diff options
Diffstat (limited to 'development/aflplusplus')
| -rw-r--r-- | development/aflplusplus/README | 12 | ||||
| -rw-r--r-- | development/aflplusplus/aflplusplus.SlackBuild | 80 | ||||
| -rw-r--r-- | development/aflplusplus/aflplusplus.info | 8 | ||||
| -rw-r--r-- | development/aflplusplus/build_qemu_support.diff | 28 | ||||
| -rw-r--r-- | development/aflplusplus/mkqemutarball.sh | 27 |
5 files changed, 95 insertions, 60 deletions
diff --git a/development/aflplusplus/README b/development/aflplusplus/README index 03eb536092..ec2a23db01 100644 --- a/development/aflplusplus/README +++ b/development/aflplusplus/README @@ -11,12 +11,16 @@ the functional coverage for the fuzzed code. The compact synthesized corpora produced by the tool are also useful for seeding other, more labor- or resource-intensive testing regimes down the road. -This build of aflplusplus does not include frida and unicorn modes, so -the -O and -U options won't work. +This build of aflplusplus does not include the frida, unicorn, +coresight, or nyx modes, so the afl-fuzz -O, -U, -X, -Y options won't +work. Build option: If you need to fuzz binary-only software, aflplusplus can be built with QEMU support. To do this, download the qemu source from: -https://slackware.uk/~urchlay/src/qemuafl-d73b0336b4.tar.xz +https://slackware.uk/~urchlay/src/qemuafl-ff9de4fbeb.tar.xz -...and place it in the SlackBuild's directory before running the script. +Its md5sum is 58547e2ea53b639c17a585be376b5bb7. Place it in the +SlackBuild's directory before running the script. The resulting +package will support the -Q option to afl-fuzz. An existing +installation of qemu is not required. diff --git a/development/aflplusplus/aflplusplus.SlackBuild b/development/aflplusplus/aflplusplus.SlackBuild index 403cbf95c2..3864595b78 100644 --- a/development/aflplusplus/aflplusplus.SlackBuild +++ b/development/aflplusplus/aflplusplus.SlackBuild @@ -10,7 +10,7 @@ cd $(dirname $0) ; CWD=$(pwd) PRGNAM=aflplusplus SRCNAM=AFLplusplus -VERSION=${VERSION:-3.14c} +VERSION=${VERSION:-4.04c} BUILD=${BUILD:-1} TAG=${TAG:-_SBo} PKGTYPE=${PKGTYPE:-tgz} @@ -32,19 +32,9 @@ TMP=${TMP:-/tmp/SBo} PKG=$TMP/package-$PRGNAM OUTPUT=${OUTPUT:-/tmp} -if [ "$ARCH" = "i586" ]; then - SLKCFLAGS="-O2 -march=i586 -mtune=i686" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "i686" ]; then - SLKCFLAGS="-O2 -march=i686 -mtune=i686" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "x86_64" ]; then - SLKCFLAGS="-O2 -fPIC" - LIBDIRSUFFIX="64" -else - SLKCFLAGS="-O2" - LIBDIRSUFFIX="" -fi +# No SLKCFLAGS here, use upstream's flags (they know what they're doing). +LIBDIRSUFFIX="" +[ "$ARCH" = "x86_64" ] && LIBDIRSUFFIX="64" set -e @@ -61,10 +51,38 @@ find -L . -perm /111 -a \! -perm 755 -a -exec chmod 755 {} \+ -o \ DOCDIR=/usr/doc/$PRGNAM-$VERSION PKGDOC=$PKG/$DOCDIR +runmake() { + make \ + DESTDIR=$PKG \ + PREFIX=/usr \ + HELPER_PATH=/usr/lib$LIBDIRSUFFIX/$PRGNAM \ + DOC_PATH=$DOCDIR \ + MAN_PATH=/usr/man/man8 \ + "$1" +} + +# "make all" doesn't include qemu_mode (which gets built separately, +# below). The other modes aren't built because they're a lot of effort +# to build for not much gain: + +# coresight_mode: ARM64-only. Beyond the scope of this SBo build. +# frida_mode: New and missing a lot of features. Also a PITA to build. +# nyx_mode: Written in Rust. Too fast-moving of a target