Add install scripts.

doc/e9afl.1

@@ -0,0 +1,76 @@
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Vb \" Begin verbatim text
+.ft CW
+.nf
+.ne \\$1
+..
+.de Ve \" End verbatim text
+.ft R
+.fi
+..
+.TH "E9AFL" 1 "2021-06-02" "" "e9afl"
+.SH NAME
+\fBe9afl\fR \- binary American Fuzzy Lop (AFL) instrumentation
+.SH SYNOPSIS
+e9afl [\fB-Oblock=\fR{never|default|always}]
+      [\fB-Oselect=\fR{never|default|always}]
+      [\fB-d\fR|\fB--debug\fR]
+      [\fB-o=\fRoutput]
+      [\fB--help\fR]
+      binary
+.SH DESCRIPTION
+\fBe9afl\fR is a tool for automatically inserting American Fuzzy Lop
+(AFL) instrumentation into existing Linux x86_64 ELF binaries.
+This allows you to fuzz binaries without having to recompile the program from
+source.
+.PP
+For example, suppose that you wish to fuzz the \fBreadelf\fR program from
+binutils.
+Then we can use \fBe9afl\fR tool to automatically instrument the existing
+\fBreadelf\fR without recompilation:
+.Sp
+.Vb 1
+\&        e9afl readelf
+.Ve
+.Sp
+This will generate a modified \fBreadelf.afl\fR binary that can
+be fuzzed using \fBafl-fuzz\fR in the normal way:
+.Sp
+.Vb 1
+\&        afl\-fuzz \-i input/ \-o output/ \-\- ./readelf.afl \-a @@
+.Ve
+.Sp
+\fBe9afl\fR is built on top of the \fBe9tool\fR/\fBe9patch\fR static binary
+rewriting system.
+As such, \fBe9afl\fR should work on most ELF binaries that can be disassembled
+by \fBe9tool\fR.
+See the documentation for \fBe9tool\fR for more information.
+.SH "OPTIONS"
+.TP
+\fB-Oblock=\fR{never|default|always}
+Controls the application of the "bad block" optimization.
+Path coverage may be reduced for \fBalways\fR, and fuzzing speed may be
+reduced for \fBnever\fR.
+.TP
+\fB-Oselect=\fR{never|default|always}
+Controls the application of the "instruction selection" optimization.
+Fuzzing speed may be reduced for \fBnever\fR.
+.TP
+\fB-d\fR, \fB--debug\fR
+Print \fBe9afl\fR debugging information to \fBstderr\fR.
+.TP
+\fB-o=\fRoutput
+Use \fBoutput\fR as the output binary name.
+By default, \fBe9afl\fR uses the basename of the input binary appended with
+the string \fB".afl"\fR.
+.TP
+\fB--help\fR
+Display the help message and exit.
+.SH "SEE ALSO"
+\fIafl-fuzz\fR(1)
+.SH AUTHOR
+\fBe9afl\fR is written by Gregory J. Duck <gregory@comp.nus.edu.sg>.
+

install.sh

@@ -0,0 +1,106 @@
+#!/bin/bash
+#
+# Copyright (C) 2021 National University of Singapore
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+if [ -t 1 ]
+then
+    RED="\033[31m"
+    GREEN="\033[32m"
+    YELLOW="\033[33m"
+    BOLD="\033[1m"
+    OFF="\033[0m"
+else
+    RED=
+    GREEN=
+    YELLOW=
+    BOLD=
+    OFF=
+fi
+
+NAME=e9afl
+VERSION=0.1.0
+
+if [ ! -x install/e9afl ]
+then
+    echo -e "${RED}$0${OFF}: run ./build.sh first" 1>&2
+    exit 1
+fi
+
+set -e
+
+cd install/
+mkdir -p data
+mkdir -p control
+
+cd data/
+mkdir -p "./usr/share/e9afl/"
+cp "../afl-rt"         "./usr/share/e9afl/"
+cp "../e9afl"          "./usr/share/e9afl/"
+cp "../e9AFLPlugin.so" "./usr/share/e9afl/"
+cp "../e9patch"        "./usr/share/e9afl/"
+cp "../e9tool"         "./usr/share/e9afl/"
+mkdir -p "./usr/bin/"
+ln -s "../share/e9afl/e9afl" "./usr/bin/e9afl"
+mkdir -p "./usr/share/man/man1/"
+gzip --stdout ../../doc/e9afl.1 > ./usr/share/man/man1/e9afl.1.gz
+tar cz --owner root --group root -f ../data.tar.gz .
+md5sum `find ../data/ -type f -printf "%P "` > ../control/md5sums
+
+cd ../control/
+cat << EOF > control
+Package: ${NAME}
+Version: ${VERSION}
+Maintainer: Gregory J. Duck <gregory@comp.nus.edu.sg>
+Section: universe/devel
+Priority: optional
+Homepage: https://github.com/GJDuck/e9afl
+Architecture: amd64
+Depends: libc6 (>= 2.14)
+Recommends: afl
+Description: AFL binary instrumentation
+ E9AFL is a tool for automatically adding American Fuzzy Lop (AFL)
+ instrumentation to existing binary code using static binary rewriting.  This
+ makes it possible to add AFL instrumentation to programs without
+ recompilation, and is useful for cases where the source code is not available
+ (i.e. commercial software).
+ .
+ E9AFL is designed to be scalable: it is based on the E9Patch static binary
+ rewriting tool that can scale to very large software.  E9AFL implements
+ several optimizations so that fuzzing speed is comparable to source-level
+ instrumentation with afl-gcc.
+EOF
+tar cz --owner root --group root -f ../control.tar.gz control md5sums
+cd ..
+echo "2.0" > debian-binary
+PACKAGE="${NAME}_${VERSION}_amd64.deb"
+fakeroot ar cr "../${PACKAGE}" debian-binary control.tar.gz \
+    data.tar.gz
+rm -rf debian-binary control.tar.gz data.tar.gz data/ control/
+
+echo -e "${GREEN}$0${OFF}: Successfully built ${YELLOW}${PACKAGE}${OFF}..."
+
+DIR="${NAME}-${VERSION}"
+TAR_GZ="${DIR}.tar.gz"
+mkdir -p "${DIR}"
+cp "afl-rt"         "${DIR}/"
+cp "e9afl"          "${DIR}/"
+cp "e9AFLPlugin.so" "${DIR}/"
+cp "e9patch"        "${DIR}/"
+cp "e9tool"         "${DIR}/"
+tar cz --owner root --group root -f "../${TAR_GZ}" "$DIR"
+
+echo -e "${GREEN}$0${OFF}: Successfully built ${YELLOW}${TAR_GZ}${OFF}..."
+