("alt_cc = \"gcc\";") - (format #f "alt_cc = \"~a\";" - (search-input-file inputs "bin/gcc"))) - (("alt_cxx = \"g\\+\\+\";") - (format #f "alt_cxx = \"~a\";" - (search-input-file inputs "bin/g++")))))) - (delete 'configure) - (add-after 'install 'install-scripts - (lambda* (#:key outputs #:allow-other-keys) - (let ((bin (string-append (assoc-ref outputs "out") "/bin"))) - (for-each - (lambda (script) - (let ((file (string-append - bin "/evocatio-" - (string-replace-substring script "_" "-")))) - (copy-file (string-append "scripts/" script ".py") - file) - (chmod file #o755))) - '("calculate_severity_score" "gen_raw_data_for_cve"))))) - ;; Tests are run during 'install phase - (delete 'check)))) + (substitute-keyword-arguments (package-arguments aflplusplus) + ((#:make-flags make-flags) + #~(cons* "-C" "bug-severity-AFLplusplus" + "CFLAGS=-O2 -g -fcommon" + "NO_SPLICING=1" + #$make-flags)) + ((#:build-target _) "source-only") + ((#:modules modules %default-gnu-modules) + `((ice-9 string-fun) ,@modules)) + ((#:phases phases) + #~(modify-phases #$phases + (replace 'patch-gcc-path + (lambda* (#:key inputs #:allow-other-keys) + ;; AFL++ is prefixed with bug-severity-AFLplusplus + (substitute* "bug-severity-AFLplusplus/src/afl-cc.c" + (("alt_cc = \"gcc\";") + (format #f "alt_cc = \"~a\";" + (search-input-file inputs "bin/gcc"))) + (("alt_cxx = \"g\\+\\+\";") + (format #f "alt_cxx = \"~a\";" + (search-input-file inputs "bin/g++")))))) + (add-after 'build 'build-argv-fuzzing + (lambda* (#:key make-flags #:allow-other-keys) + (apply invoke + "make" "-C" "bug-severity-AFLplusplus/utils/argv_fuzzing" + (cdddr make-flags)))) + (add-after 'install 'install-argv-fuzzing + (lambda* (#:key make-flags #:allow-other-keys) + (apply invoke + "make" "-C" "bug-severity-AFLplusplus/utils/argv_fuzzing" + "install" (cdddr make-flags)))) + (add-after 'install 'install-scripts + (lambda* (#:key outputs #:allow-other-keys) + (let ((bin (string-append (assoc-ref outputs "out") + "/bin"))) + (for-each + (lambda (script) + (let ((file (string-append + bin "/evocatio-" + (string-replace-substring script + "_" "-")))) + (copy-file (string-append "scripts/" script ".py") + file) + (chmod file #o755))) + '("calculate_severity_score" + "gen_raw_data_for_cve"))))))))) (home-page "https://github.com/HexHive/Evocatio") (description "Evocatio is a bug analyzer built on top of AFL++ and AddressSanitizer. diff --git a/patches/evocatio-argv-fuzz-amd64-only.patch b/patches/evocatio-argv-fuzz-amd64-only.patch new file mode 100644 index 0000000..7956f84 --- /dev/null +++ b/patches/evocatio-argv-fuzz-amd64-only.patch @@ -0,0 +1,30 @@ +diff --git a/bug-severity-AFLplusplus/utils/argv_fuzzing/Makefile b/bug-severity-AFLplusplus/utils/argv_fuzzing/Makefile +index 5a0ac6e609c0..20dcb5b9f57b 100644 +--- a/bug-severity-AFLplusplus/utils/argv_fuzzing/Makefile ++++ b/bug-severity-AFLplusplus/utils/argv_fuzzing/Makefile +@@ -16,9 +16,10 @@ + PREFIX ?= /usr/local + BIN_PATH = $(PREFIX)/bin + HELPER_PATH = $(PREFIX)/lib/afl ++INCLUDE_PATH = $(PREFIX)/include/afl + +-CFLAGS = -fPIC -Wall -Wextra +-LDFLAGS = -shared ++CFLAGS += -fPIC -Wall -Wextra -D__x86_64__ -D__LP64__ ++LDFLAGS += -shared + + UNAME_SAYS_LINUX=$(shell uname | grep -E '^Linux|^GNU' >/dev/null; echo $$?) + UNAME_SAYS_LINUX:sh=uname | grep -E '^Linux|^GNU' >/dev/null; echo $$? +@@ -47,9 +48,10 @@ argvfuzz32.so: argvfuzz.c + -@$(CC) $(M32FLAG) $(CFLAGS) $^ $(LDFLAGS) -o $@ 2>/dev/null || echo "argvfuzz32 build failure (that's fine)" + + argvfuzz64.so: argvfuzz.c +- -@$(CC) $(M64FLAG) $(CFLAGS) $^ $(LDFLAGS) -o $@ 2>/dev/null || echo "argvfuzz64 build failure (that's fine)" ++ $(CC) $(M64FLAG) $(CFLAGS) $^ $(LDFLAGS) -o $@ + +-install: argvfuzz32.so argvfuzz64.so ++install: argv-fuzz-inl.h argvfuzz32.so argvfuzz64.so ++ install -Dm 755 argv-fuzz-inl.h $(DESTDIR)$(INCLUDE_PATH)/argv-fuzz-inl.h + install -d -m 755 $(DESTDIR)$(HELPER_PATH)/ + if [ -f argvfuzz32.so ]; then set -e; install -m 755 argvfuzz32.so $(DESTDIR)$(HELPER_PATH)/; fi + if [ -f argvfuzz64.so ]; then set -e; install -m 755 argvfuzz64.so $(DESTDIR)$(HELPER_PATH)/; fi |