commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2020-09-06 21:37:41 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.3399 (New) Package is "afl" Sun Sep 6 21:37:41 2020 rev:54 rq:832522 version:2.68c Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2020-08-19 19:02:38.948027148 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new.3399/afl.changes2020-09-06 21:39:03.893737822 +0200 @@ -1,0 +2,30 @@ +Sat Sep 5 08:43:19 UTC 2020 - Marcus Meissner + +- updated to 2.68c + - added the GSoC excellent afl++ grammar mutator by Shengtuo to our +custom_mutators/ (see custom_mutators/README.md) - or get it here: +https://github.com/AFLplusplus/Grammar-Mutator + - a few QOL changes for Apple and its outdated gmake + - afl-fuzz: +- fix for auto dictionary entries found during fuzzing to not throw out + a -x dictionary +- added total execs done to plot file +- AFL_MAX_DET_EXTRAS env variable added to control the amount of + deterministic dict entries without recompiling. +- AFL_FORKSRV_INIT_TMOUT env variable added to control the time to wait + for the forkserver to come up without the need to increase the overall + timeout. +- bugfix for cmplog that results in a heap overflow based on target data + (thanks to the magma team for reporting!) +- write fuzzing setup into out/fuzzer_setup (environment variables and + command line) + - custom mutators: +- added afl_custom_fuzz_count/fuzz_count function to allow specifying + the number of fuzz attempts for custom_fuzz + - llvm_mode: +- ported SanCov to LTO, and made it the default for LTO. better +
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2020-08-19 19:01:12 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.3399 (New) Package is "afl" Wed Aug 19 19:01:12 2020 rev:53 rq:827914 version:2.67c Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2020-07-03 00:17:36.389099134 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new.3399/afl.changes2020-08-19 19:02:38.948027148 +0200 @@ -1,0 +2,50 @@ +Wed Aug 19 14:35:25 UTC 2020 - Marcus Meissner + +- updated to 2.67c + - Support for improved afl++ snapshot module: +https://github.com/AFLplusplus/AFL-Snapshot-LKM + - Due to the instrumentation needing more memory, the initial memory sizes +for -m have been increased + - afl-fuzz: + - added -F option to allow -M main fuzzers to sync to foreign fuzzers, + e.g. honggfuzz or libfuzzer + - added -b option to bind to a specific CPU + - eliminated CPU affinity race condition for -S/-M runs + - expanded havoc mode added, on no cycle finds add extra splicing and + MOpt into the mix + - fixed a bug in redqueen for strings and made deterministic with -s + - llvm_mode: + - now supports llvm 12 + - support for AFL_LLVM_ALLOWLIST/AFL_LLVM_DENYLIST (previous + AFL_LLVM_WHITELIST and AFL_LLVM_INSTRUMENT_FILE are deprecated and + are matched to AFL_LLVM_ALLOWLIST). The format is compatible to llvm + sancov, and also supports function matching :) + - added neverzero counting to trace-pc/pcgard + - fixes for laf-intel float splitting (thanks to mark-griffin for + reporting) + - fixes for llvm 4.0 + -
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2020-07-03 00:13:55 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.3060 (New) Package is "afl" Fri Jul 3 00:13:55 2020 rev:52 rq:818325 version:2.66c Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2020-05-15 23:52:25.225556145 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new.3060/afl.changes2020-07-03 00:17:36.389099134 +0200 @@ -1,0 +2,63 @@ +Thu Jul 2 09:59:38 UTC 2020 - Marcus Meissner + +- updated to 2.66c + - renamed blacklist/whitelist to ignorelist/instrumentlist -> +AFL_LLVM_INSTRUMENT_FILE and AFL_GCC_INSTRUMENT_FILE + - warn on deprecated environment variables + - afl-fuzz: + - -S secondary nodes now only sync from the main node to increase + performance, the -M main node still syncs from everyone. Added checks + that ensure exactly one main node is present and warn otherwise + - Add -D after -S to force a secondary to perform deterministic fuzzing + - If no main node is present at a sync one secondary node automatically + becomes a temporary main node until a real main nodes shows up + - Fixed a mayor performance issue we inherited from AFLfast + - switched murmur2 hashing and random() for xxh3 and xoshiro256**, + resulting in an up to 5.5% speed increase + - Resizing the window does not crash afl-fuzz anymore + - Ensure that the targets are killed on exit + - fix/update to MOpt (thanks to arnow117) + - added MOpt dictionary support from repo + - added experimental SEEK power schedule. It is EXPLORE with ignoring + the runtime and less focus on the length of the test case + - llvm_mode: +- the default instrumentation is now PCGUARD if the llvm version is >= 7, + as it is faster and provides better coverage. The original afl + instrumentation can be set via AFL_LLVM_INSTRUMENT=AFL. This is + automatically done when the instrument_file list feature is