From fde72092cc0faeabbbaad2f01e9ae411562c98eb499040a4c839e0ab2b5c3fcb Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Tue, 15 Dec 2020 13:57:19 +0000 Subject: [PATCH] Accepting request 855999 from home:msmeissn:branches:devel:tools - updated to 3.0c - llvm_mode/ and gcc_plugin/ moved to instrumentation/ - examples/ renamed to utils/ - moved libdislocator, libtokencap and qdbi_mode to utils/ - all compilers combined to afl-cc which emulates the previous ones - afl-llvm/gcc-rt.o merged into afl-compiler-rt.o - afl-fuzz - not specifying -M or -S will now auto-set "-S default" - deterministic fuzzing is now disabled by default and can be enabled with -D. It is still enabled by default for -M. - a new seed selection was implemented that uses weighted randoms based on a schedule performance score, which is much better that the previous walk the whole queue approach. Select the old mode with -Z (auto enabled with -M) - Marcel Boehme submitted a patch that improves all AFFast schedules :) - the default schedule is now FAST - memory limits are now disabled by default, set them with -m if required - rpc.statsd support, for stats and charts, by Edznux, thanks a lot! - reading testcases from -i now descends into subdirectories - allow the -x command line option up to 4 times - loaded extras now have a duplication protection - If test cases are too large we do a partial read on the maximum supported size - longer seeds with the same trace information will now be ignored for fuzzing but still be used for splicing - crashing seeds are now not prohibiting a run anymore but are skipped - they are used for splicing, though - update MOpt for expanded havoc modes - setting the env var AFL_NO_AUTODICT will not load an LTO autodictionary - added NO_SPLICING compile option and makefile define OBS-URL: https://build.opensuse.org/request/show/855999 OBS-URL: https://build.opensuse.org/package/show/devel:tools/afl?expand=0&rev=123 --- 2.68c.tar.gz | 3 -- 3.0c.tar.gz | 3 ++ afl-2.63c-fix-paths.patch | 15 --------- afl-3.0c-fix-paths.patch | 31 +++++++++++++++++++ afl.changes | 65 +++++++++++++++++++++++++++++++++++++++ afl.spec | 21 +++++++++---- 6 files changed, 114 insertions(+), 24 deletions(-) delete mode 100644 2.68c.tar.gz create mode 100644 3.0c.tar.gz delete mode 100644 afl-2.63c-fix-paths.patch create mode 100644 afl-3.0c-fix-paths.patch diff --git a/2.68c.tar.gz b/2.68c.tar.gz deleted file mode 100644 index f6b4df5..0000000 --- a/2.68c.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:862e155c97737770baa26ffedf324a7fa255b757c85b0c9a6f312264f2ca29c5 -size 1675912 diff --git a/3.0c.tar.gz b/3.0c.tar.gz new file mode 100644 index 0000000..bdc924b --- /dev/null +++ b/3.0c.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:75a2cd6c9e14d4160defcf4899c6d654eba9ae1aad2b2c850bb165c84ee763bb +size 1791416 diff --git a/afl-2.63c-fix-paths.patch b/afl-2.63c-fix-paths.patch deleted file mode 100644 index 1406725..0000000 --- a/afl-2.63c-fix-paths.patch +++ /dev/null @@ -1,15 +0,0 @@ -Index: AFLplusplus-2.68c/GNUmakefile -=================================================================== ---- AFLplusplus-2.68c.orig/GNUmakefile -+++ AFLplusplus-2.68c/GNUmakefile -@@ -21,8 +21,8 @@ HASH=\# - - PREFIX ?= /usr/local - BIN_PATH = $(PREFIX)/bin --HELPER_PATH = $(PREFIX)/lib/afl --DOC_PATH = $(PREFIX)/share/doc/afl -+HELPER_PATH = $(LIBEXEC_DIR)/afl -+DOC_PATH = $(DOC_DIR)/afl - MISC_PATH = $(PREFIX)/share/afl - MAN_PATH = $(PREFIX)/share/man/man8 - diff --git a/afl-3.0c-fix-paths.patch b/afl-3.0c-fix-paths.patch new file mode 100644 index 0000000..83dc6a7 --- /dev/null +++ b/afl-3.0c-fix-paths.patch @@ -0,0 +1,31 @@ +Index: AFLplusplus-3.0c/GNUmakefile +=================================================================== +--- AFLplusplus-3.0c.orig/GNUmakefile ++++ AFLplusplus-3.0c/GNUmakefile +@@ -21,8 +21,8 @@ HASH=\# + + PREFIX ?= /usr/local + BIN_PATH = $(PREFIX)/bin +-HELPER_PATH = $(PREFIX)/lib/afl +-DOC_PATH = $(PREFIX)/share/doc/afl ++HELPER_PATH = $(LIBEXEC_DIR)/afl ++DOC_PATH = $(DOC_DIR)/afl + MISC_PATH = $(PREFIX)/share/afl + MAN_PATH = $(PREFIX)/man/man8 + +Index: AFLplusplus-3.0c/GNUmakefile.llvm +=================================================================== +--- AFLplusplus-3.0c.orig/GNUmakefile.llvm ++++ AFLplusplus-3.0c/GNUmakefile.llvm +@@ -20,9 +20,9 @@ + HASH=\# + + PREFIX ?= /usr/local +-HELPER_PATH ?= $(PREFIX)/lib/afl ++HELPER_PATH ?= $(LIBEXEC_DIR)/afl + BIN_PATH ?= $(PREFIX)/bin +-DOC_PATH ?= $(PREFIX)/share/doc/afl ++DOC_PATH ?= $(DOC_DIR)/afl + MISC_PATH ?= $(PREFIX)/share/afl + MAN_PATH ?