Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 38d043b11647
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: e1530049608a
Choose a head ref
  • 3 commits
  • 5 files changed
  • 2 contributors

Commits on May 4, 2020

  1. maintainers: add myself to list

    @Mindavi
    Mindavi committed May 4, 2020

    Verified

    This commit was signed with the committer’s verified signature. The key has expired.
    mweinelt Martin Weinelt
    GPG key ID: BD4AA0528F63F17E
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    9a15100 View commit details

  2. aflplusplus: 2.59c -> 2.64c 

    Updated together with maintainers.ris / @risicle.
    @Mindavi
    Mindavi committed May 4, 2020

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    416c891 View commit details

Commits on May 6, 2020

  1. Merge pull request #85950 from Mindavi/aflplusplus/2.64c 

    aflplusplus: 2.59c -> 2.64c
    @risicle
    risicle authored May 6, 2020
    Copy the full SHA
    e153004 View commit details
6 changes: 6 additions & 0 deletions maintainers/maintainer-list.nix
View file
Original file line number Diff line number Diff line change
@@ -5064,6 +5064,12 @@
githubId = 3269878;
name = "Miguel Madrid Mencía";
};
mindavi = {
email = "rol3517@gmail.com";
github = "Mindavi";
githubId = 9799623;
name = "Rick van Schijndel";
};
minijackson = {
email = "minijackson@riseup.net";
github = "minijackson";
82 changes: 45 additions & 37 deletions pkgs/tools/security/aflplusplus/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{ stdenv, fetchFromGitHub, callPackage, makeWrapper
, clang, llvm, gcc, which, libcgroup, python, perl, gmp
, wine ? null
{ stdenv, stdenvNoCC, fetchFromGitHub, callPackage, makeWrapper
, clang_9, llvm_9, gcc, which, libcgroup, python, perl, gmp
, file, cmocka, wine ? null, fetchpatch
}:

# wine fuzzing is only known to work for win32 binaries, and using a mixture of
@@ -15,24 +15,52 @@ let
else throw "aflplusplus: no support for ${stdenv.targetPlatform.system}!";
libdislocator = callPackage ./libdislocator.nix { inherit aflplusplus; };
libtokencap = callPackage ./libtokencap.nix { inherit aflplusplus; };
aflplusplus = stdenv.mkDerivation rec {
aflplusplus = stdenvNoCC.mkDerivation rec {
pname = "aflplusplus";
version = "2.59c";
version = "2.64c";

src = fetchFromGitHub {
owner = "vanhauser-thc";
owner = "AFLplusplus";
repo = "AFLplusplus";
rev = version;
sha256 = "1ik33ifk4n96762iv1h4kl4jf9yvsq2hgs097wkiy589siw44g5r";
sha256 = "0n618pk6nlmkcbv1qm05fny4mnhcprrw0ppmra1phvk1y22iildj";
};
enableParallelBuilding = true;

# build of unsigaction32 broken in 2.64c:
# https://github.com/AFLplusplus/AFLplusplus/commit/079fdbf9bc5be1adba19e4bd08be965bd4dd79dc#commitcomment-38428357
# The applied patch fixes it.
patches = [
(fetchpatch {
url = "https://github.com/AFLplusplus/AFLplusplus/commit/5b9928f1a9d4b017ea04365ca8b522fde71236eb.patch";
sha256 = "1m4w9w4jaxb2mjkwvr6r4qa2j5cdzzpchjphpwd95861h0zvb6hh";
})
];