used. +- PCGUARD mode is now even better because we made it collision free - plus + it has a fixed map size, so it is also faster! :) +- some targets want a ld variant for LD that is not gcc/clang but ld, + added afl-ld-lto to solve this +- lowered minimum required llvm version to 3.4 (except LLVMInsTrim, which + needs 3.8.0) +- instrument_file list feature now supports wildcards (thanks to sirmc) +- small change to cmplog to make it work with current llvm 11-dev +- added AFL_LLVM_LAF_ALL, sets all laf-intel settings +- LTO instrument_files functionality rewritten, now main, _init etc functions + need not to be listed anymore +- fixed crash in compare-transform-pass when strcasecmp/strncasecmp was + tried to be instrumented with LTO +- fixed crash in cmplog with LTO +- enable snapshot lkm also for persistent mode + - Unicornafl +- Added powerPC support from unicorn/next +- rust bindings! + - CMPLOG/Redqueen now also works for MMAP sharedmem + - ensure shmem is released on errors + - we moved radamsa to be a custom mutator in ./custom_mutators/. It is not +compiled by default anymore. + - allow running in /tmp (only unsafe with umask 0) + - persistent mode shared memory testcase handover (instead of via +files/stdin) - 10-100% performance increase + - General support for 64 bit PowerPC, RiscV, Sparc etc. + - fix afl-cmin.bash + - slightly better performance compilation options for afl++ and targets + - fixed afl-gcc/afl-as that could break on fast systems reusing pids in +the same second + - added lots of dictionaries from oss-fuzz, go-fuzz and Jakub Wilk + - added former post_library examples to examples/custom_mutators/ + - Dockerfile upgraded to Ubuntu 20.04 Focal and installing llvm 11 and +gcc 10 so afl-clang-lto can be build + +--- Old: 2.65c.tar.gz New: 2.66c.tar.gz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.txsSWl/_old 2020-07-03 00:17:37.141101628 +0200 +++ /var/tmp/diff_new_pack.txsSWl/_new 2020-07-03 00:17:37.145101641 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.65c +Version:2.66c Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 @@ -53,7 +53,7 @@ export AFL_NO_X86=1 %endif make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} -make radamsa +# make radamsa %install %ifnarch %{ix86} x86_64 @@ -70,7 +70,7 @@ %{_libexecdir}/%{name}/as #{_libexecdir}/%{name}/argvfuzz*.so
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2020-05-15 23:52:21 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.2738 (New) Package is "afl" Fri May 15 23:52:21 2020 rev:51 rq:805787 version:2.65c Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2020-04-21 13:12:13.956999603 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new.2738/afl.changes2020-05-15 23:52:25.225556145 +0200 @@ -1,0 +2,47 @@ +Fri May 15 09:24:47 UTC 2020 - Marcus Meissner + +- updated to 2.65c + - afl-fuzz: + - AFL_MAP_SIZE was not working correctly + - better python detection + - an old, old bug in afl that would show negative stability in rare + circumstances is now hopefully fixed + - AFL_POST_LIBRARY was deprecated, use AFL_CUSTOM_MUTATOR_LIBRARY + instead (see docs/custom_mutators.md) + - llvm_mode: + - afl-clang-fast/lto now do not skip single block functions. This + behaviour can be reactivated with AFL_LLVM_SKIPSINGLEBLOCK + - if LLVM 11 is installed the posix shm_open+mmap is used and a fixed + address for the shared memory map is used as this increases the + fuzzing speed + - InsTrim now has an LTO version! :-) That is the best and fastest mode! + - fixes to LTO mode if instrumented edges > MAP_SIZE + - CTX and NGRAM can now be used together + - CTX and NGRAM are now also supported in CFG/INSTRIM mode + - AFL_LLVM_LAF_TRANSFORM_COMPARES could crash, fixed + - added AFL_LLVM_SKIP_NEVERZERO to skip the never zero coverage counter + implementation. For targets with few or no loops or heavily called + functions. Gives a small performance boost. + - qemu_mode: +- add information on PIE/PIC load addresses for 32 bit +- better dependency checks + - gcc_plugin: +- better dependency checks + - unicorn_mode: +- validate_crash_callback can now count non-crashing inputs as crash as well +- better submodule handling + - afl-showmap: fix for -Q mode + - added examples/afl_network_proxy which allows to fuzz a target over the +network (not fuzzing tcp/ip services but running afl-fuzz on one system +and the target being on an embedded device) + - added examples/afl_untracer which does a binary-only fuzzing with the +modifications done in memory (intel32/64 and aarch64 support) + - added examples/afl_proxy which can be easily used to fuzz and instrument +non-standard things + - all: +- forkserver communication now also used for error reporting +- fix 32 bit build options +- make clean now leaves qemu-3.1.1.tar.xz and the unicornafl directory + intact if in a git/svn checkout - unless "deepclean" is used + +--- Old: 2.64c.tar.gz New: 2.65c.tar.gz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.LPUXrg/_old 2020-05-15 23:52:25.949557541 +0200 +++ /var/tmp/diff_new_pack.LPUXrg/_new 2020-05-15 23:52:25.957557556 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.64c +Version:2.65c Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ 2.64c.tar.gz -> 2.65c.tar.gz ++ 25423 lines of diff (skipped)
