From db01e7b2207e0de45d9c346036f22322495ab249 Mon Sep 17 00:00:00 2001
From: s1341 <s1341@users.noreply.github.com>
Date: Tue, 20 Dec 2022 00:30:49 +0200
Subject: [PATCH] grap: init at 1.3.1 (#114129)

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
Co-authored-by: s1341 <s1341@github.com>
---
 pkgs/tools/security/grap/default.nix | 51 ++++++++++++++++++++++++++++
 pkgs/top-level/all-packages.nix      |  2 ++
 2 files changed, 53 insertions(+)
 create mode 100644 pkgs/tools/security/grap/default.nix

diff --git a/pkgs/tools/security/grap/default.nix b/pkgs/tools/security/grap/default.nix
new file mode 100644
index 000000000000..a0572758aae6
--- /dev/null
+++ b/pkgs/tools/security/grap/default.nix
@@ -0,0 +1,51 @@
+{ lib, stdenv, fetchFromGitHub, boost, libseccomp, flex, python3Packages, swig4, bison, cmake, python3 }:
+
+stdenv.mkDerivation rec {
+  pname = "grap";
+  version = "1.3.1";
+
+  src = fetchFromGitHub {
+    owner = "QuoSecGmbH";
+    repo = "grap";
+    rev = "v${version}";
+    sha256 = "1fkdi7adfffxg1k4h6r9i69i3wi93s44c1j4cvr69blxsfh0mcnc";
+  };
+
+  nativeBuildInputs = [
+    bison
+    cmake
+    flex
+    python3
+  ];
+
+  buildInputs = [
+    boost.all
+    libseccomp
+    swig4
+  ];
+
+  strictDeps = true;
+
+  cmakeFlags = [
+    "-DPYTHON_SITE_DIR=$out/${python3.sitePackages}"
+    "../src"
+  ];
+
+  postPatch = ''
+    substituteInPlace src/tools/grap-match/CMakeLists.txt --replace "/usr/local/bin" "$out/bin"
+    substituteInPlace src/tools/grap/CMakeLists.txt --replace "/usr/local/bin" "$out/bin"
+  '';
+
+  meta = with lib; {
+    description = "Define and match graph patterns within binaries";
+    longDescription = ''
+      grap takes patterns and binary files, uses a Casptone-based disassembler to obtain the control flow graphs from the binaries, then matches the patterns against them.
+
+      Patterns are user-defined graphs with instruction conditions ("opcode is xor and arg1 is eax") and repetition conditions (3 identical instructions, basic blocks...).
+    '';
+    homepage = "https://github.com/QuoSecGmbH/grap/";
+    license = licenses.mit;
+    maintainers = [ maintainers.s1341 ];
+    platforms = platforms.linux;
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 0e72545611a5..ba55fe01ec16 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -36396,6 +36396,8 @@ with pkgs;
     python3 = python39;
   };
 
+  grap = callPackage ../tools/security/grap { };
+
   gravit = callPackage ../applications/science/astronomy/gravit { };
 
   golly = callPackage ../applications/science/misc/golly {