Marcus Meissner
9f0dce03a5
- updated to 4.20c
+ A new forkserver communication model is now introduced. afl-fuzz is
backward compatible to old compiled targets if they are not built
for CMPLOG/Redqueen, but new compiled targets will not work with
old afl-fuzz versions!
+ Recompile all targets that are instrumented for CMPLOG/Redqueen!
- AFL++ now supports up to 4 billion coverage edges, up from 6 million.
- New compile option: `make PERFORMANCE=1` - this will enable special
CPU dependent optimizations that make everything more performant - but
the binaries will likely won't work on different platforms. Also
enables a faster hasher if the CPU requirements are met.
- The persistent record feature (see config.h) was expanded to also
support replay, thanks to @quarta-qti !
- afl-fuzz:
- the new deterministic fuzzing feature is now activated by default,
deactivate with -z. Parameters -d and -D are ignored.
- small improvements to CMPLOG/redqueen
- workround for a bug with MOpt -L when used with -M - in the future
we will either remove or rewrite MOpt.
- fix for `-t xxx+` feature
- -e extension option now saves the queue items, crashes, etc. with the
extension too
- fixes for trimmming, correct -V time and reading stats on resume by eqv
thanks a lot!
- afl-cc:
- added collision free caller instrumentation to LTO mode. activate with
`AFL_LLVM_LTO_CALLER=1`. You can set a max depth to go through single
block functions with `AFL_LLVM_LTO_CALLER_DEPTH` (default 0)
- fixes for COMPCOV/LAF and most other modules
- fix for GCC_PLUGIN cmplog that broke on std::strings
OBS-URL: https://build.opensuse.org/request/show/1167801
OBS-URL: https://build.opensuse.org/package/show/devel:tools/afl?expand=0&rev=175
117 lines
3.7 KiB
RPMSpec
117 lines
3.7 KiB
RPMSpec
#
|
|
# spec file for package afl
|
|
#
|
|
# Copyright (c) 2024 SUSE LLC
|
|
#
|
|
# All modifications and additions to the file contributed by third parties
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
# upon. The license for this file, and modifications and additions to the
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
# license for the pristine package is not an Open Source License, in which
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
# published by the Open Source Initiative.
|
|
|
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
|
#
|
|
|
|
|
|
%define afl_rt compiler-rt,llvm-rt,llvm-rt-lto
|
|
|
|
%ifarch %{arm} %ix86 s390x x86_64
|
|
%define afl_32 1
|
|
%endif
|
|
|
|
%ifarch aarch64 ppc64 ppc64le riscv64 s390x x86_64
|
|
%define afl_64 1
|
|
%endif
|
|
|
|
Name: afl
|
|
Version: 4.20c
|
|
Release: 0
|
|
Summary: American fuzzy lop is a security-oriented fuzzer
|
|
#URL: https://lcamtuf.coredump.cx/afl/
|
|
License: Apache-2.0
|
|
URL: https://github.com/AFLplusplus/AFLplusplus
|
|
Source: https://github.com/AFLplusplus/AFLplusplus/archive/v%{version}.tar.gz
|
|
Source1: afl-rpmlintrc
|
|
Patch1: afl-3.0c-fix-paths.patch
|
|
BuildRequires: gcc-c++
|
|
BuildRequires: (clang < 16 or clang15)
|
|
%ifarch x86_64
|
|
BuildRequires: gcc-32bit
|
|
%endif
|
|
%if %?suse_version >= 1550
|
|
BuildRequires: gcc-devel
|
|
%endif
|
|
BuildRequires: lld
|
|
BuildRequires: python3-devel
|
|
BuildRequires: ((llvm-devel >= 11.0.0 with llvm-devel < 16) or llvm15-devel)
|
|
Requires: lld
|
|
|
|
%description
|
|
American fuzzy lop is a security-oriented fuzzer that employs a novel type
|
|
of compile-time instrumentation and genetic algorithms to automatically
|
|
discover clean, interesting test cases that trigger new internal states in
|
|
the targeted binary. This substantially improves the functional coverage
|
|
for the fuzzed code. The compact synthesized corpora produced by the tool
|
|
are also useful for seeding other, more labor- or resource-intensive
|
|
testing regimes down the road.
|
|
|
|
Compared to other instrumented fuzzers, afl-fuzz is designed to be
|
|
practical: it has modest performance overhead, uses a variety of highly
|
|
effective fuzzing strategies and effort minimization tricks, requires
|
|
essentially no configuration, and seamlessly handles complex, real-world
|
|
use cases - say, common image parsing or file compression libraries.
|
|
|
|
%prep
|
|
%setup -q -n AFLplusplus-%version
|
|
%patch -P1 -p1
|
|
sed -i 's|#!/usr/bin/env sh|#!/bin/sh|g' afl-cmin
|
|
sed -i 's|#!/usr/bin/env bash|#!/bin/bash|g' afl-cmin.bash
|
|
|
|
%build
|
|
export CFLAGS="$CFLAGS %{optflags} -fno-lto"
|
|
%ifnarch %{ix86} x86_64
|
|
export AFL_NO_X86=1
|
|
%endif
|
|
make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir}
|
|
# make radamsa
|
|
|
|
%install
|
|
%ifnarch %{ix86} x86_64
|
|
export AFL_NO_X86=1
|
|
%endif
|
|
make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} MAN_PATH=%{_mandir}/man8 DESTDIR=%{buildroot} install
|
|
chmod -x %{buildroot}/%{_libexecdir}/%{name}/*.o
|
|
|
|
%files
|
|
%license docs/COPYING LICENSE
|
|
%doc /usr/share/doc/packages/%name/
|
|
%{_bindir}/%{name}-*
|
|
%dir %{_libexecdir}/%{name}
|
|
%{_libexecdir}/%{name}/%{name}-as
|
|
%{_libexecdir}/%{name}/as
|
|
%if 0%{?afl_64}
|
|
%{_libexecdir}/%{name}/afl-{%{afl_rt}}-64.o
|
|
%endif
|
|
%if 0%{?afl_32}
|
|
%{_libexecdir}/%{name}/afl-{%{afl_rt}}-32.o
|
|
%endif
|
|
%ifarch aarch64
|
|
%{_libexecdir}/%{name}/afl-llvm-rt-lto-32.o
|
|
%endif
|
|
%{_libexecdir}/%{name}/afl-{%{afl_rt}}.o
|
|
%{_libexecdir}/%{name}/dynamic_list.txt
|
|
%{_libexecdir}/%{name}/*.so
|
|
%{_libexecdir}/%{name}/*.a
|
|
%dir %{_datadir}/%{name}
|
|
%dir %{_datadir}/%{name}/testcases
|
|
%{_datadir}/%{name}/testcases/*
|
|
%dir %{_datadir}/afl/dictionaries/
|
|
%{_datadir}/afl/dictionaries/*
|
|
%{_datadir}/afl/injections.dic
|
|
%{_mandir}/man8/afl*.8*
|
|
|
|
%changelog
|