diff options
| -rw-r--r-- | maintainers/maintainer-list.nix | 10 | ||||
| -rw-r--r-- | pkgs/tools/security/honggfuzz/default.nix | 45 | ||||
| -rw-r--r-- | pkgs/top-level/all-packages.nix | 2 |
3 files changed, 57 insertions, 0 deletions
diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index c306867e966..446c2ce71a8 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -1646,6 +1646,16 @@ githubId = 411324; name = "Carles Pagès"; }; + cpu = { + email = "daniel@binaryparadox.net"; + github = "cpu"; + githubId = 292650; + name = "Daniel McCarney"; + keys = [{ + longkeyid = "rsa2048/0x08FB2BFC470E75B4"; + fingerprint = "8026 D24A A966 BF9C D3CD CB3C 08FB 2BFC 470E 75B4"; + }]; + }; craigem = { email = "craige@mcwhirter.io"; github = "craigem"; diff --git a/pkgs/tools/security/honggfuzz/default.nix b/pkgs/tools/security/honggfuzz/default.nix new file mode 100644 index 00000000000..ce86e117100 --- /dev/null +++ b/pkgs/tools/security/honggfuzz/default.nix @@ -0,0 +1,45 @@ +{ stdenv, fetchFromGitHub, callPackage, makeWrapper +, clang, llvm, libbfd, libopcodes, libunwind, libblocksruntime +}: + +let + honggfuzz = stdenv.mkDerivation rec { + pname = "honggfuzz"; + version = "2.2"; + + src = fetchFromGitHub { + owner = "google"; + repo = pname; + rev = "${version}"; + sha256 = "0ycpx087mhv5s7w01chg2b6rfb3zgfpp9in0x73kpv7y4dcvg7gw"; + }; + enableParallelBuilding = true; + + nativeBuildInputs = [ makeWrapper ]; + buildInputs = [ llvm ]; + propagatedBuildInputs = [ libbfd libopcodes libunwind libblocksruntime ]; + + makeFlags = [ "PREFIX=$(out)" ]; + + meta = { + description = "A security oriented, feedback-driven, evolutionary, easy-to-use fuzzer"; + longDescription = '' + Honggfuzz is a security oriented, feedback-driven, evolutionary, + easy-to-use fuzzer with interesting analysis options. It is + multi-process and multi-threaded, blazingly fast when the persistent + fuzzing mode is used and has a solid track record of uncovered security + bugs. + + Honggfuzz uses low-level interfaces to monitor processes and it will + discover and report hijacked/ignored signals from crashes. Feed it + a simple corpus directory (can even be empty for the feedback-driven + fuzzing), and it will work its way up, expanding it by utilizing + feedback-based coverage metrics. + ''; + homepage = "https://honggfuzz.dev/"; + license = stdenv.lib.licenses.asl20; + platforms = ["x86_64-linux"]; + maintainers = with stdenv.lib.maintainers; [ cpu ]; + }; + }; +in honggfuzz diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index a5edc39f519..c70d5e84b14 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -606,6 +606,8 @@ in stdenv = clangStdenv; }; + honggfuzz = callPackage ../tools/security/honggfuzz { }; + aflplusplus = callPackage ../tools/security/aflplusplus { clang = clang_9; llvm = llvm_9; |