From adf510cb7f8aa50e03284879cfbb2e41c2e77a0edd9b0fcd424550c0c3cdd4b8 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Tue, 1 Jun 2021 11:48:26 +0000 Subject: [PATCH] Accepting request 896670 from home:msmeissn:branches:devel:tools - updated to 3.13c - Note: plot_data switched to relative time from unix time in 3.10 - frida_mode - new mode that uses frida to fuzz binary-only targets, it currently supports persistent mode and cmplog. thanks to @WorksButNotTested! - create a fuzzing dictionary with the help of CodeQL thanks to @microsvuln! see utils/autodict_ql - afl-fuzz: - added patch by @realmadsci to support @@ as part of command line options, e.g. `afl-fuzz ... -- ./target --infile=@@` - add recording of previous fuzz attempts for persistent mode to allow replay of non-reproducable crashes, see AFL_PERSISTENT_RECORD in config.h and docs/envs.h - fixed a bug when trimming for stdin targets - cmplog -l: default cmplog level is now 2, better efficiency. level 3 now performs redqueen on everything. use with care. - better fuzzing strategy yield display for enabled options - ensure one fuzzer sync per cycle - fix afl_custom_queue_new_entry original file name when syncing from fuzzers - fixed a crash when more than one custom mutator was used together with afl_custom_post_process - on a crashing seed potentially the wrong input was disabled - added AFL_EXIT_ON_SEED_ISSUES env that will exit if a seed in -i dir crashes the target or results in a timeout. By default afl++ ignores these and uses them for splicing instead. - added AFL_EXIT_ON_TIME env that will make afl-fuzz exit fuzzing after no new paths have been found for n seconds - when AFL_FAST_CAL is set a variable path will now be calibrated 8 times instead of originally 40. Long calibration is now 20. OBS-URL: https://build.opensuse.org/request/show/896670 OBS-URL: https://build.opensuse.org/package/show/devel:tools/afl?expand=0&rev=138 --- 3.12c.tar.gz | 3 --- 3.13c.tar.gz | 3 +++ afl.changes | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++ afl.spec | 2 +- 4 files changed, 64 insertions(+), 4 deletions(-) delete mode 100644 3.12c.tar.gz create mode 100644 3.13c.tar.gz diff --git a/3.12c.tar.gz b/3.12c.tar.gz deleted file mode 100644 index fb5d6d0..0000000 --- a/3.12c.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:0240d34a2f99d157063e31d0c2d2801a68bc015e09187d9cc197637ec8fda635 -size 2065569 diff --git a/3.13c.tar.gz b/3.13c.tar.gz new file mode 100644 index 0000000..e5b37aa --- /dev/null +++ b/3.13c.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7b0d5b17acb38c19878865b91a26ec718fa0ef53363473240c7cfbdbed356f7f +size 2128787 diff --git a/afl.changes b/afl.changes index a1ac93d..afb150a 100644 --- a/afl.changes +++ b/afl.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Tue Jun 1 10:36:06 UTC 2021 - Marcus Meissner + +- updated to 3.13c + - Note: plot_data switched to relative time from unix time in 3.10 + - frida_mode - new mode that uses frida to fuzz binary-only targets, + it currently supports persistent mode and cmplog. + thanks to @WorksButNotTested! + - create a fuzzing dictionary with the help of CodeQL thanks to + @microsvuln! see utils/autodict_ql + - afl-fuzz: + - added patch by @realmadsci to support @@ as part of command line + options, e.g. `afl-fuzz ... -- ./target --infile=@@` + - add recording of previous fuzz attempts for persistent mode + to allow replay of non-reproducable crashes, see + AFL_PERSISTENT_RECORD in config.h and docs/envs.h + - fixed a bug when trimming for stdin targets + - cmplog -l: default cmplog level is now 2, better efficiency. + level 3 now performs redqueen on everything. use with care. + - better fuzzing strategy yield display for enabled options + - ensure one fuzzer sync per cycle + - fix afl_custom_queue_new_entry original file name when syncing + from fuzzers + - fixed a crash when more than one custom mutator was used together + with afl_custom_post_process + - on a crashing seed potentially the wrong input was disabled + - added AFL_EXIT_ON_SEED_ISSUES env that will exit if a seed in + -i dir crashes the target or results in a timeout. By default + afl++ ignores these and uses them for splicing instead. + - added AFL_EXIT_ON_TIME env that will make afl-fuzz exit fuzzing + after no new paths have been found for n seconds + - when AFL_FAST_CAL is set a variable path will now be calibrated + 8 times instead of originally 40. Long calibration is now 20. + - added AFL_TRY_AFFINITY to try to bind to CPUs but don't error if + it fails + - afl-cc: + - We do not support llvm versions prior 6.0 anymore + - added thread safe counters to all modes (`AFL_LLVM_THREADSAFE_INST`), + note that this disables NeverZero counters. + - Fix for -pie compiled binaries with default afl-clang-fast PCGUARD + - Leak Sanitizer (AFL_USE_LSAN) added by Joshua Rogers, thanks! + - Removed InsTrim instrumentation as it is not as good as PCGUARD + - Removed automatic linking with -lc++ for LTO mode + - Fixed a crash in llvm dict2file when a strncmp length was -1 + - added --afl-noopt support + - utils/aflpp_driver: + - aflpp_qemu_driver_hook fixed to work with qemu_mode + - aflpp_driver now compiled with -fPIC + - unicornafl: + - fix MIPS delay slot caching, thanks @JackGrence + - fixed aarch64 exit address + - execution no longer stops at address 0x0 + - updated afl-system-config to support Arch Linux weirdness and increase + MacOS shared memory + - updated the grammar custom mutator to the newest version + - add -d (add dead fuzzer stats) to afl-whatsup + - added AFL_PRINT_FILENAMES to afl-showmap/cmin to print the + current filename + - afl-showmap/cmin will now process queue items in alphabetical order + ------------------------------------------------------------------- Fri Apr 9 12:25:49 UTC 2021 - Guillaume GARDET diff --git a/afl.spec b/afl.spec index b953a0d..e3d3b88 100644 --- a/afl.spec +++ b/afl.spec @@ -17,7 +17,7 @@ Name: afl -Version: 3.12c +Version: 3.13c Release: 0 Summary: American fuzzy lop is a security-oriented fuzzer License: Apache-2.0