From 5b0310ec59d3e8117d40fa108c9b2da22e3d9258 Mon Sep 17 00:00:00 2001 From: Austin Seipp Date: Sat, 28 Mar 2015 01:51:00 -0500 Subject: nixpkgs: afl 1.57b -> 1.58b Signed-off-by: Austin Seipp --- pkgs/tools/security/afl/default.nix | 4 ++-- .../security/afl/qemu-patches/afl-qemu-cpu-inl.h | 5 ++++- pkgs/tools/security/afl/qemu-patches/syscall.patch | 25 ++++++++++++++++++++++ pkgs/tools/security/afl/qemu.nix | 1 + 4 files changed, 32 insertions(+), 3 deletions(-) create mode 100644 pkgs/tools/security/afl/qemu-patches/syscall.patch (limited to 'pkgs/tools/security/afl') diff --git a/pkgs/tools/security/afl/default.nix b/pkgs/tools/security/afl/default.nix index ed9b6d56edb4b..93c5988b55d4a 100644 --- a/pkgs/tools/security/afl/default.nix +++ b/pkgs/tools/security/afl/default.nix @@ -8,11 +8,11 @@ let in stdenv.mkDerivation rec { name = "afl-${version}"; - version = "1.57b"; + version = "1.58b"; src = fetchurl { url = "http://lcamtuf.coredump.cx/afl/releases/${name}.tgz"; - sha256 = "05dwh2kgz31702y339bvbs0b3ffadxgxk8cqqhs2i0ggx5bnl5p4"; + sha256 = "1szggm4x9i9bsrcb99s5vbgncagp7jvhz8cg9amkx7p6mp2x4pld"; }; buildInputs = [ makeWrapper ]; diff --git a/pkgs/tools/security/afl/qemu-patches/afl-qemu-cpu-inl.h b/pkgs/tools/security/afl/qemu-patches/afl-qemu-cpu-inl.h index 7d5a47669e495..c6ebc873ae09f 100644 --- a/pkgs/tools/security/afl/qemu-patches/afl-qemu-cpu-inl.h +++ b/pkgs/tools/security/afl/qemu-patches/afl-qemu-cpu-inl.h @@ -69,9 +69,10 @@ abi_ulong afl_entry_point, /* ELF entry point (_start) */ afl_start_code, /* .text start pointer */ afl_end_code; /* .text end pointer */ -/* Set on the child in forkserver mode: */ +/* Set in the child process in forkserver mode: */ static unsigned char afl_fork_child; +unsigned int afl_forksrv_pid; /* Instrumentation ratio: */ @@ -158,6 +159,8 @@ static void afl_forkserver(CPUArchState *env) { if (write(FORKSRV_FD + 1, tmp, 4) != 4) return; + afl_forksrv_pid = getpid(); + /* All right, let's await orders... */ while (1) { diff --git a/pkgs/tools/security/afl/qemu-patches/syscall.patch b/pkgs/tools/security/afl/qemu-patches/syscall.patch new file mode 100644 index 0000000000000..c8ffb61ba2cf2 --- /dev/null +++ b/pkgs/tools/security/afl/qemu-patches/syscall.patch @@ -0,0 +1,25 @@ +--- qemu-2.2.0/linux-user/syscall.c.orig 2014-12-09 14:45:43.000000000 +0000 ++++ qemu-2.2.0/linux-user/syscall.c 2015-03-27 06:33:00.736000000 +0000 +@@ -227,7 +227,21 @@ + _syscall3(int,sys_rt_sigqueueinfo,int,pid,int,sig,siginfo_t *,uinfo) + _syscall3(int,sys_syslog,int,type,char*,bufp,int,len) + #if defined(TARGET_NR_tgkill) && defined(__NR_tgkill) +-_syscall3(int,sys_tgkill,int,tgid,int,pid,int,sig) ++ ++extern unsigned int afl_forksrv_pid; ++ ++static int sys_tgkill(int tgid, int pid, int sig) { ++ ++ /* Workaround for -lpthread to make abort() work properly, without ++ killing the forkserver due to a prematurely cached PID. */ ++ ++ if (afl_forksrv_pid && afl_forksrv_pid == pid && sig == SIGABRT) ++ pid = tgid = getpid(); ++ ++ return syscall(__NR_sys_tgkill, pid, tgid, sig); ++ ++} ++ + #endif + #if defined(TARGET_NR_tkill) && defined(__NR_tkill) + _syscall2(int,sys_tkill,int,tid,int,sig) diff --git a/pkgs/tools/security/afl/qemu.nix b/pkgs/tools/security/afl/qemu.nix index 929f9fba9a613..441d64415cbda 100644 --- a/pkgs/tools/security/afl/qemu.nix +++ b/pkgs/tools/security/afl/qemu.nix @@ -42,6 +42,7 @@ stdenv.mkDerivation rec { ./qemu-patches/cpu-exec.patch ./qemu-patches/no-etc-install.patch ./qemu-patches/translate-all.patch + ./qemu-patches/syscall.patch ]; preConfigure = '' -- cgit 1.4.1