Accepting request 286329 from home:AndreasStieger

afl 1.46b, a security-oriented fuzzer

OBS-URL: https://build.opensuse.org/request/show/286329
OBS-URL: https://build.opensuse.org/package/show/devel:tools/afl?expand=0&rev=1

.gitattributes

@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text

.gitignore

@@ -0,0 +1 @@
+.osc

afl-1.46b-nodate.patch

@@ -0,0 +1,112 @@
+Index: afl-1.46b/afl-as.c
+===================================================================
+--- afl-1.46b.orig/afl-as.c
++++ afl-1.46b/afl-as.c
+@@ -450,8 +450,7 @@ int main(int argc, char** argv) {
+ 
+   if (isatty(2) && !getenv("AFL_QUIET")) {
+ 
+-    SAYF(cCYA "afl-as " cBRI VERSION cRST " (" __DATE__ " " __TIME__ 
+-         ") by <lcamtuf@google.com>\n");
++    SAYF(cCYA "afl-as " cBRI VERSION cRST " by <lcamtuf@google.com>\n");
+  
+   } else be_quiet = 1;
+ 
+Index: afl-1.46b/afl-fuzz.c
+===================================================================
+--- afl-1.46b.orig/afl-fuzz.c
++++ afl-1.46b/afl-fuzz.c
+@@ -6762,8 +6762,7 @@ int main(int argc, char** argv) {
+ 
+   char** use_argv;
+ 
+-  SAYF(cCYA "afl-fuzz " cBRI VERSION cRST " (" __DATE__ " " __TIME__ 
+-       ") by <lcamtuf@google.com>\n");
++  SAYF(cCYA "afl-fuzz " cBRI VERSION cRST " by <lcamtuf@google.com>\n");
+ 
+   doc_path = access(DOC_PATH, F_OK) ? "docs" : DOC_PATH;
+ 
+Index: afl-1.46b/afl-gcc.c
+===================================================================
+--- afl-1.46b.orig/afl-gcc.c
++++ afl-1.46b/afl-gcc.c
+@@ -276,8 +276,7 @@ int main(int argc, char** argv) {
+ 
+   if (isatty(2) && !getenv("AFL_QUIET")) {
+ 
+-    SAYF(cCYA "afl-cc " cBRI VERSION cRST " (" __DATE__ " " __TIME__
+-         ") by <lcamtuf@google.com>\n");
++    SAYF(cCYA "afl-cc " cBRI VERSION cRST " by <lcamtuf@google.com>\n");
+ 
+   } else be_quiet = 1;
+ 
+Index: afl-1.46b/afl-gotcpu.c
+===================================================================
+--- afl-1.46b.orig/afl-gotcpu.c
++++ afl-1.46b/afl-gotcpu.c
+@@ -77,8 +77,7 @@ int main(int argc, char** argv) {
+   s32 loop_repeats = 0, util_perc;
+   u64 st_t, en_t, st_c, en_c, real_delta, slice_delta;
+ 
+-  SAYF(cCYA "afl-gotcpu " cBRI VERSION cRST " (" __DATE__ " " __TIME__
+-       ") by <lcamtuf@google.com>\n");
++  SAYF(cCYA "afl-gotcpu " cBRI VERSION cRST " by <lcamtuf@google.com>\n");
+ 
+   /* Run a busy loop for CTEST_TARGET_MS. */
+ 
+Index: afl-1.46b/afl-showmap.c
+===================================================================
+--- afl-1.46b.orig/afl-showmap.c
++++ afl-1.46b/afl-showmap.c
+@@ -412,8 +412,7 @@ static void detect_file_args(char** argv
+ 
+ static void show_banner(void) {
+ 
+-  SAYF(cCYA "afl-showmap " cBRI VERSION cRST " (" __DATE__ " " __TIME__ 
+-       ") by <lcamtuf@google.com>\n");
++  SAYF(cCYA "afl-showmap " cBRI VERSION cRST " by <lcamtuf@google.com>\n");
+ 
+ }
+ 
+Index: afl-1.46b/afl-tmin.c
+===================================================================
+--- afl-1.46b.orig/afl-tmin.c
++++ afl-1.46b/afl-tmin.c
+@@ -834,8 +834,7 @@ int main(int argc, char** argv) {
+ 
+   doc_path = access(DOC_PATH, F_OK) ? "docs" : DOC_PATH;
+ 
+-  SAYF(cCYA "afl-tmin " cBRI VERSION cRST " (" __DATE__ " " __TIME__ 
+-       ") by <lcamtuf@google.com>\n");
++  SAYF(cCYA "afl-tmin " cBRI VERSION cRST " by <lcamtuf@google.com>\n");
+ 
+   while ((opt = getopt(argc,argv,"+i:o:f:m:t:xeQ")) > 0)
+ 
+Index: afl-1.46b/experimental/arm_support/afl-as.c
+===================================================================
+--- afl-1.46b.orig/experimental/arm_support/afl-as.c
++++ afl-1.46b/experimental/arm_support/afl-as.c
+@@ -241,8 +241,7 @@ int main(int argc, char** argv) {
+   struct timeval tv;
+   struct timezone tz;
+ 
+-  SAYF(cCYA "afl-as " cBRI VERSION cNOR " (" __DATE__ " " __TIME__ 
+-       ") by <lcamtuf@google.com>\n");
++  SAYF(cCYA "afl-as " cBRI VERSION cNOR " by <lcamtuf@google.com>\n");
+ 
+   if (argc < 2) {
+ 
+Index: afl-1.46b/experimental/arm_support/afl-gcc.c
+===================================================================
+--- afl-1.46b.orig/experimental/arm_support/afl-gcc.c
++++ afl-1.46b/experimental/arm_support/afl-gcc.c
+@@ -169,8 +169,7 @@ static void edit_params(u32 argc, char**
+ 
+ int main(int argc, char** argv) {
+ 
+-  SAYF(cCYA "afl-gcc " cBRI VERSION cNOR " (" __DATE__ " " __TIME__
+-         ") by <lcamtuf@google.com>\n");
++  SAYF(cCYA "afl-gcc " cBRI VERSION cNOR " by <lcamtuf@google.com>\n");
+ 
+   if (argc < 2) {
+ 

