mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-12-05 21:33:07 +00:00
d8cd4e60d1
honggfuzz embeds its .a libraries *inside* of the hfuzz-cc executable, extracts them when you invoke it, and links the .o file against them. But that doesn't help if you wanted to bind it to other languages such as Rust, for example. If you're using honggfuzz-rs, it embeds this automatically too, but if you're doing it yourself, you need these libraries to get anywhere. Signed-off-by: Austin Seipp <aseipp@pobox.com>
68 lines
2.0 KiB
Nix
68 lines
2.0 KiB
Nix
{ lib
|
|
, stdenv
|
|
, fetchFromGitHub
|
|
, callPackage
|
|
, makeWrapper
|
|
, clang
|
|
, llvm
|
|
# TODO: switch to latest versions when 2.6 release is out to include
|
|
# https://github.com/google/honggfuzz/commit/90fdf81006614664ef05e5e3c6f94d91610f11b2
|
|
, libbfd_2_38, libopcodes_2_38
|
|
, libunwind
|
|
, libblocksruntime }:
|
|
|
|
stdenv.mkDerivation rec {
|
|
pname = "honggfuzz";
|
|
version = "2.5";
|
|
|
|
src = fetchFromGitHub {
|
|
owner = "google";
|
|
repo = pname;
|
|
rev = version;
|
|
sha256 = "sha256-TkyUKmiiSAfCnfQhSOUxuce6+dRyMmHy7vFK59jPIxM=";
|
|
};
|
|
|
|
postPatch = ''
|
|
substituteInPlace hfuzz_cc/hfuzz-cc.c \
|
|
--replace '"clang' '"${clang}/bin/clang'
|
|
'';
|
|
|
|
enableParallelBuilding = true;
|
|
|
|
nativeBuildInputs = [ makeWrapper ];
|
|
buildInputs = [ llvm ];
|
|
propagatedBuildInputs = [ libbfd_2_38 libopcodes_2_38 libunwind libblocksruntime ];
|
|
|
|
makeFlags = [ "PREFIX=$(out)" ];
|
|
|
|
postInstall = ''
|
|
mkdir -p $out/lib
|
|
cp libhfuzz/libhfuzz.a $out/lib
|
|
cp libhfuzz/libhfuzz.so $out/lib
|
|
cp libhfcommon/libhfcommon.a $out/lib
|
|
cp libhfnetdriver/libhfnetdriver.a $out/lib
|
|
'';
|
|
|
|
meta = {
|
|
description =
|
|
"A security oriented, feedback-driven, evolutionary, easy-to-use fuzzer";
|
|
longDescription = ''
|
|
Honggfuzz is a security oriented, feedback-driven, evolutionary,
|
|
easy-to-use fuzzer with interesting analysis options. It is
|
|
multi-process and multi-threaded, blazingly fast when the persistent
|
|
fuzzing mode is used and has a solid track record of uncovered security
|
|
bugs.
|
|
|
|
Honggfuzz uses low-level interfaces to monitor processes and it will
|
|
discover and report hijacked/ignored signals from crashes. Feed it
|
|
a simple corpus directory (can even be empty for the feedback-driven
|
|
fuzzing), and it will work its way up, expanding it by utilizing
|
|
feedback-based coverage metrics.
|
|
'';
|
|
homepage = "https://honggfuzz.dev/";
|
|
license = lib.licenses.asl20;
|
|
platforms = [ "x86_64-linux" ];
|
|
maintainers = with lib.maintainers; [ cpu chivay ];
|
|
};
|
|
}
|