= $(PREFIX)/share/man/man8 + diff --git a/afl.changes b/afl.changes index cc526f4..a797274 100644 --- a/afl.changes +++ b/afl.changes @@ -1,3 +1,68 @@ +------------------------------------------------------------------- +Tue Dec 15 09:18:09 UTC 2020 - Marcus Meissner + +- updated to 3.0c + - llvm_mode/ and gcc_plugin/ moved to instrumentation/ + - examples/ renamed to utils/ + - moved libdislocator, libtokencap and qdbi_mode to utils/ + - all compilers combined to afl-cc which emulates the previous ones + - afl-llvm/gcc-rt.o merged into afl-compiler-rt.o + - afl-fuzz + - not specifying -M or -S will now auto-set "-S default" + - deterministic fuzzing is now disabled by default and can be enabled with + -D. It is still enabled by default for -M. + - a new seed selection was implemented that uses weighted randoms based on + a schedule performance score, which is much better that the previous + walk the whole queue approach. Select the old mode with -Z (auto enabled + with -M) + - Marcel Boehme submitted a patch that improves all AFFast schedules :) + - the default schedule is now FAST + - memory limits are now disabled by default, set them with -m if required + - rpc.statsd support, for stats and charts, by Edznux, thanks a lot! + - reading testcases from -i now descends into subdirectories + - allow the -x command line option up to 4 times + - loaded extras now have a duplication protection + - If test cases are too large we do a partial read on the maximum + supported size + - longer seeds with the same trace information will now be ignored + for fuzzing but still be used for splicing + - crashing seeds are now not prohibiting a run anymore but are + skipped - they are used for splicing, though + - update MOpt for expanded havoc modes + - setting the env var AFL_NO_AUTODICT will not load an LTO autodictionary + - added NO_SPLICING compile option and makefile define + - added INTROSPECTION make target that writes all mutations to + out/NAME/introspection.txt + - print special compile time options used in help output + - when using -c cmplog, one of the childs was not killed, fixed + - somewhere we broke -n dumb fuzzing, fixed + - added afl_custom_describe to the custom mutator API to allow for easy + mutation reproduction on crashing inputs + - instrumentation + - We received an enhanced gcc_plugin module from AdaCore, thank you + very much!! + - not overriding -Ox or -fno-unroll-loops anymore + - we now have our own trace-pc-guard implementation. It is the same as + -fsanitize-coverage=trace-pc-guard from llvm 12, but: it is a) inline + and b) works from llvm 10.0.1 + onwards :) + - new llvm pass: dict2file via AFL_LLVM_DICT2FILE, create afl-fuzz + -x dictionary of string comparisons found during compilation + - LTO autodict now also collects interesting cmp comparisons, + std::string compare + find + ==, bcmp + - fix crash in dict2file for integers > 64 bit + - custom mutators + - added a new custom mutator: symcc -> https://github.com/eurecom-s3/symcc/ + - added a new custom mutator: libfuzzer that integrates libfuzzer mutations + - Our afl++ Grammar-Mutator is now better integrated into custom_mutators/ + - added INTROSPECTION support for custom modules + - python fuzz function was not optional, fixed + - some python mutator speed improvements + - afl-cmin/afl-cmin.bash now search first in PATH and last in AFL_PATH + - unicornafl synced with upstream version 1.02 (fixes, better rust bindings) + - renamed AFL_DEBUG_CHILD_OUTPUT to AFL_DEBUG_CHILD + - added AFL_CRASH_EXITCODE env variable to treat a child exitcode as crash +- afl-2.63c-fix-paths.patch refreshed to afl-3.0c-fix-paths.patch + ------------------------------------------------------------------- Sat Sep 5 08:43:19 UTC 2020 - Marcus Meissner diff --git a/afl.spec b/afl.spec index bcde1f0..bf09d81 100644 --- a/afl.spec +++ b/afl.spec @@ -17,15 +17,16 @@ Name: afl -Version: 2.68c +Version: 3.0c Release: 0 Summary: American fuzzy lop is a security-oriented fuzzer License: Apache-2.0 URL: http://lcamtuf.coredump.cx/afl/ Source: https://github.com/vanhauser-thc/AFLplusplus/archive/%{version}.tar.gz Source1: afl-rpmlintrc -Patch1: afl-2.63c-fix-paths.patch +Patch1: afl-3.0c-fix-paths.patch BuildRequires: gcc-c++ +BuildRequires: python3-devel %description American fuzzy lop is a security-oriented fuzzer that employs a novel type @@ -52,7 +53,7 @@ export CFLAGS="$CFLAGS %{optflags}" %ifnarch %{ix86} x86_64 export AFL_NO_X86=1 %endif -make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} +make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} # make radamsa %install @@ -68,9 +69,17 @@ make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_doc %dir %{_libexecdir}/%{name} %{_libexecdir}/%{name}/%{name}-as %{_libexecdir}/%{name}/as -#{_libexecdir}/%{name}/argvfuzz*.so -#{_libexecdir}/%{name}/socketfuzz*.so -#{_libexecdir}/%{name}/libradamsa.so +%ifarch x86_64 ppc64 ppc64le s390x +%{_libexecdir}/%{name}/afl-compiler-rt-64.o +%{_libexecdir}/%{name}/afl-llvm-rt-64.o +%endif +%ifarch %ix86 +%{_libexecdir}/%{name}/afl-compiler-rt-32.o +%{_libexecdir}/%{name}/afl-llvm-rt-32.o +%endif +%{_libexecdir}/%{name}/afl-compiler-rt.o +%{_libexecdir}/%{name}/afl-llvm-rt.o +%{_libexecdir}/%{name}/dynamic_list.txt %dir %{_datadir}/%{name} %dir %{_datadir}/%{name}/testcases %{_datadir}/%{name}/testcases/*