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2020-04-21 13:12:10 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.2738 (New) Package is "afl" Tue Apr 21 13:12:10 2020 rev:50 rq:795494 version:2.64c Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2020-04-13 12:53:48.088661574 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new.2738/afl.changes2020-04-21 13:12:13.956999603 +0200 @@ -1,0 +2,26 @@ +Sat Apr 18 07:05:42 UTC 2020 - Marcus Meissner + +- updated to 2.64c + - llvm_mode LTO mode: +- now requires llvm11 - but compiles all targets! :) +- autodictionary feature added, enable with `AFL_LLVM_LTO_AUTODICTIONARY` +- variable map size usage + - afl-fuzz: +- variable map size support added (only LTO mode can use this) +- snapshot feature usage now visible in UI +- Now setting `-L -1` will enable MOpt in parallel to normal mutation. + Additionally, this allows to run dictionaries, radamsa and cmplog. +- fix for cmplog/redqueen mode if stdin was used +- fix for writing a better plot_data file + - qemu_mode: fix for persistent mode (which would not terminate or get stuck) + - compare-transform/AFL_LLVM_LAF_TRANSFORM_COMPARES now transforms also +static global and local variable comparisons (cannot find all though) + - extended forkserver: map_size and more information is communicated to +afl-fuzz (and afl-fuzz acts accordingly) + - new environment variable: AFL_MAP_SIZE to specify the size of the shared map + - if AFL_CC/AFL_CXX is set but empty afl compilers did fail, fixed +(this bug is in vanilla afl too) + - added NO_PYTHON flag to disable python support when building afl-fuzz + - more refactoring + +--- Old: 2.63c.tar.gz New: 2.64c.tar.gz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.VgL5bS/_old 2020-04-21 13:12:15.513002706 +0200 +++ /var/tmp/diff_new_pack.VgL5bS/_new 2020-04-21 13:12:15.517002714 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.63c +Version:2.64c Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ 2.63c.tar.gz -> 2.64c.tar.gz ++ 10170 lines of diff (skipped)
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2020-04-13 12:53:44 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.3248 (New) Package is "afl" Mon Apr 13 12:53:44 2020 rev:49 rq:793420 version:2.63c Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2020-02-29 21:24:27.470509772 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new.3248/afl.changes2020-04-13 12:53:48.088661574 +0200 @@ -1,0 +2,54 @@ +Sun Apr 12 11:04:35 UTC 2020 - Marcus Meissner + +- updated to 2.63c + - all: +- big code changes to make afl-fuzz thread-safe so afl-fuzz can spawn + multiple fuzzing threads in the future or even become a library +- afl basic tools now report on the environment variables picked up +- more tools get environment variable usage info in the help output +- force all output to stdout (some OK/SAY/WARN messages were sent to + stdout, some to stderr) +- uninstrumented mode uses an internal forkserver ("fauxserver") +- now builds with `-D_FORTIFY_SOURCE=2` +- drastically reduced number of (de)allocations during fuzzing + - afl-fuzz: +- python mutator modules and custom mutator modules now use the same + interface and hence the API changed +- AFL_AUTORESUME will resume execution without the need to specify `-i -` +- added experimental power schedules (-p): + - mmopt: ignores runtime of queue entries, gives higher weighting to + the last 5 queue entries + - rare: puts focus on queue entries that hits rare branches, also ignores + runtime + - llvm_mode: +- added SNAPSHOT feature (using https://github.com/AFLplusplus/AFL-Snapshot-LKM) +- added Control Flow Integrity sanitizer (AFL_USE_CFISAN) +- added AFL_LLVM_INSTRUMENT option to control the instrumentation type + easier: DEFAULT, CFG (INSTRIM), LTO, CTX, NGRAM-x (x=2-16) +- made USE_TRACE_PC compile obsolete + - LTO collision free instrumented added in llvm_mode with afl-clang-lto - +note that this mode is amazing, but quite some targets won't compile + - Added llvm_mode NGRAM prev_loc coverage by Adrean Herrera +(https://github.com/adrianherrera/afl-ngram-pass/), activate by setting +AFL_LLVM_INSTRUMENT=NGRAM- or AFL_LLVM_NGRAM_SIZE= + - Added llvm_mode context sensitive branch coverage, activated by setting +AFL_LLVM_INSTRUMENT=CTX or AFL_LLVM_CTX=1 + - llvm_mode InsTrim mode: +- removed workaround for bug where paths were not instrumented and + imported fix by author +- made skipping 1 block functions an option and is disabled by default, + set AFL_LLVM_INSTRIM_SKIPSINGLEBLOCK=1 to re-enable this + - qemu_mode: +- qemu_mode now uses solely the internal capstone version to fix builds + on modern