Accepting request 879398 from home:msmeissn:branches:devel:tools

- updated to 3.11c
  - afl-fuzz:
    - better auto detection of map size
    - fix sanitizer settings (bug since 3.10c)
    - fix an off-by-one overwrite in cmplog
    - add non-unicode variants from unicode-looking dictionary entries
    - Rust custom mutator API improvements
    - Imported crash stats painted yellow on resume (only new ones are red)
  - afl-cc:
    - added AFL_NOOPT that will just pass everything to the normal
      gcc/clang compiler without any changes - to pass weird configure
      scripts
    - fixed a crash that can occur with ASAN + CMPLOG together plus
      better support for unicode (thanks to @stbergmann for reporting!)
    - fixed a crash in LAF transform for empty strings
    - handle erroneous setups in which multiple afl-compiler-rt are
      compiled into the target. This now also supports dlopen()
      instrumented libs loaded before the forkserver and even after the
      forkserver is started (then with collisions though)
    - the compiler rt was added also in object building (-c) which
      should have been fixed years ago but somewhere got lost :(
    - Renamed CTX to CALLER, added correct/real CTX implementation to
      CLASSIC
  - qemu_mode:
    - added AFL_QEMU_EXCLUDE_RANGES env by @realmadsci, thanks!
    - if no new/updated checkout is wanted, build with:
      NO_CHECKOUT=1 ./build_qemu_support.sh
    - we no longer perform a "git drop"
  - afl-cmin: support filenames with spaces
- afl-3.0c-fix-paths.patch: refreshed

OBS-URL: https://build.opensuse.org/request/show/879398
OBS-URL: https://build.opensuse.org/package/show/devel:tools/afl?expand=0&rev=128

3.10c.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:162148cb689565aa3facf63edacf85555fe2403151a0c65479ee9303639bb7f8
-size 2059632

3.11c.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:dafe8bf08096a9dd5c5307cc38439fa9ac3b5ead595b261dd9e01ddefd2fed0a
+size 2065447

afl-3.0c-fix-paths.patch

@@ -1,7 +1,7 @@
-Index: AFLplusplus-3.0c/GNUmakefile
+Index: AFLplusplus-3.11c/GNUmakefile
 ===================================================================
---- AFLplusplus-3.0c.orig/GNUmakefile
+--- AFLplusplus-3.11c.orig/GNUmakefile
-+++ AFLplusplus-3.0c/GNUmakefile
++++ AFLplusplus-3.11c/GNUmakefile
 @@ -21,8 +21,8 @@ HASH=\#
  
  PREFIX     ?= /usr/local
@@ -11,12 +11,12 @@ Index: AFLplusplus-3.0c/GNUmakefile
 +HELPER_PATH = $(LIBEXEC_DIR)/afl
 +DOC_PATH    = $(DOC_DIR)/afl
  MISC_PATH   = $(PREFIX)/share/afl
- MAN_PATH    = $(PREFIX)/man/man8
+ MAN_PATH    = $(PREFIX)/share/man/man8
  
-Index: AFLplusplus-3.0c/GNUmakefile.llvm
+Index: AFLplusplus-3.11c/GNUmakefile.llvm
 ===================================================================
---- AFLplusplus-3.0c.orig/GNUmakefile.llvm
+--- AFLplusplus-3.11c.orig/GNUmakefile.llvm
-+++ AFLplusplus-3.0c/GNUmakefile.llvm
++++ AFLplusplus-3.11c/GNUmakefile.llvm
 @@ -20,9 +20,9 @@
  HASH=\#
  

afl.changes

@@ -1,3 +1,37 @@
+-------------------------------------------------------------------
+Tue Mar 16 07:43:01 UTC 2021 - Marcus Meissner <meissner@suse.com>
+
+- updated to 3.11c
+  - afl-fuzz:
+    - better auto detection of map size
+    - fix sanitizer settings (bug since 3.10c)
+    - fix an off-by-one overwrite in cmplog
+    - add non-unicode variants from unicode-looking dictionary entries
+    - Rust custom mutator API improvements
+    - Imported crash stats painted yellow on resume (only new ones are red)
+  - afl-cc:
+    - added AFL_NOOPT that will just pass everything to the normal
+      gcc/clang compiler without any changes - to pass weird configure
+      scripts
+    - fixed a crash that can occur with ASAN + CMPLOG together plus
+      better support for unicode (thanks to @stbergmann for reporting!)
+    - fixed a crash in LAF transform for empty strings
+    - handle erroneous setups in which multiple afl-compiler-rt are
+      compiled into the target. This now also supports dlopen()
+      instrumented libs loaded before the forkserver and even after the
+      forkserver is started (then with collisions though)
+    - the compiler rt was added also in object building (-c) which
+      should have been fixed years ago but somewhere got lost :(
+    - Renamed CTX to CALLER, added correct/real CTX implementation to
+      CLASSIC
+  - qemu_mode:
+    - added AFL_QEMU_EXCLUDE_RANGES env by @realmadsci, thanks!
+    - if no new/updated checkout is wanted, build with:
+      NO_CHECKOUT=1 ./build_qemu_support.sh
+    - we no longer perform a "git drop"
+  - afl-cmin: support filenames with spaces
+- afl-3.0c-fix-paths.patch: refreshed
+
 -------------------------------------------------------------------
 Mon Mar  1 09:43:40 UTC 2021 - Marcus Meissner <meissner@suse.com>
 

afl.spec

@@ -17,7 +17,7 @@
 
 
 Name:           afl
-Version:        3.10c
+Version:        3.11c
 Release:        0
 Summary:        American fuzzy lop is a security-oriented fuzzer
 License:        Apache-2.0
@@ -25,6 +25,7 @@ URL:            http://lcamtuf.coredump.cx/afl/
 Source:         https://github.com/AFLplusplus/AFLplusplus/archive/%{version}.tar.gz
 Source1:        afl-rpmlintrc
 Patch1:         afl-3.0c-fix-paths.patch
+BuildRequires:  clang
 BuildRequires:  gcc-c++
 BuildRequires:  llvm-devel
 BuildRequires:  python3-devel
@@ -50,7 +51,7 @@ use cases - say, common image parsing or file compression libraries.
 sed -i 's|#!/usr/bin/env bash|#!/bin/bash|g' afl-cmin
 
 %build
-export CFLAGS="$CFLAGS %{optflags}"
+export CFLAGS="$CFLAGS %{optflags} -fno-lto"
 %ifnarch %{ix86} x86_64
 export AFL_NO_X86=1
 %endif
@@ -81,6 +82,7 @@ make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_doc
 %{_libexecdir}/%{name}/afl-compiler-rt.o
 %{_libexecdir}/%{name}/afl-llvm-rt.o
 %{_libexecdir}/%{name}/dynamic_list.txt
+%{_libexecdir}/%{name}/*.so
 %dir %{_datadir}/%{name}
 %dir %{_datadir}/%{name}/testcases
 %{_datadir}/%{name}/testcases/*