rpm/afl
SHA256
1
0
Fork 0
forked from pool/afl
Code Pull Requests Activity

Accepting request 747174 from home:msmeissn:branches:devel:tools

Browse Source 
- updated to 2.58c
  - reverted patch to not unlink and recreate the input file, it resulted in performance loss of ~10%
  - added test/test-performance.sh script
  - (re)added gcc_plugin, fast inline instrumentation is not yet finished, however it includes the whitelisting and persistance feature! by hexcoder-
  - gcc_plugin tests added to testing framework
- jump to 2.57 instead of 2.55 to catch up with Google's versioning
  - persistent mode for QEMU (see qemu_mode/README.md)
  - custom mutator library is now an additional mutator, to exclusivly use it
  - add AFL_CUSTOM_MUTATOR_ONLY (that will trigger the previous behaviour)
  - new library qemu_mode/unsigaction which filters sigaction events
  - afl-fuzz: new command line option -I to execute a command on a new crash
  - no more unlinking the input file, this way the input file can also be a
  - FIFO or disk partition
  - setting LLVM_CONFIG for llvm_mode will now again switch to the selected
  - llvm version. If your setup is correct.
  - fuzzing strategy yields for custom mutator were missing from the UI, added them :)
  - added "make tests" which will perform checks to see that all functionality
  - is working as expected. this is currently the starting point, its not complete :)
  - added mutation documentation feature ("make document"), creates afl-fuzz-document
  - and saves all mutations of the first run on the first file into out/queue/mutations
  - libtokencap and libdislocator now compile to the afl_root directory and are
  - installed to the .../lib/afl directory when present during make install
  - more BSD support, e.g. free CPU binding code for FreeBSD (thanks to devnexen)
  - reducing duplicate code in afl-fuzz
  - added "make help"
  - removed compile warnings from python internal stuff
  - added man page for afl-clang-fast[++]
  - updated documentation
  - Wine mode to run Win32 binaries with the QEMU instrumentation (-W)
  - CompareCoverage for ARM target in QEMU/Unicorn

OBS-URL: https://build.opensuse.org/request/show/747174
OBS-URL: https://build.opensuse.org/package/show/devel:tools/afl?expand=0&rev=98
This commit is contained in:
Marcus Meissner 2019-11-10 10:24:08 +00:00 committed by Git OBS Bridge
parent d32720677e
commit f670fb818a
5 changed files with 93 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
2.52c.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:013b3c56722d48de5ebb50ef0146696cef8ed42e29981988027b80102c7709e6
size 851177

3
2.58c.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d25d6d90062a9e17327bb7bd3e59650e527d00aba85009e578aed6b9896266df
size 986561

10
afl-1.58b-fix-paths.patch
View File

@ -2,11 +2,11 @@
Makefile | 4 ++-- Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-) 1 file changed, 2 insertions(+), 2 deletions(-)
Index: afl-2.32b/Makefile Index: AFLplusplus-2.58c/Makefile
=================================================================== ===================================================================
--- afl-2.32b.orig/Makefile --- AFLplusplus-2.58c.orig/Makefile
+++ afl-2.32b/Makefile +++ AFLplusplus-2.58c/Makefile
@@ -18,8 +18,8 @@ VERSION = $(shell grep '^\#define VE @@ -21,8 +21,8 @@ VERSION = $(shell grep '^\#define VE
PREFIX ?= /usr/local PREFIX ?= /usr/local
BIN_PATH = $(PREFIX)/bin BIN_PATH = $(PREFIX)/bin
@ -15,5 +15,5 @@ Index: afl-2.32b/Makefile
+HELPER_PATH = $(LIBEXEC_DIR)/afl +HELPER_PATH = $(LIBEXEC_DIR)/afl
+DOC_PATH = $(DOC_DIR)/afl +DOC_PATH = $(DOC_DIR)/afl
MISC_PATH = $(PREFIX)/share/afl MISC_PATH = $(PREFIX)/share/afl
MAN_PATH = $(PREFIX)/man/man8
# PROGS intentionally omit afl-as, which gets installed elsewhere.