Linux distributions +- QEMU now logs routine arguments for CmpLog when the target is x86 + - afl-tmin: +- now supports hang mode `-H` to minimize hangs +- fixed potential afl-tmin missbehavior for targets with multiple hangs + - Pressing Control-c in afl-cmin did not terminate it for some OS + - the custom API was rewritten and is now the same for Python and shared +libraries. +- afl-1.58b-fix-paths.patch moved to +- afl-2.63c-fix-paths.patch: adjust Makefile -> GNUmakefile + +--- Old: 2.62c.tar.gz afl-1.58b-fix-paths.patch New: 2.63c.tar.gz afl-2.63c-fix-paths.patch Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.qJee4v/_old 2020-04-13 12:53:49.024661982 +0200 +++ /var/tmp/diff_new_pack.qJee4v/_new 2020-04-13 12:53:49.028661983 +0200 @@ -17,14 +17,14 @@ Name: afl -Version:2.62c +Version:2.63c Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 URL:http://lcamtuf.coredump.cx/afl/ Source: https://github.com/vanhauser-thc/AFLplusplus/archive/%{version}.tar.gz Source1:afl-rpmlintrc -Patch1: afl-1.58b-fix-paths.patch +Patch1: afl-2.63c-fix-paths.patch BuildRequires: gcc-c++ %description @@ -68,8 +68,8 @@ %dir %{_libexecdir}/%{name} %{_libexecdir}/%{name}/%{name}-as %{_libexecdir}/%{name}/as -%{_libexecdir}/%{name}/argvfuzz*.so -%{_libexecdir}/%{name}/socketfuzz*.so +#{_libexecdir}/%{name}/argvfuzz*.so +#{_libexecdir}/%{name}/socketfuzz*.so %{_libexecdir}/%{name}/libradamsa.so %dir %{_datadir}/%{name} %dir %{_datadir}/%{name}/testcases ++ 2.62c.tar.gz -> 2.63c.tar.gz ++ 36352 lines of diff (skipped) ++ afl-2.63c-fix-paths.patch ++ Index: AFLplusplus-2.63c/GNUmakefile
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2020-02-29 21:24:19 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.26092 (New) Package is "afl" Sat Feb 29 21:24:19 2020 rev:48 rq:780291 version:2.62c Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2020-02-26 15:04:09.801085466 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new.26092/afl.changes 2020-02-29 21:24:27.470509772 +0100 @@ -1,0 +2,8 @@ +Fri Feb 28 14:09:26 UTC 2020 - Marcus Meissner + +- updated to 2.62c + - Important fix for memory allocation functions that result in afl-fuzz not identifying crashes - UPDATE! + - Small fix for -E/-V to release the CPU + - CmpLog does not need sancov anymore + +--- Old: 2.61c.tar.gz New: 2.62c.tar.gz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.xUQaqk/_old 2020-02-29 21:24:29.290513374 +0100 +++ /var/tmp/diff_new_pack.xUQaqk/_new 2020-02-29 21:24:29.294513382 +0100 @@ -17,7 +17,7 @@ Name: afl -Version:2.61c +Version:2.62c Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ 2.61c.tar.gz -> 2.62c.tar.gz ++ 2212 lines of diff (skipped)
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2020-02-26 15:04:09 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.26092 (New) Package is "afl" Wed Feb 26 15:04:09 2020 rev:47 rq:779153 version:2.61c Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2020-02-10 21:53:57.670208826 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new.26092/afl.changes 2020-02-26 15:04:09.801085466 +0100 @@ -1,0 +2,56 @@ +Tue Feb 25 12:04:22 UTC 2020 - Marcus Meissner + +- updated to 2.61c + - use -march=native if available + - most tools now check for mistyped environment variables + - gcc 10 is now supported + - the memory safety checks are now disabled for a little more speed during +fuzzing (only affects creating queue entries), can be toggled in config.h + - afl-fuzz: + - MOpt out of bounds writing crash fixed + - now prints the real python version support compiled in + - set stronger performance compile options and little tweaks + - Android: prefer bigcores when selecting a CPU + - CmpLog forkserver + - Redqueen input-2-state mutator (cmp instructions only ATM) + - all Python 2+3 versions supported now + - changed execs_per_sec in fuzzer_stats from "current" execs per second + (which is pointless) to total execs per second + - bugfix for dictionary insert stage count (fix via Google repo PR) + - added warning if -M is used together with custom mutators with _ONLY option + - AFL_TMPDIR checks are now later and better explained if they fail + - llvm_mode + - InsTrim: three bug fixes: +1. (minor) no pointless instrumentation of 1 block functions +2. (medium) path bug that leads a few blocks not instrumented that +