# Note: libcgroup isn't needed for building, just for the afl-cgroup
# script.
nativeBuildInputs = [ makeWrapper which ];
buildInputs = [ llvm python gmp ]
nativeBuildInputs = [ makeWrapper which clang_9 gcc ];
buildInputs = [ llvm_9 python gmp ]
++ stdenv.lib.optional (wine != null) python.pkgs.wrapPython;


postPatch = ''
# Replace the CLANG_BIN variables with the correct path
substituteInPlace llvm_mode/afl-clang-fast.c \
--replace "CLANGPP_BIN" '"${clang_9}/bin/clang++"' \
--replace "CLANG_BIN" '"${clang_9}/bin/clang"' \
--replace 'getenv("AFL_PATH")' "(getenv(\"AFL_PATH\") ? getenv(\"AFL_PATH\") : \"$out/lib/afl\")"
# Replace "gcc" and friends with full paths in afl-gcc
# Prevents afl-gcc picking up any (possibly incorrect) gcc from the path
substituteInPlace src/afl-gcc.c \
--replace '"gcc"' '"${gcc}/bin/gcc"' \
--replace '"g++"' '"${gcc}/bin/g++"' \
--replace '"gcj"' '"gcj-UNSUPPORTED"' \
--replace '"clang"' '"clang-UNSUPPORTED"' \
--replace '"clang++"' '"clang++-UNSUPPORTED"'
'';

makeFlags = [ "PREFIX=$(out)" ];
buildPhase = ''
common="$makeFlags -j$NIX_BUILD_CORES"
@@ -45,6 +73,9 @@ let
'';

postInstall = ''
# remove afl-clang(++) which are just symlinks to afl-clang-fast
rm $out/bin/afl-clang $out/bin/afl-clang++
# the makefile neglects to install unsigaction
cp qemu_mode/unsigaction/unsigaction*.so $out/lib/afl/
@@ -61,36 +92,15 @@ let
cp ${libtokencap}/bin/get-libtokencap-so $out/bin/
# Install the cgroups wrapper for asan-based fuzzing.
cp experimental/asan_cgroups/limit_memory.sh $out/bin/afl-cgroup
cp examples/asan_cgroups/limit_memory.sh $out/bin/afl-cgroup
chmod +x $out/bin/afl-cgroup
substituteInPlace $out/bin/afl-cgroup \
--replace "cgcreate" "${libcgroup}/bin/cgcreate" \
--replace "cgexec" "${libcgroup}/bin/cgexec" \
--replace "cgdelete" "${libcgroup}/bin/cgdelete"
# Patch shebangs before wrapping
patchShebangs $out/bin
# Wrap afl-clang-fast(++) with a *different* AFL_PATH, because it
# has totally different semantics in that case(?) - and also set a
# proper AFL_CC and AFL_CXX so we don't pick up the wrong one out
# of $PATH.
# first though we need to replace the afl-clang-fast++ symlink with
# a real copy to prevent wrapProgram skipping the symlink and confusing
# nix's cc wrapper
rm $out/bin/afl-clang-fast++
cp $out/bin/afl-clang-fast $out/bin/afl-clang-fast++
for x in $out/bin/afl-clang-fast $out/bin/afl-clang-fast++; do
wrapProgram $x \
--set-default AFL_PATH "$out/lib/afl" \
--run 'export AFL_CC=''${AFL_CC:-${clang}/bin/clang} AFL_CXX=''${AFL_CXX:-${clang}/bin/clang++}'
done
# do similar for afl-gcc and afl-gcc-fast
for x in $out/bin/afl-gcc $out/bin/afl-gcc-fast; do
wrapProgram $x \
--set-default AFL_PATH "$out/lib/afl" \
--run 'export AFL_CC=''${AFL_CC:-${gcc}/bin/gcc} AFL_CXX=''${AFL_CXX:-${gcc}/bin/g++}'
done
'' + stdenv.lib.optionalString (wine != null) ''
substitute afl-wine-trace $out/bin/afl-wine-trace \
--replace "qemu_mode/unsigaction" "$out/lib/afl"
@@ -105,17 +115,15 @@ let
wrapPythonProgramsIn $out/bin ${python.pkgs.pefile}
'';