afl-1.46b.tgz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9e49445578b85ef220766d4914e71a4af877dc177a6b050bbc16d491f8b671cb
+size 776746

afl-rpmlintrc

@@ -0,0 +1,10 @@
+# packages a number of fuzzed files as samples and test cases
+addFilter("arch-dependent-file-in-usr-share.*/usr/share/doc/packages/afl/vuln_samples")
+addFilter("arch-dependent-file-in-usr-share.*/usr/share/afl/testcases")
+addFilter("devel-file-in-non-devel-package.*/usr/share/afl/testcases")
+addFilter("binaryinfo-readelf-failed.*/usr/share/afl/testcases")
+addFilter("bad-crc-in-zip.*/usr/share/doc/packages/afl/vuln_samples/")
+addFilter("missing-PT_GNU_STACK-section.*/usr/share/doc/packages/afl/vuln_samples")
+addFilter("missing-PT_GNU_STACK-section.*/usr/share/afl/testcases")
+addFilter("statically-linked-binary.*/usr/share/doc/packages/afl/vuln_samples")
+addFilter("statically-linked-binary.*/usr/share/afl/testcases")

afl.changes

@@ -0,0 +1,5 @@
+-------------------------------------------------------------------
+Mon Feb 16 12:53:36 UTC 2015 - astieger@suse.com
+
+- initial package
+

afl.spec

@@ -0,0 +1,59 @@
+#
+# spec file for package afl
+#
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
+#
+
+
+Name:           afl
+Version:        1.46b
+Release:        0
+Summary:        American fuzzy lop is a security-oriented fuzzer
+License:        Apache-2.0
+Group:          Development/Tools/Debuggers
+Url:            http://lcamtuf.coredump.cx/afl/
+Source:         http://lcamtuf.coredump.cx/afl/releases/%{name}-%{version}.tgz
+Patch0:         afl-1.46b-nodate.patch
+BuildRequires:  gcc-c++
+BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+
+%description
+American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary. This substantially improves the functional coverage for the fuzzed code. The compact synthesized corpora produced by the tool are also useful for seeding other, more labor- or resource-intensive testing regimes down the road.
+
+Compared to other instrumented fuzzers, afl-fuzz is designed to be practical: it has modest performance overhead, uses a variety of highly effective fuzzing strategies and effort minimization tricks, requires essentially no configuration, and seamlessly handles complex, real-world use cases - say, common image parsing or file compression libraries.
+
+%prep
+%setup -q
+%patch0 -p1
+
+%build
+export CFLAGS="$CFLAGS %{optflags}"
+make %{?_smp_mflags}
+
+%install
+export PREFIX=%{_prefix}
+make DESTDIR=%{buildroot} install %{?_smp_mflags}
+rm -rf %{buildroot}%{_datadir}/doc/%{name}
+
+%files
+%defattr(-,root,root)
+%{_bindir}/%{name}-*
+%dir /usr/lib/%{name}
+/usr/lib/%{name}/%{name}-as
+/usr/lib/%{name}/as
+%dir %{_datadir}/%{name}
+%dir %{_datadir}/%{name}/testcases
+%{_datadir}/%{name}/testcases/*
+%doc docs/COPYING docs/README docs/ChangeLog docs/*.txt docs/visualization docs/vuln_samples
+