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2020-02-10 21:53:44 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.26092 (New) Package is "afl" Mon Feb 10 21:53:44 2020 rev:46 rq:772508 version:2.60c Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2020-01-03 17:37:19.347306078 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new.26092/afl.changes 2020-02-10 21:53:57.670208826 +0100 @@ -1,0 +2,5 @@ +Sun Feb 9 16:12:14 UTC 2020 - Marcus Meissner + +- added radamsa mutator + +--- Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.NV5sSK/_old 2020-02-10 21:53:58.186209111 +0100 +++ /var/tmp/diff_new_pack.NV5sSK/_new 2020-02-10 21:53:58.190209114 +0100 @@ -1,7 +1,7 @@ # # spec file for package afl # -# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -21,7 +21,7 @@ Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 -Url:http://lcamtuf.coredump.cx/afl/ +URL:http://lcamtuf.coredump.cx/afl/ Source: https://github.com/vanhauser-thc/AFLplusplus/archive/%{version}.tar.gz Source1:afl-rpmlintrc Patch1: afl-1.58b-fix-paths.patch @@ -53,6 +53,7 @@ export AFL_NO_X86=1 %endif make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} +make radamsa %install %ifnarch %{ix86} x86_64 @@ -69,6 +70,7 @@ %{_libexecdir}/%{name}/as %{_libexecdir}/%{name}/argvfuzz*.so %{_libexecdir}/%{name}/socketfuzz*.so +%{_libexecdir}/%{name}/libradamsa.so %dir %{_datadir}/%{name} %dir %{_datadir}/%{name}/testcases %{_datadir}/%{name}/testcases/*
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2020-01-03 17:37:17 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.6675 (New) Package is "afl" Fri Jan 3 17:37:17 2020 rev:45 rq:760476 version:2.60c Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2019-12-28 13:40:44.426939678 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new.6675/afl.changes2020-01-03 17:37:19.347306078 +0100 @@ -1,0 +2,13 @@ +Thu Jan 2 08:31:09 UTC 2020 - Marcus Meissner + +- updated to 2.60c + - fixed a critical bug in afl-tmin that was introduced during ++2.53d + - added test cases for afl-cmin and afl-tmin to test/test.sh + - added ./experimental/argv_fuzzing ld_preload library by Kjell Braden + - added preeny's desock_dup ld_preload library as +./experimental/socket_fuzzing for network fuzzing + - added AFL_AS_FORCE_INSTRUMENT environment variable for afl-as - this is +for the retrorewrite project + - we now set QEMU_SET_ENV from AFL_PRELOAD when qemu_mode is used + +--- Old: 2.59c.tar.gz New: 2.60c.tar.gz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.z3vTig/_old 2020-01-03 17:37:19.843306333 +0100 +++ /var/tmp/diff_new_pack.z3vTig/_new 2020-01-03 17:37:19.847306335 +0100 @@ -1,7 +1,7 @@ # # spec file for package afl # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: afl -Version:2.59c +Version:2.60c Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 @@ -67,6 +67,8 @@ %dir %{_libexecdir}/%{name} %{_libexecdir}/%{name}/%{name}-as %{_libexecdir}/%{name}/as +%{_libexecdir}/%{name}/argvfuzz*.so +%{_libexecdir}/%{name}/socketfuzz*.so %dir %{_datadir}/%{name} %dir %{_datadir}/%{name}/testcases %{_datadir}/%{name}/testcases/* ++ 2.59c.tar.gz -> 2.60c.tar.gz ++ 1799 lines of diff (skipped)
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2019-12-28 13:40:33 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.6675 (New) Package is "afl" Sat Dec 28 13:40:33 2019 rev:44 rq:759716 version:2.59c Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2019-11-26 17:02:33.564044474 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new.6675/afl.changes2019-12-28 13:40:44.426939678 +0100 @@ -1,0 +2,33 @@ +Fri Dec 27 16:01:06 UTC 2019 - Marcus Meissner + +- updated to 2.59c + - qbdi_mode: fuzz android native libraries via QBDI framework + - unicorn_mode: switched to the new unicornafl, thanks domenukk + (see https://github.com/vanhauser-thc/unicorn) + - afl-fuzz: + - added radamsa as (an optional) mutator stage (-R[R]) + - added -u command line option to not unlink the fuzz input file + - Python3 support (autodetect) + - AFL_DISABLE_TRIM env var to disable the trim stage + - CPU affinity support for DragonFly + - llvm_mode: + - float splitting is now configured via AFL_LLVM_LAF_SPLIT_FLOATS + - support for llvm 10 included now (thanks to devnexen) + - libtokencap: + - support for *BSD/OSX/Dragonfly added + - hook common *cmp functions from widely used libraries + - compcov: + - hook common *cmp functions from widely used libraries + - floating point splitting support for QEMU on x86 targets + - qemu_mode: AFL_QEMU_DISABLE_CACHE env to disable QEMU TranslationBlocks caching + - afl-analyze: added AFL_SKIP_BIN_CHECK support + - better random numbers for gcc_plugin and llvm_mode (thanks to devnexen) + - Dockerfile by courtesy of devnexen + - added regex.dictionary + - qemu and unicorn download scripts now try to download until the full +download succeeded. f*ckin travis fails downloading 40% of the time! + - more support for Android (please test!) + - added the few Android stuff we didnt have already from Google afl repository + - removed unnecessary warnings + +--- Old: 2.58c.tar.gz New: 2.59c.tar.gz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.w8E7II/_old 2019-12-28 13:40:45.866940404 +0100 +++ /var/tmp/diff_new_pack.w8E7II/_new 2019-12-28 13:40:45.886940414 +0100 @@ -12,12 +12,12 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # Name: afl -Version:2.58c +Version:2.59c Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ 2.58c.tar.gz -> 2.59c.tar.gz ++ 38702 lines of diff (skipped)
