Hello community,
here is the log from the commit of package afl for openSUSE:Factory checked in
at 2016-06-19 10:49:33
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/afl (Old)
and /work/SRC/openSUSE:Factory/.afl.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "afl"
Changes:
--------
--- /work/SRC/openSUSE:Factory/afl/afl.changes 2016-06-02 09:38:51.000000000
+0200
+++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2016-06-19
10:49:35.000000000 +0200
@@ -1,0 +2,8 @@
+Wed Jun 15 18:26:54 UTC 2016 - astie...@suse.com
+
+- afl 2.14b:
+ - Added FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION as a macro
+ defined when compiling with afl-gcc and friends
+ - Refreshed some of the non-x86 docs.
+
+-------------------------------------------------------------------
Old:
----
afl-2.13b.tgz
New:
----
afl-2.14b.tgz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ afl.spec ++++++
--- /var/tmp/diff_new_pack.3zHLfB/_old 2016-06-19 10:49:36.000000000 +0200
+++ /var/tmp/diff_new_pack.3zHLfB/_new 2016-06-19 10:49:36.000000000 +0200
@@ -17,7 +17,7 @@
Name: afl
-Version: 2.13b
+Version: 2.14b
Release: 0
Summary: American fuzzy lop is a security-oriented fuzzer
License: Apache-2.0
++++++ afl-2.13b.tgz -> afl-2.14b.tgz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/afl-2.13b/Makefile new/afl-2.14b/Makefile
--- old/afl-2.13b/Makefile 2016-05-14 19:43:15.000000000 +0200
+++ new/afl-2.14b/Makefile 2016-06-07 08:45:45.000000000 +0200
@@ -14,7 +14,7 @@
#
PROGNAME = afl
-VERSION = 2.13b
+VERSION = 2.14b
PREFIX ?= /usr/local
BIN_PATH = $(PREFIX)/bin
@@ -50,7 +50,7 @@
test_x86:
@echo "[*] Checking for the ability to compile x86 code..."
- @echo 'main() { __asm__("xorb %al, %al"); }' | $(CC) -w -x c - -o .test
|| ( echo; echo "Oops, looks like your compiler can't generate x86 code.";
echo; echo "You can still try using the LLVM or QEMU mode, but see docs/INSTALL
first."; echo "To ignore this error, set AFL_NO_X86=1."; echo; exit 1 )
+ @echo 'main() { __asm__("xorb %al, %al"); }' | $(CC) -w -x c - -o .test
|| ( echo; echo "Oops, looks like your compiler can't generate x86 code.";
echo; echo "Don't panic! You can use the LLVM or QEMU mode, but see
docs/INSTALL first."; echo "(To ignore this error, set AFL_NO_X86=1 and try
again.)"; echo; exit 1 )
@rm -f .test
@echo "[+] Everything seems to be working, ready to compile."
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/afl-2.13b/afl-gcc.c new/afl-2.14b/afl-gcc.c
--- old/afl-2.13b/afl-gcc.c 2016-03-05 01:08:50.000000000 +0100
+++ new/afl-2.14b/afl-gcc.c 2016-06-07 20:07:28.000000000 +0200
@@ -262,7 +262,12 @@
cc_params[cc_par_cnt++] = "-O3";
cc_params[cc_par_cnt++] = "-funroll-loops";
+
+ /* Two indicators that you're building for fuzzing; one of them is
+ AFL-specific, the other is shared with libfuzzer. */
+
cc_params[cc_par_cnt++] = "-D__AFL_COMPILER=1";
+ cc_params[cc_par_cnt++] = "-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION=1";
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/afl-2.13b/afl-tmin.c new/afl-2.14b/afl-tmin.c
--- old/afl-2.13b/afl-tmin.c 2016-05-02 21:54:46.000000000 +0200
+++ new/afl-2.14b/afl-tmin.c 2016-05-29 23:42:29.000000000 +0200
@@ -15,7 +15,7 @@
A simple test case minimizer that takes an input file and tries to remove
as much data as possible while keeping the binary in a crashing state
*or* producing consistent instrumentation output (the mode is auto-selected
- based on initially observed behavior).
+ based on the initially observed behavior).
*/
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/afl-2.13b/docs/ChangeLog new/afl-2.14b/docs/ChangeLog
--- old/afl-2.13b/docs/ChangeLog 2016-05-15 17:31:07.000000000 +0200
+++ new/afl-2.14b/docs/ChangeLog 2016-06-07 20:06:05.000000000 +0200
@@ -17,6 +17,15 @@
to get on with the times.
--------------
+Version 2.14b:
+--------------
+
+ - Added FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION as a macro defined when
+ compiling with afl-gcc and friends. Suggested by Kostya Serebryany.
+
+ - Refreshed some of the non-x86 docs.
+
+--------------
Version 2.13b:
--------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/afl-2.13b/docs/INSTALL new/afl-2.14b/docs/INSTALL
--- old/afl-2.13b/docs/INSTALL 2016-02-20 21:10:50.000000000 +0100
+++ new/afl-2.14b/docs/INSTALL 2016-06-07 20:17:00.000000000 +0200
@@ -105,12 +105,19 @@
leverage two other options:
- The LLVM mode (see llvm_mode/README.llvm), which does not rely on
- x86-specific assembly shims,
+ x86-specific assembly shims. It's fast and robust, but requires a
+ complete installation of clang.
- The QEMU mode (see qemu_mode/README.qemu), which can be also used for
- fuzzing cross-platform binaries.
+ fuzzing cross-platform binaries. It's slower and more fragile, but
+ can be used even when you don't have the source for the tested app.
-In both cases, you will need to set AFL_NO_X86=1 before running make or gmake.
+If you're not sure what you need, you need the LLVM mode. To get it, try:
+
+$ AFL_NO_X86=1 gmake && gmake -C llvm_mode
+
+...and compile your target program with afl-clang-fast or afl-clang-fast++
+instead of the traditional afl-gcc or afl-clang wrappers.
5) Solaris on x86
-----------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/afl-2.13b/llvm_mode/afl-clang-fast.c
new/afl-2.14b/llvm_mode/afl-clang-fast.c
--- old/afl-2.13b/llvm_mode/afl-clang-fast.c 2016-03-12 23:38:56.000000000
+0100
+++ new/afl-2.14b/llvm_mode/afl-clang-fast.c 2016-06-07 20:07:43.000000000
+0200
@@ -198,6 +198,7 @@
cc_params[cc_par_cnt++] = "-D__AFL_HAVE_MANUAL_CONTROL=1";
cc_params[cc_par_cnt++] = "-D__AFL_COMPILER=1";
+ cc_params[cc_par_cnt++] = "-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION=1";
/* When the user tries to use persistent or deferred forkserver modes by
appending a single line to the program, we want to reliably inject a