installCheckInputs = [ perl ];
installCheckInputs = [ perl file cmocka ];
doInstallCheck = true;
installCheckPhase = ''
# replace references to tools in build directory with references to installed locations
substituteInPlace test/test.sh \
--replace '`which gcc`' "" \
--replace '../libcompcov.so' '`$out/bin/get-afl-qemu-libcompcov-so`' \
--replace '../libdislocator.so' '`$out/bin/get-libdislocator-so`' \
--replace '../libtokencap.so' '`$out/bin/get-libtokencap-so`'
perl -pi -e 's|(?<=\s)gcc(?=\s)|${gcc}/bin/gcc|g' test/test.sh
perl -pi -e 's|(\.\./)(\S+?)(?<!\.c)(?<!\.s?o)(?=\s)|\$out/bin/\2|g' test/test.sh
perl -pi -e 's|(?<!\.)(\.\./)([^\s\/]+?)(?<!\.c)(?<!\.s?o)(?=\s)|\$out/bin/\2|g' test/test.sh
cd test && ./test.sh
'';

@@ -129,10 +137,10 @@ let
AFL++ is a heavily enhanced version of AFL, incorporating many features and
improvements from the community.
'';
homepage = "https://github.com/vanhauser-thc/AFLplusplus";
homepage = "https://aflplus.plus";
license = stdenv.lib.licenses.asl20;
platforms = ["x86_64-linux" "i686-linux"];
maintainers = with stdenv.lib.maintainers; [ ris ];
maintainers = with stdenv.lib.maintainers; [ ris mindavi ];
};
};
in aflplusplus
2 changes: 2 additions & 0 deletions pkgs/tools/security/aflplusplus/libdislocator.nix
View file
Original file line number Diff line number Diff line change
@@ -12,6 +12,8 @@ stdenv.mkDerivation {

preInstall = ''
mkdir -p $out/lib/afl
# issue is fixed upstream: https://github.com/AFLplusplus/AFLplusplus/commit/2a60ceb6944a7ca273057ddf64dcf837bf7f9521
sed -i 's/README\.dislocator\.md/README\.md/g' Makefile
'';
postInstall = ''
mkdir $out/bin
1 change: 1 addition & 0 deletions pkgs/tools/security/aflplusplus/libtokencap.nix
View file
Original file line number Diff line number Diff line change
@@ -12,6 +12,7 @@ stdenv.mkDerivation {

preInstall = ''
mkdir -p $out/lib/afl
mkdir -p $out/share/doc/afl
'';
postInstall = ''
mkdir $out/bin
6 changes: 6 additions & 0 deletions pkgs/tools/security/aflplusplus/qemu.nix
View file
Original file line number Diff line number Diff line change
@@ -28,11 +28,17 @@ stdenv.mkDerivation {
for f in ${aflplusplus.src.name}/qemu_mode/patches/* ; do
sed -E -i 's|(\.\./)+patches/([a-z-]+\.h)|\2|g' $f
sed -E -i 's|\.\./\.\./config\.h|afl-config.h|g' $f
sed -E -i 's|\.\./\.\./include/cmplog\.h|afl-cmplog.h|g' $f
done
cp ${aflplusplus.src.name}/qemu_mode/patches/*.h $sourceRoot/
cp ${aflplusplus.src.name}/types.h $sourceRoot/afl-types.h
substitute ${aflplusplus.src.name}/config.h $sourceRoot/afl-config.h \
--replace "types.h" "afl-types.h"
substitute ${aflplusplus.src.name}/include/cmplog.h $sourceRoot/afl-cmplog.h \
--replace "config.h" "afl-config.h" \
--replace "forkserver.h" "afl-forkserver.h"
substitute ${aflplusplus.src.name}/include/forkserver.h $sourceRoot/afl-forkserver.h \
--replace "types.h" "afl-types.h"
cat ${aflplusplus.src.name}/qemu_mode/patches/*.diff > all.patch
'';