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2019-11-26 17:02:06 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.26869 (New) Package is "afl" Tue Nov 26 17:02:06 2019 rev:43 rq:750847 version:2.58c Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2019-11-06 13:51:44.951873051 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new.26869/afl.changes 2019-11-26 17:02:33.564044474 +0100 @@ -1,0 +2,80 @@ +Sat Nov 9 16:05:04 UTC 2019 - Marcus Meissner + +- updated to 2.58c + - reverted patch to not unlink and recreate the input file, it resulted in performance loss of ~10% + - added test/test-performance.sh script + - (re)added gcc_plugin, fast inline instrumentation is not yet finished, however it includes the whitelisting and persistance feature! by hexcoder- + - gcc_plugin tests added to testing framework +- jump to 2.57 instead of 2.55 to catch up with Google's versioning + - persistent mode for QEMU (see qemu_mode/README.md) + - custom mutator library is now an additional mutator, to exclusivly use it + - add AFL_CUSTOM_MUTATOR_ONLY (that will trigger the previous behaviour) + - new library qemu_mode/unsigaction which filters sigaction events + - afl-fuzz: new command line option -I to execute a command on a new crash + - no more unlinking the input file, this way the input file can also be a + - FIFO or disk partition + - setting LLVM_CONFIG for llvm_mode will now again switch to the selected + - llvm version. If your setup is correct. + - fuzzing strategy yields for custom mutator were missing from the UI, added them :) + - added "make tests" which will perform checks to see that all functionality + - is working as expected. this is currently the starting point, its not complete :) + - added mutation documentation feature ("make document"), creates afl-fuzz-document + - and saves all mutations of the first run on the first file into out/queue/mutations + - libtokencap and libdislocator now compile to the afl_root directory and are + - installed to the .../lib/afl directory when present during make install + - more BSD support, e.g. free CPU binding code for FreeBSD (thanks to devnexen) + - reducing duplicate code in afl-fuzz + - added "make help" + - removed compile warnings from python internal stuff + - added man page for afl-clang-fast[++] + - updated documentation + - Wine mode to run Win32 binaries with the QEMU instrumentation (-W) + - CompareCoverage for ARM target in QEMU/Unicorn +- 2.54c: + - big code refactoring: + - all includes are now in include/ + - all afl sources are now in src/ - see src/README.src + - afl-fuzz was splitted up in various individual files for including + - functionality in other programs (e.g. forkserver, memory map, etc.) + - for better readability. + - new code indention everywhere + - auto-generating man pages for all (main) tools + - added AFL_FORCE_UI to show the UI even if the terminal is not detected + - llvm 9 is now supported (still needs testing) + - Android is now supported (thank to JoeyJiao!) - still need to modify the Makefile though + - fix building qemu on some Ubuntus (thanks to floyd!) + - custom mutator by a loaded library is now supported (thanks to kyakdan!) + - added PR that includes peak_rss_mb and slowest_exec_ms in the fuzzer_stats report + - more support for *BSD (thanks to devnexen!) + - fix building on *BSD (thanks to tobias.kortkamp for the patch) + - fix for a few features to support different map sized than 2^16 + - afl-showmap: new option -r now shows the real values in the buckets (stock + - afl never did), plus shows tuple content summary information now + - small docu updates + - NeverZero counters for QEMU + - NeverZero counters for Unicorn + - CompareCoverage Unicorn + - immediates-only instrumentation for CompareCoverage +- 2.53c release + - imported the few minor changes from the 2.53b release + - unicorn_mode got added - thanks to domenukk for the patch! + - fix llvm_mode AFL_TRACE_PC with modern llvm + - fix a crash in qemu_mode which also exists in stock afl + - added libcompcov, a laf-intel implementation for qemu! :) see qemu_mode/libcompcov/README.libcompcov + - updated afl-fuzz and afl-system-config for new scaling governor location in modern kernels + - all queue, hang and crash files now have their discovery time in their name + - if llvm_mode was compiled, afl-clang/afl-clang++ will point to these instead of afl-gcc + - added instrim, a much faster llvm_mode instrumentation at the cost of path discovery. See llvm_mode/README.instrim (https://github.com/csienslab/instrim) + - added MOpt (github.com/puppet-meteor/MOpt-AFL) mode, see docs/README.MOpt + - added code
