nixpkgs: afl 1.67b -> 1.80b

Signed-off-by: Austin Seipp <aseipp@pobox.com>

7 files changed, 28 insertions, 32 deletions

diff --git a/pkgs/tools/security/afl/default.nix b/pkgs/tools/security/afl/default.nix
index ea495145d1a..2aed8df3260 100644
--- a/pkgs/tools/security/afl/default.nix
+++ b/pkgs/tools/security/afl/default.nix
@@ -9,11 +9,11 @@ let
 in
 stdenv.mkDerivation rec {
   name    = "afl-${version}";
-  version = "1.67b";
+  version = "1.80b";
 
   src = fetchurl {
     url    = "http://lcamtuf.coredump.cx/afl/releases/${name}.tgz";
-    sha256 = "11763zgwqg2b5hak006rp0jb3w252js067z9ibgl4nj3br2ncmd2";
+    sha256 = "008l2qirwlf40yhlrybcpglsil9nw8498qcjmvrnvvq31piwyhp0";
   };
 
   # Note: libcgroup isn't needed for building, just for the afl-cgroup
@@ -22,7 +22,9 @@ stdenv.mkDerivation rec {
 
   buildPhase   = ''
     make PREFIX=$out
-    cd llvm_mode && make && cd ..
+    cd llvm_mode
+    make PREFIX=$out CC=${clang}/bin/clang CXX=${clang}/bin/clang++
+    cd ..
   '';
   installPhase = ''
     # Do the normal installation
@@ -42,13 +44,6 @@ stdenv.mkDerivation rec {
     # Patch shebangs before wrapping
     patchShebangs $out/bin
 
-    # Wrap every program with a custom $AFL_PATH; I believe there is a
-    # bug in afl which causes it to fail to find `afl-qemu-trace`
-    # relative to `afl-fuzz` or `afl-showmap`, so we instead set
-    # $AFL_PATH as a workaround, which allows it to be found.
-    for x in `ls $out/bin/afl-* | grep -v afl-clang-fast`; do
-      wrapProgram $x --prefix AFL_PATH : "$out/bin"
-    done
     # Wrap afl-clang-fast(++) with a *different* AFL_PATH, because it
     # has totally different semantics in that case(?) - and also set a
     # proper AFL_CC and AFL_CXX so we don't pick up the wrong one out
diff --git a/pkgs/tools/security/afl/qemu-patches/afl-config.h b/pkgs/tools/security/afl/qemu-patches/afl-config.h
index 0017f9d83f4..cbf48881ade 100644
--- a/pkgs/tools/security/afl/qemu-patches/afl-config.h
+++ b/pkgs/tools/security/afl/qemu-patches/afl-config.h
@@ -88,10 +88,10 @@
 /* Maximum stacking for havoc-stage tweaks. The actual value is calculated
    like this: 
 
-   n = random between 0 and HAVOC_STACK_POW2
+   n = random between 1 and HAVOC_STACK_POW2
    stacking = 2^n
 
-   In other words, the default (n = 7) produces 1, 2, 4, 8, 16, 32, 64, or
+   In other words, the default (n = 7) produces 2, 4, 8, 16, 32, 64, or
    128 stacked tweaks: */
 
 #define HAVOC_STACK_POW2    7
@@ -250,9 +250,10 @@
 
 #define RESEED_RNG          10000
 
-/* Maximum line length passed from GCC to 'as': */
+/* Maximum line length passed from GCC to 'as' and used for parsing
+   configuration files: */
 
-#define MAX_AS_LINE         8192
+#define MAX_LINE            8192
 
 /* Environment variable used to pass SHM ID to the called program. */
 
diff --git a/pkgs/tools/security/afl/qemu-patches/cpu-exec.patch b/pkgs/tools/security/afl/qemu-patches/cpu-exec.patch
index 29b65e71b9a..75a7ea450ef 100644
--- a/pkgs/tools/security/afl/qemu-patches/cpu-exec.patch
+++ b/pkgs/tools/security/afl/qemu-patches/cpu-exec.patch
@@ -1,15 +1,15 @@
---- qemu-2.2.0/cpu-exec.c.orig     2014-12-09 14:45:40.000000000 +0000
-+++ qemu-2.2.0/cpu-exec.c  2015-02-20 22:07:02.966000000 +0000
-@@ -25,6 +25,8 @@
- #include "sysemu/qtest.h"
- #include "qemu/timer.h"
+--- qemu-2.3.0/cpu-exec.c.orig     2014-12-09 14:45:40.000000000 +0000
++++ qemu-2.3.0/cpu-exec.c  2015-02-20 22:07:02.966000000 +0000
+@@ -28,6 +28,8 @@
+ #include "exec/memory-internal.h"
+ #include "qemu/rcu.h"
 
