Accepting request 793420 from devel:tools

- updated to 2.63c - all: - big code changes to make afl-fuzz thread-safe so afl-fuzz can spawn multiple fuzzing threads in the future or even become a library - afl basic tools now report on the environment variables picked up - more tools get environment variable usage info in the help output - force all output to stdout (some OK/SAY/WARN messages were sent to stdout, some to stderr) - uninstrumented mode uses an internal forkserver ("fauxserver") - now builds with `-D_FORTIFY_SOURCE=2` - drastically reduced number of (de)allocations during fuzzing - afl-fuzz: - python mutator modules and custom mutator modules now use the same interface and hence the API changed - AFL_AUTORESUME will resume execution without the need to specify `-i -` - added experimental power schedules (-p): - mmopt: ignores runtime of queue entries, gives higher weighting to the last 5 queue entries - rare: puts focus on queue entries that hits rare branches, also ignores runtime - llvm_mode: - added SNAPSHOT feature (using https://github.com/AFLplusplus/AFL-Snapshot-LKM) - added Control Flow Integrity sanitizer (AFL_USE_CFISAN) - added AFL_LLVM_INSTRUMENT option to control the instrumentation type easier: DEFAULT, CFG (INSTRIM), LTO, CTX, NGRAM-x (x=2-16) - made USE_TRACE_PC compile obsolete - LTO collision free instrumented added in llvm_mode with afl-clang-lto - note that this mode is amazing, but quite some targets won't compile - Added llvm_mode NGRAM prev_loc coverage by Adrean Herrera (https://github.com/adrianherrera/afl-ngram-pass/), activate by setting (forwarded request 793419 from msmeissn) OBS-URL: https://build.opensuse.org/request/show/793420 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/afl?expand=0&rev=49
2020-04-13 10:53:44 +00:00 · 2020-04-13 10:53:44 +00:00 · 664181eb61
commit 664181eb61
parent be92bd6a10 ba968407c1
5 changed files with 65 additions and 15 deletions
--- a/2.62c.tar.gz
+++ b/2.62c.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:cde181ac733aa3a1212ffcb494bb9306a2086c7521fb006719b0e15cd8015c63
-size 1272000
--- a/2.63c.tar.gz
+++ b/2.63c.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9c314899015620a9e57054f15f3fed29104c0f762098e30707267ef70be1add8
+size 1326005
--- a/afl-2.63c-fix-paths.patch
+++ b/afl-2.63c-fix-paths.patch
@ -1,12 +1,8 @@
---
- Makefile |    4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-Index: AFLplusplus-2.58c/Makefile
+Index: AFLplusplus-2.63c/GNUmakefile
 ===================================================================
--- AFLplusplus-2.58c.orig/Makefile
-+++ AFLplusplus-2.58c/Makefile
-@@ -21,8 +21,8 @@ VERSION     = $(shell grep '^\#define VE
+--- AFLplusplus-2.63c.orig/GNUmakefile
+++ AFLplusplus-2.63c/GNUmakefile
+@@ -21,8 +21,8 @@ HASH=\#
 
