-
Notifications
You must be signed in to change notification settings - Fork 5
/
Dockerfile
118 lines (98 loc) · 4.53 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
FROM --platform=linux/amd64 ubuntu:22.04
ENV DEBIAN_FRONTEND=noninteractive
#
#
# Evaluation Pipeline
#
#
# ===========================================================
# sailr-eval reqs
# ===========================================================
RUN dpkg --add-architecture i386
RUN apt-get update && apt-get -o APT::Immediate-Configure=0 install -y \
virtualenvwrapper python3-dev python3-pip build-essential libxml2-dev \
libxslt1-dev git libffi-dev cmake libreadline-dev libtool debootstrap \
debian-archive-keyring libglib2.0-dev libpixman-1-dev qtdeclarative5-dev \
binutils-multiarch nasm libc6:i386 libgcc1:i386 libstdc++6:i386 \
libtinfo5:i386 zlib1g:i386 vim libssl-dev openjdk-8-jdk openjdk-17-jdk \
openjdk-19-jdk graphviz-dev python-is-python3 \
&& apt-get install --no-install-recommends -y apt-utils wget unzip tar clang-format \
&& rm -rf /var/lib/apt/lists/* \
&& mkdir SAILR && mkdir versioned_tools && mkdir tools
# copy the local SAILR pip project and install
COPY ./sailreval /SAILR/sailreval
COPY ./*.py /SAILR/
COPY ./setup.cfg /SAILR/
# also inits the pyjoern project to avoid later download in init
RUN pip3 install -e ./SAILR && pyjoern --install
#
#
# Versioned Tools
#
#
WORKDIR versioned_tools
# ===========================================================
# angr decompiler (SAILR version)
# ===========================================================
# install angr, and all angr-packages, from the repos (for checkout ability)
RUN git clone https://github.com/angr/angr-dev.git && ( \
cd ./angr-dev && \
printf "I know this is a bad idea.\n" | ./setup.sh -i)
# ===========================================================
# Ghidra 10.1
# ===========================================================
RUN wget https://github.com/NationalSecurityAgency/ghidra/releases/download/Ghidra_10.1_build/ghidra_10.1_PUBLIC_20211210.zip && \
unzip ghidra_10.1_PUBLIC_20211210.zip
ENV PATH "/versioned_tools/ghidra_10.1_PUBLIC/support/:$PATH"
# any mounted tools take precedence on path
ENV PATH "/tools/:$PATH"
WORKDIR /SAILR
RUN git config --global --add safe.directory /SAILR
ENV FORCE_UNSAFE_CONFIGURE=1
#
#
# Evaluation targets requirements for compilation
#
#
# ===========================================================
# compilation requirements (add more below)
# ===========================================================
# coreutils & compiler reqs
RUN apt-get update && \
apt-get install -y \
apt-utils bison autopoint gettext gperf rsync texinfo libcap-dev libacl1-dev libssl-dev \
gcc-9 g++-9 clang flex
#&& \
#wget http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2.16_amd64.deb && \
#wget http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_1.1.1f-1ubuntu2.16_amd64.deb && \
#dpkg -i libssl1.1_1.1.1f-1ubuntu2.16_amd64.deb && \
#dpkg -i libssl-dev_1.1.1f-1ubuntu2.16_amd64.deb && \
#rm libssl1.1_1.1.1f-1ubuntu2.16_amd64.deb && \
#rm libssl-dev_1.1.1f-1ubuntu2.16_amd64.deb
# acl prep: has to reinstall libattr1-dev
RUN rm -rvf /usr/lib/libattr* && \
rm -rvf /lib/libattr* && \
apt-get install --no-install-recommends -y libattr1-dev \
# diffutils reqs
help2man \
# audit-userspace reqs
golang-openldap-dev \
# base-passwd reqs
docbook-utils po4a \
# dpkg reqs
libbsd-dev \
# gnutls reqs
gtk-doc-tools nettle-dev libtasn1-6-dev libunistring-dev libev-dev libunbound-dev libp11-kit-dev libtasn1-bin \
# rsyslog reqs
libestr-dev libfastjson-dev libgcrypt20-dev libcurl4-openssl-dev
# XXX: this was removed by remains for documentation: fix erorr to NEVER noreturn
#RUN sed -i 's/__error_noreturn (__status, __errnum, __format, __va_arg_pack ());/__error_alias (__status, __errnum, __format, __va_arg_pack ()); \/\/ SAILR EDIT/g' /usr/include/x86_64-linux-gnu/bits/error.h
#RUN sed -i 's/__error_at_line_noreturn/__error_at_line_alias/g' /usr/include/x86_64-linux-gnu/bits/error.h
# gcc-5 requirements, if this breaks you need to manually install gcc5 on the container or remove this
RUN printf "\ndeb http://us.archive.ubuntu.com/ubuntu/ xenial main\ndeb http://us.archive.ubuntu.com/ubuntu/ xenial universe\n" >> /etc/apt/sources.list && \
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 40976EAF437D05B5 3B4FE6ACC0B21F32 && \
apt update && \
apt install -y gcc-5 g++-5 && \
head -n -3 /etc/apt/sources.list > /tmp/tmp_source && \
mv /tmp/tmp_source /etc/apt/sources.list
ENTRYPOINT ["python3", "/SAILR/eval.py"]