diff --git a/security/Makefile b/security/Makefile index 5406d6acabc5..3758cd89a01b 100644 --- a/security/Makefile +++ b/security/Makefile @@ -16,6 +16,7 @@ SUBDIR += aescrypt SUBDIR += aespipe SUBDIR += afl + SUBDIR += afl++ SUBDIR += afterglow SUBDIR += aide SUBDIR += akmos diff --git a/security/afl++/Makefile b/security/afl++/Makefile new file mode 100644 index 000000000000..8db52cde084f --- /dev/null +++ b/security/afl++/Makefile @@ -0,0 +1,89 @@ +# Created by: Fabian Keil +# $FreeBSD$ + +PORTNAME= afl +PORTVERSION= 2.52c +CATEGORIES= security +PKGNAMESUFFIX= ++ + +MAINTAINER= tobik@FreeBSD.org +COMMENT= Fast instrumented fuzzer + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/docs/COPYING + +# In theory afl supports other architectures with the LLVM plugin. +# It has to be compiled with AFL_NO_X86=1 in that case. +ONLY_FOR_ARCHS= amd64 i386 +ONLY_FOR_ARCHS_REASON= Uses binary instrumentation + +USES= gmake tar:tgz +USE_GITHUB= yes +GH_ACCOUNT= vanhauser-thc +GH_PROJECT= AFLplusplus + +ALL_TARGET= all libdislocator +TEST_TARGET= test_build + +CONFLICTS_INSTALL= afl + +OPTIONS_DEFINE= DEBUG DOCS LLVM +OPTIONS_DEFAULT= LLVM +OPTIONS_SUB= yes + +LLVM_DESC= LLVM-based instrumentation + +LLVM_BUILD_DEPENDS= clang${LLVM_DEFAULT}:devel/llvm${LLVM_DEFAULT} +LLVM_RUN_DEPENDS= clang${LLVM_DEFAULT}:devel/llvm${LLVM_DEFAULT} +LLVM_MAKE_ARGS= LLVM_CONFIG=llvm-config${LLVM_DEFAULT} +LLVM_ALL_TARGET= llvm_mode +LLVM_TEST_TARGET= test_llvm_mode +LLVM_VARS= CC=clang${LLVM_DEFAULT} \ + CXX=clang++${LLVM_DEFAULT} + +.include + +.if ${ARCH} == "i386" +# Clang i386 emits .cfi_sections which base as(1) doesn't understand +BUILD_DEPENDS+= ${LOCALBASE}/bin/as:devel/binutils +RUN_DEPENDS+= ${LOCALBASE}/bin/as:devel/binutils +.endif + +post-patch: +# Disable the instrumentation tests to make sure building packages in +# jails works by default. afl needs shmget() which usually isn't +# available in jails. + @${REINPLACE_CMD} 's@^\(all.*\) test_build@\1@' \ + ${WRKSRC}/Makefile ${WRKSRC}/llvm_mode/Makefile +.if ${ARCH} == "i386" + @${REINPLACE_CMD} 's@\( as_params\[0\] = afl_as ? afl_as : \)\(.*\)@\1(u8*)"${LOCALBASE}/bin/as";@' \ + ${WRKSRC}/afl-as.c +.endif + @${CAT} ${FILESDIR}/Makefile.extra >> ${WRKSRC}/Makefile + +post-patch-LLVM-on: + @${REINPLACE_CMD} \ + -e 's|"clang"|"clang${LLVM_DEFAULT}"|g' \ + -e 's|"clang\+\+"|"clang\+\+${LLVM_DEFAULT}"|g' \ + ${WRKSRC}/llvm_mode/afl-clang-fast.c + +post-install: +.for script in afl-cmin afl-plot afl-whatsup + ${INSTALL_SCRIPT} ${WRKSRC}/${script} ${STAGEDIR}${PREFIX}/bin +.endfor + @${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/afl/afl-as +.for prog in afl-analyze afl-fuzz afl-gcc afl-gotcpu afl-showmap afl-tmin + @${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/${prog} +.endfor + ${INSTALL_LIB} ${WRKSRC}/libdislocator/libdislocator.so \ + ${STAGEDIR}${PREFIX}/lib/afl + ${INSTALL_DATA} ${WRKSRC}/libdislocator/README.dislocator \ + ${STAGEDIR}${DOCSDIR} + +post-install-LLVM-on: + @${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/afl/*.so \ + ${STAGEDIR}${PREFIX}/bin/afl-clang-fast + ${INSTALL_DATA} ${WRKSRC}/llvm_mode/README.llvm \ + ${STAGEDIR}${DOCSDIR} + +.include diff --git a/security/afl++/distinfo b/security/afl++/distinfo new file mode 100644 index 000000000000..be0d872fcc9c --- /dev/null +++ b/security/afl++/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1560577710 +SHA256 (vanhauser-thc-AFLplusplus-2.52c_GH0.tar.gz) = 013b3c56722d48de5ebb50ef0146696cef8ed42e29981988027b80102c7709e6 +SIZE (vanhauser-thc-AFLplusplus-2.52c_GH0.tar.gz) = 851177 diff --git a/security/afl++/files/Makefile.extra b/security/afl++/files/Makefile.extra new file mode 100644 index 000000000000..b8664858dc50 --- /dev/null +++ b/security/afl++/files/Makefile.extra @@ -0,0 +1,10 @@ +.PHONY: libdislocator llvm_mode test_llvm_mode + +libdislocator: + $(MAKE) -C libdislocator + +llvm_mode: + $(MAKE) -C llvm_mode + +test_llvm_mode: + $(MAKE) -C llvm_mode test_build diff --git a/security/afl++/pkg-descr b/security/afl++/pkg-descr new file mode 100644 index 000000000000..11248f10e20c --- /dev/null +++ b/security/afl++/pkg-descr @@ -0,0 +1,10 @@ +American fuzzy lop is a fuzzer that employs a novel type of compile-time +instrumentation and genetic algorithms to automatically discover clean, +interesting test cases that trigger new internal states in the targeted +binary. This substantially improves the functional coverage for the +fuzzed code. + +afl++ is a fork of afl that incorporates all community patches into +a single source distribution. + +WWW: https://github.com/vanhauser-thc/AFLplusplus diff --git a/security/afl++/pkg-plist b/security/afl++/pkg-plist new file mode 100644 index 000000000000..9c44c48f715c --- /dev/null +++ b/security/afl++/pkg-plist @@ -0,0 +1,92 @@ +bin/afl-analyze +bin/afl-clang +bin/afl-clang++ +%%LLVM%%bin/afl-clang-fast +%%LLVM%%bin/afl-clang-fast++ +bin/afl-cmin +bin/afl-fuzz +bin/afl-g++ +bin/afl-gcc +bin/afl-gotcpu +bin/afl-plot +bin/afl-showmap +bin/afl-system-config +bin/afl-tmin +bin/afl-whatsup +lib/afl/afl-as +%%LLVM%%lib/afl/afl-llvm-pass.so +%%LLVM%%lib/afl/afl-llvm-rt-32.o +%%LLVM%%lib/afl/afl-llvm-rt-64.o +%%LLVM%%lib/afl/afl-llvm-rt.o +lib/afl/as +%%LLVM%%lib/afl/compare-transform-pass.so +lib/afl/libdislocator.so +%%LLVM%%lib/afl/split-compares-pass.so +%%LLVM%%lib/afl/split-switches-pass.so +%%DATADIR%%/README.dictionaries +%%DATADIR%%/README.testcases +%%DATADIR%%/archives/common/ar/small_archive.a +%%DATADIR%%/archives/common/bzip2/small_archive.bz2 +%%DATADIR%%/archives/common/cab/small_archive.cab +%%DATADIR%%/archives/common/compress/small_archive.Z +%%DATADIR%%/archives/common/cpio/small_archive.cpio +%%DATADIR%%/archives/common/gzip/small_archive.gz +%%DATADIR%%/archives/common/lzo/small_archive.lzo +%%DATADIR%%/archives/common/rar/small_archive.rar +%%DATADIR%%/archives/common/tar/small_archive.tar +%%DATADIR%%/archives/common/xz/small_archive.xz +%%DATADIR%%/archives/common/zip/small_archive.zip +%%DATADIR%%/archives/exotic/arj/small_archive.arj +%%DATADIR%%/archives/exotic/lha/small_archive.lha +%%DATADIR%%/archives/exotic/lrzip/small_archive.lrz +%%DATADIR%%/archives/exotic/lzip/small_archive.lz +%%DATADIR%%/archives/exotic/lzma/small_archive.lzma +%%DATADIR%%/archives/exotic/rzip/small_archive.rz +%%DATADIR%%/archives/exotic/zoo/small_archive.zoo +%%DATADIR%%/gif.dict +%%DATADIR%%/html_tags.dict +%%DATADIR%%/images/bmp/not_kitty.bmp +%%DATADIR%%/images/gif/not_kitty.gif +%%DATADIR%%/images/ico/not_kitty.ico +%%DATADIR%%/images/jp2/not_kitty.jp2 +%%DATADIR%%/images/jpeg/not_kitty.jpg +%%DATADIR%%/images/jxr/not_kitty.jxr +%%DATADIR%%/images/png/not_kitty.png +%%DATADIR%%/images/png/not_kitty_alpha.png +%%DATADIR%%/images/png/not_kitty_gamma.png +%%DATADIR%%/images/png/not_kitty_icc.png +%%DATADIR%%/images/tiff/not_kitty.tiff +%%DATADIR%%/images/webp/not_kitty.webp +%%DATADIR%%/jpeg.dict +%%DATADIR%%/js.dict +%%DATADIR%%/json.dict +%%DATADIR%%/multimedia/h264/small_movie.mp4 +%%DATADIR%%/others/elf/small_exec.elf +%%DATADIR%%/others/js/small_script.js +%%DATADIR%%/others/pcap/small_capture.pcap +%%DATADIR%%/others/pdf/small.pdf +%%DATADIR%%/others/rtf/small_document.rtf +%%DATADIR%%/others/sql/simple_queries.sql +%%DATADIR%%/others/text/hello_world.txt +%%DATADIR%%/others/xml/small_document.xml +%%DATADIR%%/pdf.dict +%%DATADIR%%/png.dict +%%DATADIR%%/sql.dict +%%DATADIR%%/tiff.dict +%%DATADIR%%/webp.dict +%%DATADIR%%/xml.dict +%%PORTDOCS%%%%DOCSDIR%%/ChangeLog +%%PORTDOCS%%%%DOCSDIR%%/QuickStartGuide.txt +%%PORTDOCS%%%%DOCSDIR%%/README +%%PORTDOCS%%%%DOCSDIR%%/README.dislocator +%%LLVM%%%%PORTDOCS%%%%DOCSDIR%%/README.llvm +%%PORTDOCS%%%%DOCSDIR%%/env_variables.txt +%%PORTDOCS%%%%DOCSDIR%%/historical_notes.txt +%%PORTDOCS%%%%DOCSDIR%%/life_pro_tips.txt +%%PORTDOCS%%%%DOCSDIR%%/notes_for_asan.txt +%%PORTDOCS%%%%DOCSDIR%%/parallel_fuzzing.txt +%%PORTDOCS%%%%DOCSDIR%%/perf_tips.txt +%%PORTDOCS%%%%DOCSDIR%%/power_schedules.txt +%%PORTDOCS%%%%DOCSDIR%%/sister_projects.txt +%%PORTDOCS%%%%DOCSDIR%%/status_screen.txt +%%PORTDOCS%%%%DOCSDIR%%/technical_details.txt