80
afl.changes
View File

@ -1,3 +1,83 @@
-------------------------------------------------------------------
Sat Nov 9 16:05:04 UTC 2019 - Marcus Meissner <meissner@suse.com>
- updated to 2.58c
- reverted patch to not unlink and recreate the input file, it resulted in performance loss of ~10%
- added test/test-performance.sh script
- (re)added gcc_plugin, fast inline instrumentation is not yet finished, however it includes the whitelisting and persistance feature! by hexcoder-
- gcc_plugin tests added to testing framework
- jump to 2.57 instead of 2.55 to catch up with Google's versioning
- persistent mode for QEMU (see qemu_mode/README.md)
- custom mutator library is now an additional mutator, to exclusivly use it
- add AFL_CUSTOM_MUTATOR_ONLY (that will trigger the previous behaviour)
- new library qemu_mode/unsigaction which filters sigaction events
- afl-fuzz: new command line option -I to execute a command on a new crash
- no more unlinking the input file, this way the input file can also be a
- FIFO or disk partition
- setting LLVM_CONFIG for llvm_mode will now again switch to the selected
- llvm version. If your setup is correct.
- fuzzing strategy yields for custom mutator were missing from the UI, added them :)
- added "make tests" which will perform checks to see that all functionality
- is working as expected. this is currently the starting point, its not complete :)
- added mutation documentation feature ("make document"), creates afl-fuzz-document
- and saves all mutations of the first run on the first file into out/queue/mutations
- libtokencap and libdislocator now compile to the afl_root directory and are
- installed to the .../lib/afl directory when present during make install
- more BSD support, e.g. free CPU binding code for FreeBSD (thanks to devnexen)
- reducing duplicate code in afl-fuzz
- added "make help"
- removed compile warnings from python internal stuff
- added man page for afl-clang-fast[++]
- updated documentation
- Wine mode to run Win32 binaries with the QEMU instrumentation (-W)
- CompareCoverage for ARM target in QEMU/Unicorn
- 2.54c:
- big code refactoring:
- all includes are now in include/
- all afl sources are now in src/ - see src/README.src
- afl-fuzz was splitted up in various individual files for including
- functionality in other programs (e.g. forkserver, memory map, etc.)
- for better readability.
- new code indention everywhere
- auto-generating man pages for all (main) tools
- added AFL_FORCE_UI to show the UI even if the terminal is not detected
- llvm 9 is now supported (still needs testing)
- Android is now supported (thank to JoeyJiao!) - still need to modify the Makefile though
- fix building qemu on some Ubuntus (thanks to floyd!)
- custom mutator by a loaded library is now supported (thanks to kyakdan!)
- added PR that includes peak_rss_mb and slowest_exec_ms in the fuzzer_stats report
- more support for *BSD (thanks to devnexen!)
- fix building on *BSD (thanks to tobias.kortkamp for the patch)
- fix for a few features to support different map sized than 2^16
- afl-showmap: new option -r now shows the real values in the buckets (stock
- afl never did), plus shows tuple content summary information now
- small docu updates
- NeverZero counters for QEMU
- NeverZero counters for Unicorn
- CompareCoverage Unicorn
- immediates-only instrumentation for CompareCoverage
- 2.53c release
- imported the few minor changes from the 2.53b release
- unicorn_mode got added - thanks to domenukk for the patch!
- fix llvm_mode AFL_TRACE_PC with modern llvm
- fix a crash in qemu_mode which also exists in stock afl
- added libcompcov, a laf-intel implementation for qemu! :) see qemu_mode/libcompcov/README.libcompcov
- updated afl-fuzz and afl-system-config for new scaling governor location in modern kernels
- all queue, hang and crash files now have their discovery time in their name
- if llvm_mode was compiled, afl-clang/afl-clang++ will point to these instead of afl-gcc
- added instrim, a much faster llvm_mode instrumentation at the cost of path discovery. See llvm_mode/README.instrim (https://github.com/csienslab/instrim)
- added MOpt (github.com/puppet-meteor/MOpt-AFL) mode, see docs/README.MOpt
- added code to make it more portable to other platforms than Intel Linux
- added never zero counters for afl-gcc and optionally (because of an optimization issue in llvm < 9) for llvm_mode (AFL_LLVM_NEVER_ZERO=1)
- added a new doc about binary only fuzzing: docs/binaryonly_fuzzing.txt
- more cpu power for afl-system-config
- added forkserver patch to afl-tmin, makes it much faster (originally from github.com/nccgroup/TriforceAFL)
- added whitelist support for llvm_mode via AFL_LLVM_WHITELIST to allow only to instrument what is actually interesting. Gives more speed and less map pollution (originally by choller@mozilla)
- added Python Module mutator support, python2.7-dev is autodetected. see docs/python_mutators.txt (originally by choller@mozilla)
- added AFL_CAL_FAST for slow applications and AFL_DEBUG_CHILD_OUTPUT for debugging
- added -V time and -E execs option to better comparison runs, runs afl-fuzz for a specific time/executions.
- added a -s seed switch to allow afl run with a fixed initial seed that is not updated. This is good for performance and path discovery tests as the random numbers are deterministic then
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Oct 17 12:58:02 UTC 2019 - Richard Brown <rbrown@suse.com> Thu Oct 17 12:58:02 UTC 2019 - Richard Brown <rbrown@suse.com>

9
afl.spec
View File

@ -12,12 +12,12 @@
# license that conforms to the Open Source Definition (Version 1.9) # license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative. # published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/ # Please submit bugfixes or comments via http://bugs.opensuse.org/
# #
Name: afl Name: afl
Version: 2.52c Version: 2.58c
Release: 0 Release: 0
Summary: American fuzzy lop is a security-oriented fuzzer Summary: American fuzzy lop is a security-oriented fuzzer
License: Apache-2.0 License: Apache-2.0
@ -58,10 +58,10 @@ make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_doc
%ifnarch %{ix86} x86_64 %ifnarch %{ix86} x86_64
export AFL_NO_X86=1 export AFL_NO_X86=1
%endif %endif
make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} DESTDIR=%{buildroot} install make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} MAN_PATH=%{_mandir}/man8 DESTDIR=%{buildroot} install
%files %files
%doc docs/ChangeLog docs/COPYING docs/README docs/*.txt %doc docs/ChangeLog docs/COPYING docs/README.* docs/*.txt
%{_bindir}/%{name}-* %{_bindir}/%{name}-*
%dir %{_libexecdir}/%{name} %dir %{_libexecdir}/%{name}
%{_libexecdir}/%{name}/%{name}-as %{_libexecdir}/%{name}/%{name}-as
@ -71,5 +71,6 @@ make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_doc
%{_datadir}/%{name}/testcases/* %{_datadir}/%{name}/testcases/*
%dir %{_datadir}/afl/dictionaries/ %dir %{_datadir}/afl/dictionaries/
%{_datadir}/afl/dictionaries/* %{_datadir}/afl/dictionaries/*
%{_mandir}/man8/afl*.8*
%changelog %changelog