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2019-11-06 13:51:38 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.2990 (New) Package is "afl" Wed Nov 6 13:51:38 2019 rev:42 rq:739467 version:2.52c Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2019-06-24 21:54:06.496140540 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new.2990/afl.changes2019-11-06 13:51:44.951873051 +0100 @@ -1,0 +2,5 @@ +Thu Oct 17 12:58:02 UTC 2019 - Richard Brown + +- Remove obsolete Groups tag (fate#326485) + +--- Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.ugRoLM/_old 2019-11-06 13:51:46.995875267 +0100 +++ /var/tmp/diff_new_pack.ugRoLM/_new 2019-11-06 13:51:46.995875267 +0100 @@ -21,7 +21,6 @@ Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 -Group: Development/Tools/Debuggers Url:http://lcamtuf.coredump.cx/afl/ Source: https://github.com/vanhauser-thc/AFLplusplus/archive/%{version}.tar.gz Source1:afl-rpmlintrc
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2019-06-24 21:53:14 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new.4615 (New) Package is "afl" Mon Jun 24 21:53:14 2019 rev:41 rq:711649 version:2.52c Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2018-08-31 10:48:01.391463775 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new.4615/afl.changes2019-06-24 21:54:06.496140540 +0200 @@ -1,0 +2,10 @@ +Sun Jun 23 17:44:06 UTC 2019 - Marcus Meissner + +- updated to afl++ 2.52c version, community fork. It integrates + various community patches. + - community patches to make llvm_mode and qemu_mode faster, plus new features and bugfixes + - qemu upgraded to 3.1 + - aflfast powerschedules added + - llvm_mode now supports llvm up to version 8 + +--- Old: afl-2.52b.tgz New: 2.52c.tar.gz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.OAWx41/_old 2019-06-24 21:54:07.364141207 +0200 +++ /var/tmp/diff_new_pack.OAWx41/_new 2019-06-24 21:54:07.364141207 +0200 @@ -1,7 +1,7 @@ # # spec file for package afl # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,18 +12,18 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # Name: afl -Version:2.52b +Version:2.52c Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 Group: Development/Tools/Debuggers Url:http://lcamtuf.coredump.cx/afl/ -Source: http://lcamtuf.coredump.cx/afl/releases/%{name}-%{version}.tgz +Source: https://github.com/vanhauser-thc/AFLplusplus/archive/%{version}.tar.gz Source1:afl-rpmlintrc Patch1: afl-1.58b-fix-paths.patch BuildRequires: gcc-c++ @@ -44,7 +44,7 @@ use cases - say, common image parsing or file compression libraries. %prep -%setup -q +%setup -q -n AFLplusplus-%version %patch1 -p1 sed -i 's|#!/usr/bin/env bash|#!/bin/bash|g' afl-cmin
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2018-08-31 10:48:01 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Fri Aug 31 10:48:01 2018 rev:40 rq:632354 version:2.52b Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2017-11-07 10:01:22.142964702 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2018-08-31 10:48:01.391463775 +0200 @@ -1,0 +2,5 @@ +Thu Aug 30 15:03:49 UTC 2018 - Guillaume GARDET + +- Fix build on non X86* platforms + +--- Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.ZYtEr4/_old 2018-08-31 10:48:01.999464526 +0200 +++ /var/tmp/diff_new_pack.ZYtEr4/_new 2018-08-31 10:48:01.999464526 +0200 @@ -1,7 +1,7 @@ # # spec file for package afl # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -27,7 +27,6 @@ Source1:afl-rpmlintrc Patch1: afl-1.58b-fix-paths.patch BuildRequires: gcc-c++ -ExclusiveArch: i586 x86_64 %description American fuzzy lop is a security-oriented fuzzer that employs a novel type @@ -51,9 +50,15 @@ %build export CFLAGS="$CFLAGS %{optflags}" +%ifnarch %{ix86} x86_64 +export AFL_NO_X86=1 +%endif make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} %install +%ifnarch %{ix86} x86_64 +export AFL_NO_X86=1 +%endif make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} DESTDIR=%{buildroot} install %files
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2017-11-07 10:00:41 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Tue Nov 7 10:00:41 2017 rev:39 rq:539104 version:2.52b Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2017-09-04 12:39:09.651552081 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2017-11-07 10:01:22.142964702 +0100 @@ -1,0 +2,13 @@ +Sun Nov 5 07:57:53 UTC 2017 - mar...@gmx.de + +- Update to version 2.52b: + * Upgraded QEMU patches from 2.3.0 to 2.10.0. Required troubleshooting +several weird issues. + * Added setsid to afl-showmap. See the notes for 2.51b. + * Added target mode (deferred, persistent, qemu, etc) to fuzzer_stats. + * afl-tmin should now save a partially minimized file when Ctrl-C +is pressed. + * Added an option for afl-analyze to dump offsets in hex. + * Added support for parameters in triage_crashes.sh. + +--- Old: afl-2.51b.tgz New: afl-2.52b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.a1n2eA/_old 2017-11-07 10:01:22.918936550 +0100 +++ /var/tmp/diff_new_pack.a1n2eA/_new 2017-11-07 10:01:22.922936405 +0100 @@ -17,7 +17,7 @@ Name: afl -Version:2.51b +Version:2.52b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 @@ -47,6 +47,7 @@ %prep %setup -q %patch1 -p1 +sed -i 's|#!/usr/bin/env bash|#!