From 168c26cb92a5acab3bdf7b0919b51a7865051cca4b3d2fed4028e92a33b8ddfd Mon Sep 17 00:00:00 2001 From: Martin Pluskal Date: Mon, 31 Aug 2020 07:45:49 +0000 Subject: [PATCH 1/2] Accepting request 829698 from home:dirkmueller:branches:devel:tools - update to 2.3.1: - honggfuzz.h - split run_t into substructs - clang-format options in .clang-format - added missing mutex initializers - removed unncessary comparisons to 'true' and 'false' - improved NetBSD compatibility - removed unnecessary memory fences (speed ups) - faster searching through the binary for const 4/8-byte values - removed unnecessary includes with iwyu - libhfnetdriver - general improvements around local socket fuzzing and timeouts - Added 8bitcnt instrumentation - use hfuzz-cc/hfuzz-8bitcnt-(gcc|clang) for that - PC-guard instrumentation now uses edge counting - --experimental_const_feedback is now set to true by default - additional string instrumentation wrappers: glib, lcms - additional mutators: splicing, changing ascii numbers - additional integer comparison instrumentation (adding integers to the dynamic dictionary) - fixed linking with ld.lld - removed `sanitizer-coverage-prune-blocks` from hfuzz-cc.c - most mutators have now either overwrite or insert versions - fixed memory barriers in libhfuzz/ - implemented skip_factor which dictates how often a given input is fuzzed - lowered the default timeout to 1 second - honggfuzz now uses microseconds, instead of milliseconds across the code - added some new functions to libhfcommon/files - enabled more aggressive inlining in hfuzz-cc/ - fixed compilation dependency under MacOS X - remove 0001-fix-some-m32-compilation-issues-type-casting.patch (upstream) OBS-URL: https://build.opensuse.org/request/show/829698 OBS-URL: https://build.opensuse.org/package/show/devel:tools/honggfuzz?expand=0&rev=20 --- honggfuzz-2.1.tar.gz | 3 --- honggfuzz-2.3.1.tar.gz | 3 +++ honggfuzz.changes | 32 ++++++++++++++++++++++++++++++++ honggfuzz.spec | 6 ++---- 4 files changed, 37 insertions(+), 7 deletions(-) delete mode 100644 honggfuzz-2.1.tar.gz create mode 100644 honggfuzz-2.3.1.tar.gz diff --git a/honggfuzz-2.1.tar.gz b/honggfuzz-2.1.tar.gz deleted file mode 100644 index b9506f7..0000000 --- a/honggfuzz-2.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:e55e7c99c61763ba97ecbe846b66e8f65e911bbcbf8a95d691cc90bbb3e3744b -size 65209308 diff --git a/honggfuzz-2.3.1.tar.gz b/honggfuzz-2.3.1.tar.gz new file mode 100644 index 0000000..53623cc --- /dev/null +++ b/honggfuzz-2.3.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3b1c8fbcd0a4ca9db72d88bfc74bc44edb78ccf386264549fb5f9bcf8f4fab72 +size 65221820 diff --git a/honggfuzz.changes b/honggfuzz.changes index c1888fb..0b9b14f 100644 --- a/honggfuzz.changes +++ b/honggfuzz.changes @@ -1,3 +1,35 @@ +------------------------------------------------------------------- +Wed Aug 26 07:52:12 UTC 2020 - Dirk Mueller + +- update to 2.3.1: + - honggfuzz.h - split run_t into substructs + - clang-format options in .clang-format + - added missing mutex initializers + - removed unncessary comparisons to 'true' and 'false' + - improved NetBSD compatibility + - removed unnecessary memory fences (speed ups) + - faster searching through the binary for const 4/8-byte values + - removed unnecessary includes with iwyu + - libhfnetdriver - general improvements around local socket fuzzing and timeouts + - Added 8bitcnt instrumentation - use hfuzz-cc/hfuzz-8bitcnt-(gcc|clang) for that + - PC-guard instrumentation now uses edge counting + - --experimental_const_feedback is now set to true by default + - additional string instrumentation wrappers: glib, lcms + - additional mutators: splicing, changing ascii numbers + - additional integer comparison instrumentation (adding integers to the dynamic dictionary) + - fixed linking with ld.lld + - removed `sanitizer-coverage-prune-blocks` from hfuzz-cc.c + - most mutators have now either overwrite or insert versions + - fixed memory barriers in libhfuzz/ + - implemented skip_factor which dictates how often a given input is fuzzed + - lowered the default timeout to 