From f670fb818aae2819f7f21b10e0c8e15f24c2dd62aafc7055077fe26e81954b64 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Sun, 10 Nov 2019 10:24:08 +0000 Subject: [PATCH] Accepting request 747174 from home:msmeissn:branches:devel:tools - updated to 2.58c - reverted patch to not unlink and recreate the input file, it resulted in performance loss of ~10% - added test/test-performance.sh script - (re)added gcc_plugin, fast inline instrumentation is not yet finished, however it includes the whitelisting and persistance feature! by hexcoder- - gcc_plugin tests added to testing framework - jump to 2.57 instead of 2.55 to catch up with Google's versioning - persistent mode for QEMU (see qemu_mode/README.md) - custom mutator library is now an additional mutator, to exclusivly use it - add AFL_CUSTOM_MUTATOR_ONLY (that will trigger the previous behaviour) - new library qemu_mode/unsigaction which filters sigaction events - afl-fuzz: new command line option -I to execute a command on a new crash - no more unlinking the input file, this way the input file can also be a - FIFO or disk partition - setting LLVM_CONFIG for llvm_mode will now again switch to the selected - llvm version. If your setup is correct. - fuzzing strategy yields for custom mutator were missing from the UI, added them :) - added "make tests" which will perform checks to see that all functionality - is working as expected. this is currently the starting point, its not complete :) - added mutation documentation feature ("make document"), creates afl-fuzz-document - and saves all mutations of the first run on the first file into out/queue/mutations - libtokencap and libdislocator now compile to the afl_root directory and are - installed to the .../lib/afl directory when present during make install - more BSD support, e.g. free CPU binding code for FreeBSD (thanks to devnexen) - reducing duplicate code in afl-fuzz - added "make help" - removed compile warnings from python internal stuff - added man page for afl-clang-fast[++] - updated documentation - Wine mode to run Win32 binaries with the QEMU instrumentation (-W) - CompareCoverage for ARM target in QEMU/Unicorn OBS-URL: https://build.opensuse.org/request/show/747174 OBS-URL: https://build.opensuse.org/package/show/devel:tools/afl?expand=0&rev=98 --- 2.52c.tar.gz | 3 -- 2.58c.tar.gz | 3 ++ afl-1.58b-fix-paths.patch | 10 ++--- afl.changes | 80 +++++++++++++++++++++++++++++++++++++++ afl.spec | 9 +++-- 5 files changed, 93 insertions(+), 12 deletions(-) delete mode 100644 2.52c.tar.gz create mode 100644 2.58c.tar.gz diff --git a/2.52c.tar.gz b/2.52c.tar.gz deleted file mode 100644 index ab452ec..0000000 --- a/2.52c.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:013b3c56722d48de5ebb50ef0146696cef8ed42e29981988027b80102c7709e6 -size 851177 diff --git a/2.58c.tar.gz b/2.58c.tar.gz new file mode 100644 index 0000000..13aaf87 --- /dev/null +++ b/2.58c.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d25d6d90062a9e17327bb7bd3e59650e527d00aba85009e578aed6b9896266df +size 986561 diff --git a/afl-1.58b-fix-paths.patch b/afl-1.58b-fix-paths.patch index 6a7fcbf..a72860a 100644 --- a/afl-1.58b-fix-paths.patch +++ b/afl-1.58b-fix-paths.patch @@ -2,11 +2,11 @@ Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -Index: afl-2.32b/Makefile +Index: AFLplusplus-2.58c/Makefile =================================================================== ---- afl-2.32b.orig/Makefile -+++ afl-2.32b/Makefile -@@ -18,8 +18,8 @@ VERSION = $(shell grep '^\#define VE +--- AFLplusplus-2.58c.orig/Makefile ++++ AFLplusplus-2.58c/Makefile +@@ -21,8 +21,8 @@ VERSION = $(shell grep '^\#define VE PREFIX ?= /usr/local BIN_PATH = $(PREFIX)/bin @@ -15,5 +15,5 @@ Index: afl-2.32b/Makefile +HELPER_PATH = $(LIBEXEC_DIR)/afl +DOC_PATH = $(DOC_DIR)/afl MISC_PATH = $(PREFIX)/share/afl + MAN_PATH = $(PREFIX)/man/man8 - # PROGS intentionally omit afl-as, which gets installed elsewhere. diff --git a/afl.changes b/afl.changes index ba391ce..bd2b661 100644 --- a/afl.changes +++ b/afl.changes @@ -1,3 +1,83 @@ +------------------------------------------------------------------- +Sat Nov 9 16:05:04 UTC 2019 - Marcus Meissner + +- updated to 2.58c + - reverted patch to not unlink and recreate the input file, it resulted in performance loss of ~10% + - added test/test-performance.sh script + - (re)added gcc_plugin, fast inline instrumentation is not yet finished, however it includes the whitelisting and persistance feature! by hexcoder- + - gcc_plugin tests added to testing framework +- jump to 2.57 instead of 2.55 to catch up with Google's versioning + - persistent mode for QEMU (see qemu_mode/README.md) + - custom mutator library is now an additional mutator, to exclusivly use it + - add AFL_CUSTOM_MUTATOR_ONLY (that will trigger the previous behaviour) + - new library qemu_mode/unsigaction which filters sigaction events + - afl-fuzz: new command line option -I to execute a command on a new crash + - no more unlinking the input file, this way the input file can also be a + - FIFO or disk partition + - setting LLVM_CONFIG for llvm_mode will now again switch to the selected + - llvm version. If your setup is correct. + - fuzzing strategy yields for custom mutator were missing from the UI, added them :) + - added "make tests" which will perform checks to see that all