 PREFIX     ?= /usr/local
 BIN_PATH    = $(PREFIX)/bin
--- a/afl.changes
+++ b/afl.changes
@ -1,3 +1,57 @@
+-------------------------------------------------------------------
+Sun Apr 12 11:04:35 UTC 2020 - Marcus Meissner <meissner@suse.com>
+
+- updated to 2.63c
+  - all:
+    - big code changes to make afl-fuzz thread-safe so afl-fuzz can spawn
+      multiple fuzzing threads in the future or even become a library
+    - afl basic tools now report on the environment variables picked up
+    - more tools get environment variable usage info in the help output
+    - force all output to stdout (some OK/SAY/WARN messages were sent to
+      stdout, some to stderr)
+    - uninstrumented mode uses an internal forkserver ("fauxserver")
+    - now builds with `-D_FORTIFY_SOURCE=2`
+    - drastically reduced number of (de)allocations during fuzzing
+  - afl-fuzz:
+    - python mutator modules and custom mutator modules now use the same
+      interface and hence the API changed
+    - AFL_AUTORESUME will resume execution without the need to specify `-i -`
+    - added experimental power schedules (-p):
+      - mmopt: ignores runtime of queue entries, gives higher weighting to
+               the last 5 queue entries
+      - rare: puts focus on queue entries that hits rare branches, also ignores
+              runtime
+  - llvm_mode: 
+    - added SNAPSHOT feature (using https://github.com/AFLplusplus/AFL-Snapshot-LKM)
+    - added Control Flow Integrity sanitizer (AFL_USE_CFISAN)
+    - added AFL_LLVM_INSTRUMENT option to control the instrumentation type
+      easier: DEFAULT, CFG (INSTRIM), LTO, CTX, NGRAM-x (x=2-16)
+    - made USE_TRACE_PC compile obsolete
+  - LTO collision free instrumented added in llvm_mode with afl-clang-lto -
+    note that this mode is amazing, but quite some targets won't compile
+  - Added llvm_mode NGRAM prev_loc coverage by Adrean Herrera
+    (https://github.com/adrianherrera/afl-ngram-pass/), activate by setting
+    AFL_LLVM_INSTRUMENT=NGRAM-<value> or AFL_LLVM_NGRAM_SIZE=<value>
+  - Added llvm_mode context sensitive branch coverage, activated by setting
+    AFL_LLVM_INSTRUMENT=CTX or AFL_LLVM_CTX=1
+  - llvm_mode InsTrim mode:
+    - removed workaround for bug where paths were not instrumented and
+      imported fix by author
+    - made skipping 1 block functions an option and is disabled by default,
+      set AFL_LLVM_INSTRIM_SKIPSINGLEBLOCK=1 to re-enable this
+  - qemu_mode:
+    - qemu_mode now uses solely the internal capstone version to fix builds
+      on modern Linux distributions
+    - QEMU now logs routine arguments for CmpLog when the target is x86
+  - afl-tmin:
+    - now supports hang mode `-H` to minimize hangs
+    - fixed potential afl-tmin missbehavior for targets with multiple hangs
+  - Pressing Control-c in afl-cmin did not terminate it for some OS
+  - the custom API was rewritten and is now the same for Python and shared
+    libraries.
+- afl-1.58b-fix-paths.patch moved to
+- afl-2.63c-fix-paths.patch: adjust Makefile -> GNUmakefile
+
 -------------------------------------------------------------------
 Fri Feb 28 14:09:26 UTC 2020 - Marcus Meissner <meissner@suse.com>

--- a/afl.spec
+++ b/afl.spec
@ -17,14 +17,14 @@


 Name:           afl
-Version:        2.62c
+Version:        2.63c
 Release:        0
 Summary:        American fuzzy lop is a security-oriented fuzzer
 License:        Apache-2.0
 URL:            http://lcamtuf.coredump.cx/afl/
 Source:         https://github.com/vanhauser-thc/AFLplusplus/archive/%{version}.tar.gz
 Source1:        afl-rpmlintrc
-Patch1:         afl-1.58b-fix-paths.patch
+Patch1:         afl-2.63c-fix-paths.patch
 BuildRequires:  gcc-c++

 %description
@ -68,8 +68,8 @@ make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_doc
 %dir %{_libexecdir}/%{name}
 %{_libexecdir}/%{name}/%{name}-as
 %{_libexecdir}/%{name}/as
-%{_libexecdir}/%{name}/argvfuzz*.so
-%{_libexecdir}/%{name}/socketfuzz*.so
+#{_libexecdir}/%{name}/argvfuzz*.so
+#{_libexecdir}/%{name}/socketfuzz*.so
 %{_libexecdir}/%{name}/libradamsa.so
 %dir %{_datadir}/%{name}
 %dir %{_datadir}/%{name}/testcases