for me, sorry. +# unicorn_mode: Looks interesting, but I don't need it, do you? + +# Anyone who wants to is welcome to submit SlackBuilds for the other +# modes, though it'll take some care to keep them from conflicting +# with this one: your script will have to build the main aflplusplus +# stuff (make all), because the "modes" require it to be built first, +# but your package should only install the mode-specific stuff (so you +# can't just use "make install"). + +runmake all +runmake man + # Make it use the qemu source provided by us, instead of doing a git -# clone (which didn't work properly anyway). Also this removes the -# hexagon arch in qemu, because its meson.build breaks the build (even -# though we're not even building hexagon support). +# clone (which didn't work properly anyway). Also this disables -Werror +# in the qemu build. patch -p1 < $CWD/build_qemu_support.diff # qemu mode is optional, only build if the source exists. @@ -72,34 +90,17 @@ QEMUVER="$( cat qemu_mode/QEMUAFL_VERSION )" QEMUSRC="$CWD/qemuafl-$QEMUVER.tar.xz" if [ -e "$QEMUSRC" ]; then echo "=== QEMU source found, building qemu_mode" + WITHQEMU=WITH ( cd qemu_mode rm -rf qemuafl - tar xvf "$QEMUSRC" ) - WITHQEMU=WITH + tar xvf "$QEMUSRC" + NO_CHECKOUT=1 sh build_qemu_support.sh ) else echo "=== QEMU source NOT found, not building qemu_mode" - sed -i \ - -e '/-cd qemu_mode/d' \ - GNUmakefile - WITHQEMU=WITHOUT + WITHQEMU=WITHOUT fi -# Apply our flags, disable frida and unicorn modes because they -# don't build. -sed -i \ - -e "s/= *-O3 *-funroll-loops/= $SLKCFLAGS/" \ - -e '/MAKE.*-C *frida_mode *$/d' \ - -e '/-cd unicorn_mode/d' \ - GNUmakefile - -make \ - DESTDIR=$PKG \ - PREFIX=/usr \ - HELPER_PATH=/usr/lib$LIBDIRSUFFIX/$PRGNAM \ - DOC_PATH=$DOCDIR \ - MAN_PATH=/usr/man/man8 \ - distrib \ - install +runmake install # 20211216 bkw: faster than the usual find|strip stuff. Maybe this # should be the new template. @@ -113,7 +114,6 @@ find $PKG/usr/bin $PKG/usr/lib* -type f -print0 | \ gzip $PKG/usr/man/man8/*.8 rm -f $PKGDOC/INSTALL* # useless. -cat README.md > $PKGDOC/README.md # upstream forgot this. cat $CWD/$PRGNAM.SlackBuild > $PKGDOC/$PRGNAM.SlackBuild mkdir -p $PKG/install diff --git a/development/aflplusplus/aflplusplus.info b/development/aflplusplus/aflplusplus.info index 0c5d0b5448..49583978be 100644 --- a/development/aflplusplus/aflplusplus.info +++ b/development/aflplusplus/aflplusplus.info @@ -1,10 +1,8 @@ PRGNAM="aflplusplus" -VERSION="3.14c" +VERSION="4.04c" HOMEPAGE="https://github.com/AFLplusplus/AFLplusplus" -DOWNLOAD="https://github.com/AFLplusplus/AFLplusplus/archive/3.14c/AFLplusplus-3.14c.tar.gz \ - https://github.com/frida/frida/releases/download/15.0.0/frida-gumjs-devkit-15.0.0-linux-x86_64.tar.xz" -MD5SUM="b59357f4afa849fef2cd652c4b0fcaae \ - d80a50c535c5b4d27f219b7cf61a693b" +DOWNLOAD="https://github.com/AFLplusplus/AFLplusplus/archive/4.04c/AFLplusplus-4.04c.tar.gz" +MD5SUM="11f0176843c4b327e4e2312095cfb056" DOWNLOAD_x86_64="" MD5SUM_x86_64="" REQUIRES="" diff --git a/development/aflplusplus/build_qemu_support.diff b/development/aflplusplus/build_qemu_support.diff index b9a28a6bfd..ab4321ca2b 100644 --- a/development/aflplusplus/build_qemu_support.diff +++ b/development/aflplusplus/build_qemu_support.diff @@ -1,12 +1,10 @@ -diff -Naur AFLplusplus-3.14c/qemu_mode/build_qemu_support.sh