tjh.dev
1{ lib
2, stdenv
3, fetchFromGitHub
4, callPackage
5, makeWrapper
6, clang
7, llvm
8# TODO: switch to latest versions when 2.6 release is out to include
9# https://github.com/google/honggfuzz/commit/90fdf81006614664ef05e5e3c6f94d91610f11b2
10, libbfd_2_38, libopcodes_2_38
11, libunwind
12, libblocksruntime }:
13
14stdenv.mkDerivation rec {
15 pname = "honggfuzz";
16 version = "2.5";
17
18 src = fetchFromGitHub {
19 owner = "google";
20 repo = pname;
21 rev = version;
22 sha256 = "sha256-TkyUKmiiSAfCnfQhSOUxuce6+dRyMmHy7vFK59jPIxM=";
23 };
24
25 postPatch = ''
26 substituteInPlace hfuzz_cc/hfuzz-cc.c \
27 --replace '"clang' '"${clang}/bin/clang'
28 '';
29
30 enableParallelBuilding = true;
31
32 nativeBuildInputs = [ makeWrapper ];
33 buildInputs = [ llvm ];
34 propagatedBuildInputs = [ libbfd_2_38 libopcodes_2_38 libunwind libblocksruntime ];
35
36 makeFlags = [ "PREFIX=$(out)" ];
37
38 postInstall = ''
39 mkdir -p $out/lib
40 cp libhfuzz/libhfuzz.a $out/lib
41 cp libhfuzz/libhfuzz.so $out/lib
42 cp libhfcommon/libhfcommon.a $out/lib
43 cp libhfnetdriver/libhfnetdriver.a $out/lib
44 '';
45
46 meta = {
47 description =
48 "A security oriented, feedback-driven, evolutionary, easy-to-use fuzzer";
49 longDescription = ''
50 Honggfuzz is a security oriented, feedback-driven, evolutionary,
51 easy-to-use fuzzer with interesting analysis options. It is
52 multi-process and multi-threaded, blazingly fast when the persistent
53 fuzzing mode is used and has a solid track record of uncovered security
54 bugs.
55
56 Honggfuzz uses low-level interfaces to monitor processes and it will
57 discover and report hijacked/ignored signals from crashes. Feed it
58 a simple corpus directory (can even be empty for the feedback-driven
59 fuzzing), and it will work its way up, expanding it by utilizing
60 feedback-based coverage metrics.
61 '';
62 homepage = "https://honggfuzz.dev/";
63 license = lib.licenses.asl20;
64 platforms = lib.platforms.linux;
65 maintainers = with lib.maintainers; [ cpu chivay ];
66 };
67}