 +#include "afl-qemu-cpu-inl.h"
 +
  /* -icount align implementation. */
 
  typedef struct SyncClocks {
-@@ -262,8 +264,11 @@
+@@ -296,8 +298,11 @@
      }
   not_found:
     /* if no translated code available, then translate it now */
@@ -21,7 +21,7 @@
   found:
      /* Move the last found TB to the head of the list */
      if (likely(*ptb1)) {
-@@ -455,6 +460,9 @@
+@@ -492,6 +497,9 @@
                      next_tb = 0;
                      tcg_ctx.tb_ctx.tb_invalidated_flag = 0;
                  }
diff --git a/pkgs/tools/security/afl/qemu-patches/elfload.patch b/pkgs/tools/security/afl/qemu-patches/elfload.patch
index 65f1572e9a7..325c917d15a 100644
--- a/pkgs/tools/security/afl/qemu-patches/elfload.patch
+++ b/pkgs/tools/security/afl/qemu-patches/elfload.patch
@@ -1,5 +1,5 @@
---- qemu-2.2.0/linux-user/elfload.c.orig	2014-12-09 14:45:42.000000000 +0000
-+++ qemu-2.2.0/linux-user/elfload.c	2015-01-28 02:51:23.719000000 +0000
+--- qemu-2.3.0/linux-user/elfload.c.orig	2014-12-09 14:45:42.000000000 +0000
++++ qemu-2.3.0/linux-user/elfload.c	2015-01-28 02:51:23.719000000 +0000
 @@ -28,6 +28,8 @@
  
  #define ELF_OSABI   ELFOSABI_SYSV
@@ -9,7 +9,7 @@
  /* from personality.h */
  
  /*
-@@ -1886,6 +1888,8 @@
+@@ -1889,6 +1891,8 @@
      info->brk = 0;
      info->elf_flags = ehdr->e_flags;
  
@@ -18,7 +18,7 @@
      for (i = 0; i < ehdr->e_phnum; i++) {
          struct elf_phdr *eppnt = phdr + i;
          if (eppnt->p_type == PT_LOAD) {
-@@ -1919,9 +1923,11 @@
+@@ -1922,9 +1926,11 @@
              if (elf_prot & PROT_EXEC) {
                  if (vaddr < info->start_code) {
                      info->start_code = vaddr;
diff --git a/pkgs/tools/security/afl/qemu-patches/syscall.patch b/pkgs/tools/security/afl/qemu-patches/syscall.patch
index c8ffb61ba2c..75d39386164 100644
--- a/pkgs/tools/security/afl/qemu-patches/syscall.patch
+++ b/pkgs/tools/security/afl/qemu-patches/syscall.patch
@@ -1,5 +1,5 @@
---- qemu-2.2.0/linux-user/syscall.c.orig	2014-12-09 14:45:43.000000000 +0000
-+++ qemu-2.2.0/linux-user/syscall.c	2015-03-27 06:33:00.736000000 +0000
+--- qemu-2.3.0/linux-user/syscall.c.orig	2014-12-09 14:45:43.000000000 +0000
++++ qemu-2.3.0/linux-user/syscall.c	2015-03-27 06:33:00.736000000 +0000
 @@ -227,7 +227,21 @@
  _syscall3(int,sys_rt_sigqueueinfo,int,pid,int,sig,siginfo_t *,uinfo)
  _syscall3(int,sys_syslog,int,type,char*,bufp,int,len)
diff --git a/pkgs/tools/security/afl/qemu-patches/translate-all.patch b/pkgs/tools/security/afl/qemu-patches/translate-all.patch
index 89163b607fd..180b3a55ab2 100644
--- a/pkgs/tools/security/afl/qemu-patches/translate-all.patch
+++ b/pkgs/tools/security/afl/qemu-patches/translate-all.patch
@@ -1,6 +1,6 @@
---- qemu-2.2.0/translate-all.c.orig     2014-12-09 14:45:46.000000000 +0000
-+++ qemu-2.2.0/translate-all.c  2015-01-28 22:37:42.383000000 +0000
-@@ -387,8 +387,13 @@
+--- qemu-2.3.0/translate-all.c.orig     2014-12-09 14:45:46.000000000 +0000
++++ qemu-2.3.0/translate-all.c  2015-01-28 22:37:42.383000000 +0000
+@@ -393,8 +393,13 @@
      /* We can't use g_malloc because it may recurse into a locked mutex. */
  # define ALLOC(P, SIZE)                                 \
      do {                                                \
diff --git a/pkgs/tools/security/afl/qemu.nix b/pkgs/tools/security/afl/qemu.nix
index 5b69811d08d..3dd47f50cf7 100644
--- a/pkgs/tools/security/afl/qemu.nix
+++ b/pkgs/tools/security/afl/qemu.nix
@@ -7,7 +7,7 @@
 with stdenv.lib;
 
 let
-  n = "qemu-2.2.0";
+  n = "qemu-2.3.0";
 
   aflHeaderFile = writeText "afl-qemu-cpu-inl.h"
     (builtins.readFile ./qemu-patches/afl-qemu-cpu-inl.h);
@@ -25,7 +25,7 @@ stdenv.mkDerivation rec {
 
   src = fetchurl {
     url = "http://wiki.qemu.org/download/${n}.tar.bz2";
-    sha256 = "1703c3scl5n07gmpilg7g2xzyxnr7jczxgx6nn4m8kv9gin9p35n";
+    sha256 = "120m53c3p28qxmfzllicjzr8syjv6v4d9rsyrgkp7gnmcgvvgfmn";
   };
 
   buildInputs =