AFLplusplus-3.14c.patched/qemu_mode/build_qemu_support.sh ---- AFLplusplus-3.14c/qemu_mode/build_qemu_support.sh 2021-07-19 04:50:09.000000000 -0400 -+++ AFLplusplus-3.14c.patched/qemu_mode/build_qemu_support.sh 2021-08-08 13:20:14.656823570 -0400 -@@ -68,36 +68,8 @@ +diff -Naur AFLplusplus-4.04c/qemu_mode/build_qemu_support.sh AFLplusplus-4.04c.patched/qemu_mode/build_qemu_support.sh +--- AFLplusplus-4.04c/qemu_mode/build_qemu_support.sh 2022-10-11 09:40:55.000000000 -0400 ++++ AFLplusplus-4.04c.patched/qemu_mode/build_qemu_support.sh 2022-12-29 17:08:26.492717555 -0500 +@@ -70,35 +70,7 @@ - echo "[+] All checks passed!" + echo "[*] Making sure qemuafl is checked out" --echo "[*] Making sure qemuafl is checked out" -- -git status 1>/dev/null 2>/dev/null -if [ $? -eq 0 ]; then - echo "[*] initializing qemuafl submodule" @@ -14,9 +12,9 @@ diff -Naur AFLplusplus-3.14c/qemu_mode/build_qemu_support.sh AFLplusplus-3.14c.p - git submodule update ./qemuafl 2>/dev/null # ignore errors -else - echo "[*] cloning qemuafl" -- test -d qemuafl || { +- test -d qemuafl/.git || { - CNT=1 -- while [ '!' -d qemuafl -a "$CNT" -lt 4 ]; do +- while [ '!' -d qemuafl/.git -a "$CNT" -lt 4 ]; do - echo "Trying to clone qemuafl (attempt $CNT/3)" - git clone --depth 1 https://github.com/AFLplusplus/qemuafl - CNT=`expr "$CNT" + 1` @@ -24,7 +22,7 @@ diff -Naur AFLplusplus-3.14c/qemu_mode/build_qemu_support.sh AFLplusplus-3.14c.p - } -fi - --test -d qemuafl || { echo "[-] Not checked out, please install git or check your internet connection." ; exit 1 ; } +-test -e qemuafl/.git || { echo "[-] Not checked out, please install git or check your internet connection." ; exit 1 ; } -echo "[+] Got qemuafl." - cd "qemuafl" || exit 1 @@ -33,9 +31,17 @@ diff -Naur AFLplusplus-3.14c/qemu_mode/build_qemu_support.sh AFLplusplus-3.14c.p -else - echo "[*] Checking out $QEMUAFL_VERSION" - sh -c 'git stash' 1>/dev/null 2>/dev/null +- git pull - git checkout "$QEMUAFL_VERSION" || echo Warning: could not check out to commit $QEMUAFL_VERSION -fi -+sed -i '/hexagon/d' target/meson.build # broken! echo "[*] Making sure imported headers matches" cp "../../include/config.h" "./qemuafl/imported/" || exit 1 +@@ -239,7 +211,6 @@ + --enable-debug-stack-usage \ + --enable-debug-tcg \ + --enable-qom-cast-debug \ +- --enable-werror \ + " + + else diff --git a/development/aflplusplus/mkqemutarball.sh b/development/aflplusplus/mkqemutarball.sh new file mode 100644 index 0000000000..0bd7b7b11f --- /dev/null +++ b/development/aflplusplus/mkqemutarball.sh @@ -0,0 +1,27 @@ +#!/bin/sh + +# maintainer script. prepares qemuafl tarball for a given version of +# aflplusplus. requires network access and write permission to current +# directory. qemuafl has a long git history so this takes forever... + +set -e + +source ./aflplusplus.info + +QEMUVER="$( tar xvfO AFLplusplus-$VERSION.tar.gz AFLplusplus-$VERSION/qemu_mode/QEMUAFL_VERSION )" +if [ -z "$QEMUVER" ]; then + echo "Can't get qemuafl version, missing AFLplusplus tarball?" 1>&2 + exit 1 +fi + +echo "==> checking out qemuafl commit $QEMUVER" +rm -rf qemuafl qemuafl-$QEMUVER.tar.xz +git clone https://github.com/AFLplusplus/qemuafl +cd qemuafl +git checkout $QEMUVER +git submodule init +git submodule update +find . -name .git\* | xargs rm -rf +cd - +tar cvfJ qemuafl-$QEMUVER.tar.xz qemuafl +md5sum qemuafl-$QEMUVER.tar.xz |