1 second + - honggfuzz now uses microseconds, instead of milliseconds across the code + - added some new functions to libhfcommon/files + - enabled more aggressive inlining in hfuzz-cc/ + - fixed compilation dependency under MacOS X +- remove 0001-fix-some-m32-compilation-issues-type-casting.patch (upstream) + + ------------------------------------------------------------------- Wed Mar 18 22:57:55 UTC 2020 - Christophe Giboudeaux diff --git a/honggfuzz.spec b/honggfuzz.spec index e97cc7a..5461f8a 100644 --- a/honggfuzz.spec +++ b/honggfuzz.spec @@ -17,14 +17,13 @@ Name: honggfuzz -Version: 2.1 +Version: 2.3.1 Release: 0 Summary: Security-oriented fuzzer with various analysis options License: Apache-2.0 Group: Development/Tools/Other URL: https://honggfuzz.com Source: https://github.com/google/honggfuzz/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz -Patch0: 0001-fix-some-m32-compilation-issues-type-casting.patch BuildRequires: binutils-devel BuildRequires: libunwind-devel BuildRequires: zlib-devel @@ -36,7 +35,6 @@ evolutionary, feedback-driven fuzzing based on code coverage %prep %setup -q -%patch0 -p1 %build export CFLAGS="%{optflags}" @@ -48,7 +46,7 @@ install -Dpm 0755 %{name} \ %files %license COPYING -%doc CHANGELOG CONTRIBUTING README.md +%doc CHANGELOG CONTRIBUTING.md README.md %{_bindir}/%{name} %changelog From f7f145e7562ae784b5ee208e368ea333e200b072c5ac6036f6f19102d880558c Mon Sep 17 00:00:00 2001 From: Martin Pluskal Date: Mon, 31 Aug 2020 08:16:50 +0000 Subject: [PATCH 2/2] OBS-URL: https://build.opensuse.org/package/show/devel:tools/honggfuzz?expand=0&rev=21 --- ...-m32-compilation-issues-type-casting.patch | 49 ------------------- 1 file changed, 49 deletions(-) delete mode 100644 0001-fix-some-m32-compilation-issues-type-casting.patch diff --git a/0001-fix-some-m32-compilation-issues-type-casting.patch b/0001-fix-some-m32-compilation-issues-type-casting.patch deleted file mode 100644 index b6ff47d..0000000 --- a/0001-fix-some-m32-compilation-issues-type-casting.patch +++ /dev/null @@ -1,49 +0,0 @@ -From aa1c3ccd0f9e2ed884ba877f2153b40c1448e6b9 Mon Sep 17 00:00:00 2001 -From: Robert Swiecki -Date: Thu, 5 Mar 2020 14:40:05 +0100 -Subject: [PATCH] fix some -m32 compilation issues (type casting) - ---- - linux/trace.c | 4 ++-- - report.c | 3 +-- - 2 files changed, 3 insertions(+), 4 deletions(-) - -diff --git a/linux/trace.c b/linux/trace.c -index 5a99363..3a22234 100644 ---- a/linux/trace.c -+++ b/linux/trace.c -@@ -531,7 +531,7 @@ static void arch_traceSaveData(run_t* run, pid_t pid) { - PLOG_W("Couldn't get siginfo for pid %d", pid); - } - -- uint64_t crashAddr = (uint64_t)si.si_addr; -+ uint64_t crashAddr = (uint64_t)(uintptr_t)si.si_addr; - /* User-induced signals don't set si.si_addr */ - if (SI_FROMUSER(&si)) { - crashAddr = 0UL; -@@ -571,7 +571,7 @@ static void arch_traceSaveData(run_t* run, pid_t pid) { - " instr: '%s'", - pid, si.si_signo, si.si_errno, si.si_code, si.si_addr, pc, crashAddr, instr); - -- if (!SI_FROMUSER(&si) && pc && crashAddr < (uint64_t)run->global->linux.ignoreAddr) { -+ if (!SI_FROMUSER(&si) && pc && crashAddr < (uint64_t)(uintptr_t)run->global->linux.ignoreAddr) { - LOG_I("Input is interesting (%s), but the si.si_addr is %p (below %p), skipping", - util_sigName(si.si_signo), si.si_addr, run->global->linux.ignoreAddr); - return; -diff --git a/report.c b/report.c -index 65af26d..383b273 100644 ---- a/report.c -+++ b/report.c -@@ -146,8 +146,7 @@ void report_appendReport(pid_t pid, run_t* run, funcs_t* funcs, size_t funcCnt, - run->report, sizeof(run->report), "STACK HASH: %016" PRIx64 "\n", run->backtrace); - util_ssnprintf(run->report, sizeof(run->report), "STACK:\n"); - for (size_t i = 0; i < funcCnt; i++) { -- util_ssnprintf( -- run->report, sizeof(run->report), " <0x%016" PRIx64 "> ", (uint64_t)funcs[i].pc); -+ util_ssnprintf(run->report, sizeof(run->report), " <0x%016tx> ", (uintptr_t)funcs[i].pc); - util_ssnprintf(run->report, sizeof(run->report), "[func:%s file:%s line:%zu module:%s]\n", - funcs[i].func, funcs[i].file, funcs[i].line, funcs[i].module); - } --- -2.25.1 -