functionality + - is working as expected. this is currently the starting point, its not complete :) + - added mutation documentation feature ("make document"), creates afl-fuzz-document + - and saves all mutations of the first run on the first file into out/queue/mutations + - libtokencap and libdislocator now compile to the afl_root directory and are + - installed to the .../lib/afl directory when present during make install + - more BSD support, e.g. free CPU binding code for FreeBSD (thanks to devnexen) + - reducing duplicate code in afl-fuzz + - added "make help" + - removed compile warnings from python internal stuff + - added man page for afl-clang-fast[++] + - updated documentation + - Wine mode to run Win32 binaries with the QEMU instrumentation (-W) + - CompareCoverage for ARM target in QEMU/Unicorn +- 2.54c: + - big code refactoring: + - all includes are now in include/ + - all afl sources are now in src/ - see src/README.src + - afl-fuzz was splitted up in various individual files for including + - functionality in other programs (e.g. forkserver, memory map, etc.) + - for better readability. + - new code indention everywhere + - auto-generating man pages for all (main) tools + - added AFL_FORCE_UI to show the UI even if the terminal is not detected + - llvm 9 is now supported (still needs testing) + - Android is now supported (thank to JoeyJiao!) - still need to modify the Makefile though + - fix building qemu on some Ubuntus (thanks to floyd!) + - custom mutator by a loaded library is now supported (thanks to kyakdan!) + - added PR that includes peak_rss_mb and slowest_exec_ms in the fuzzer_stats report + - more support for *BSD (thanks to devnexen!) + - fix building on *BSD (thanks to tobias.kortkamp for the patch) + - fix for a few features to support different map sized than 2^16 + - afl-showmap: new option -r now shows the real values in the buckets (stock + - afl never did), plus shows tuple content summary information now + - small docu updates + - NeverZero counters for QEMU + - NeverZero counters for Unicorn + - CompareCoverage Unicorn + - immediates-only instrumentation for CompareCoverage +- 2.53c release + - imported the few minor changes from the 2.53b release + - unicorn_mode got added - thanks to domenukk for the patch! + - fix llvm_mode AFL_TRACE_PC with modern llvm + - fix a crash in qemu_mode which also exists in stock afl + - added libcompcov, a laf-intel implementation for qemu! :) see qemu_mode/libcompcov/README.libcompcov + - updated afl-fuzz and afl-system-config for new scaling governor location in modern kernels + - all queue, hang and crash files now have their discovery time in their name + - if llvm_mode was compiled, afl-clang/afl-clang++ will point to these instead of afl-gcc + - added instrim, a much faster llvm_mode instrumentation at the cost of path discovery. See llvm_mode/README.instrim (https://github.com/csienslab/instrim) + - added MOpt (github.com/puppet-meteor/MOpt-AFL) mode, see docs/README.MOpt + - added code to make it more portable to other platforms than Intel Linux + - added never zero counters for afl-gcc and optionally (because of an optimization issue in llvm < 9) for llvm_mode (AFL_LLVM_NEVER_ZERO=1) + - added a new doc about binary only fuzzing: docs/binaryonly_fuzzing.txt + - more cpu power for afl-system-config + - added forkserver patch to afl-tmin, makes it much faster (originally from github.com/nccgroup/TriforceAFL) + - added whitelist support for llvm_mode via AFL_LLVM_WHITELIST to allow only to instrument what is actually interesting. Gives more speed and less map pollution (originally by choller@mozilla) + - added Python Module mutator support, python2.7-dev is autodetected. see docs/python_mutators.txt (originally by choller@mozilla) + - added AFL_CAL_FAST for slow applications and AFL_DEBUG_CHILD_OUTPUT for debugging + - added -V time and -E execs option to better comparison runs, runs afl-fuzz for a specific time/executions. + - added a -s seed switch to allow afl run with a fixed initial seed that is not updated. This is good for performance and path discovery tests as the random numbers are deterministic then + ------------------------------------------------------------------- Thu Oct 17 12:58:02 UTC 2019 - Richard Brown diff --git a/afl.spec b/afl.spec index 2616d8b..ae2c790 100644 --- a/afl.spec +++ b/afl.spec @@ -12,12 +12,12 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: afl -Version: 2.52c +Version: 2.58c Release: 0 Summary: American fuzzy lop is a security-oriented fuzzer License: Apache-2.0 @@ -58,10 +58,10 @@ make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_doc %ifnarch %{ix86} x86_64 export AFL_NO_X86=1 %endif -make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} DESTDIR=%{buildroot} install +make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} MAN_PATH=%{_mandir}/man8 DESTDIR=%{buildroot} install %files -%doc docs/ChangeLog docs/COPYING docs/README docs/*.txt +%doc docs/ChangeLog docs/COPYING docs/README.* docs/*.txt %{_bindir}/%{name}-* %dir %{_libexecdir}/%{name} %{_libexecdir}/%{name}/%{name}-as @@ -71,5 +71,6 @@ make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_doc %{_datadir}/%{name}/testcases/* %dir %{_datadir}/afl/dictionaries/ %{_datadir}/afl/dictionaries/* +%{_mandir}/man8/afl*.8* %changelog