blob: b8f9e4c6bb8540b3f134c58123c5c15206e699c4 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
# Loftix
Loftix is a Guix channel containing packages
used and made by UNIST Lab of Software.
## Installation
Add the [Guix channel] to `~/.config/guix/channels.scm`:
(cons* (channel
(name 'loftix)
(url "https://trong.loang.net/~cnx/loftix")
(branch "main")
(introduction
(make-channel-introduction
"1b5437ce217590545f7a7319a5c62b6300aee6c4"
(openpgp-fingerprint
"838A FE0D 55DC 074E 360F 943A 84B6 9CE6 F3F6 B767"))))
%default-channels)
Then run `guix pull`.
## Packages
### Fuzzing
- [AFLRun]: multi-target directed [AFL++] with path diversity
- [afl-dyninst]: Dyninst integration for AFL++
### Patching
- [e9patch]: static binary rewriting tool
### Synthesis
- [python-pacfix]: PAC-learning-based program systhesizer
### Bugs
#### CVE-2016-9557
[Signed integer overflow in jas_image.c][jasper-d42b238]
guix shell jasper@1.900.19 -- imginfo -f bugs/cve-2016-9557/reproducer
#### CVE-2017-14745
[Integer overflow in elf64-x86-64.c, binutils 2.29.1][sourceware-22148]
guix shell binutils@2.29 -- objdump -d bugs/cve-2017-14745/crash_1
#### CVE-2017-15025
[Divide-by-zero in decode_line_info (dwarf2.c)][sourceware-22186]
guix shell binutils@2.29 -- nm -l bugs/cve-2017-15025/3899.crashes.bin
[Guix channel]: https://guix.gnu.org/manual/devel/en/html_node/Channels.html
[AFLRun]: https://trong.loang.net/~cnx/afl++/log?h=run
[AFL++]: https://github.com/AFLplusplus/AFLplusplus
[afl-dyninst]: https://trong.loang.net/~cnx/afl-dyninst/about
[e9patch]: https://github.com/GJDuck/e9patch
[python-pacfix]: https://github.com/hsh814/pacfix-python
[sourceware-22148]: https://sourceware.org/bugzilla/show_bug.cgi?id=22148
[sourceware-22186]: https://sourceware.org/bugzilla/show_bug.cgi?id=22186
[jasper-d42b238]: https://blogs.gentoo.org/ago/2016/11/19/jasper-signed-integer-overflow-in-jas_image-c
|