/bin/bash|g' afl-cmin %build export CFLAGS="$CFLAGS %{optflags}" ++ afl-2.51b.tgz -> afl-2.52b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.51b/Makefile new/afl-2.52b/Makefile --- old/afl-2.51b/Makefile 2017-01-15 02:50:54.0 +0100 +++ new/afl-2.52b/Makefile 2017-11-05 03:26:11.0 +0100 @@ -4,7 +4,7 @@ # # Written and maintained by Michal Zalewski# -# Copyright 2013, 2014, 2015, 2016 Google Inc. All rights reserved. +# Copyright 2013, 2014, 2015, 2016, 2017 Google Inc. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -111,8 +111,8 @@ .NOTPARALLEL: clean clean: - rm -f $(PROGS) afl-as as afl-g++ afl-clang afl-clang++ *.o *~ a.out core core.[1-9][0-9]* *.stackdump test .test test-instr .test-instr0 .test-instr1 qemu_mode/qemu-2.3.0.tar.bz2 afl-qemu-trace - rm -rf out_dir qemu_mode/qemu-2.3.0 + rm -f $(PROGS) afl-as as afl-g++ afl-clang afl-clang++ *.o *~ a.out core core.[1-9][0-9]* *.stackdump test .test test-instr .test-instr0 .test-instr1 qemu_mode/qemu-2.10.0.tar.bz2 afl-qemu-trace + rm -rf out_dir qemu_mode/qemu-2.10.0 $(MAKE) -C llvm_mode clean $(MAKE) -C libdislocator clean $(MAKE) -C libtokencap clean diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.51b/afl-analyze.c new/afl-2.52b/afl-analyze.c --- old/afl-2.51b/afl-analyze.c 2017-07-17 22:51:38.0 +0200 +++ new/afl-2.52b/afl-analyze.c 2017-11-05 03:26:03.0 +0100 @@ -4,7 +4,7 @@ Written and maintained by Michal Zalewski - Copyright 2016 Google Inc. All rights reserved. + Copyright 2016, 2017 Google Inc. All rights reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -68,6 +68,7 @@ dev_null_fd = -1; /* FD to /dev/null */ static u8 edges_only,/* Ignore hit counts?*/ + use_hex_offsets, /* Show hex offsets? */ use_stdin = 1; /* Use stdin for program input? */ static volatile u8 @@ -486,9 +487,13 @@ /* Every 16 digits, display offset. */ if (!((i + off) % 16)) { - + if (off) SAYF(cRST cLCY ">"); -SAYF(cRST cGRA "%s[%06u] " cRST, (i + off) ? "\n" : "", i + off); + +if (use_hex_offsets) + SAYF(cRST cGRA "%s[%06x] " cRST, (i + off) ? "\n" : "", i + off); +else + SAYF(cRST cGRA "%s[%06u] " cRST, (i + off) ? "\n" : "", i + off); } @@ -512,7 +517,10 @@ #else -SAYF("Offset %u, length %u: ", i, rlen); +if (use_hex_offsets) + SAYF("Offset %x, length %u: ", i, rlen); +else + SAYF("Offset %u, length %u: ", i, rlen); switch (rtype) { @@ -874,6 +882,10 @@ char** new_argv =
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2017-09-04 12:39:06 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Mon Sep 4 12:39:06 2017 rev:38 rq:520490 version:2.51b Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2017-08-01 09:25:15.160768059 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2017-09-04 12:39:09.651552081 +0200 @@ -1,0 +2,12 @@ +Sun Sep 3 12:08:41 UTC 2017 - astie...@suse.com + +- afl 2.51b: + * Make afl-tmin call setsid to prevent glibc traceback junk from +showing up on the terminal +- includes changes form 2.50b: + * Fix a timing corner case + * Address a libtokencap / pthreads incompatibility issue + * Add AFL_FAST_CAL. + * In-place resume now preserves .synced + +--- Old: afl-2.49b.tgz New: afl-2.51b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.e8WNfC/_old 2017-09-04 12:39:11.247327570 +0200 +++ /var/tmp/diff_new_pack.e8WNfC/_new 2017-09-04 12:39:11.247327570 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.49b +Version:2.51b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-2.49b.tgz -> afl-2.51b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.49b/afl-fuzz.c new/afl-2.51b/afl-fuzz.c --- old/afl-2.49b/afl-fuzz.c2017-07-01 03:55:06.0 +0200 +++ new/afl-2.51b/afl-fuzz.c2017-08-20 06:34:26.0 +0200 @@ -120,7 +120,8 @@ qemu_mode, /* Running in QEMU mode?*/ skip_requested,/* Skip request, via SIGUSR1*/ run_over10m, /* Run time over 10 minutes?*/ - persistent_mode; /* Running in persistent mode? */ + persistent_mode, /* Running in persistent mode? */ + fast_cal; /* Try to calibrate faster? */ static s32 out_fd,/* Persistent fd for out_file */ dev_urandom_fd = -1, /* Persistent fd for /dev/urandom */ @@ -2433,11 +2434,14 @@ /* Report outcome to caller. */ - if (child_timed_out) return FAULT_TMOUT; - if (WIFSIGNALED(status) && !stop_soon) { + kill_signal = WTERMSIG(status); + +if (child_timed_out && kill_signal == SIGKILL) return FAULT_TMOUT; + return FAULT_CRASH; + } /* A somewhat nasty hack for MSAN, which doesn't support abort_on_error and @@ -2548,7 +2552,7 @@ q->cal_failed++; stage_name = "calibration"; - stage_max = CAL_CYCLES; + stage_max = fast_cal ? 3 : CAL_CYCLES; /* Make sure the forkserver is up before we do anything, and let's not count its spin-up time toward binary calibration. */ @@ -3200,6 +3204,12 @@ write_to_testcase(mem, len); new_fault = run_target(argv, hang_tmout); +/* A corner case that one user reported bumping into: increasing the + timeout actually uncovers a crash. Make sure we don't discard it if + so. */ + +if (!stop_soon && new_fault == FAULT_CRASH) goto keep_as_crash; + if (stop_soon || new_fault != FAULT_TMOUT) return keeping; } @@ -3224,6 +3234,8 @@ case FAULT_CRASH: +keep_as_crash: + /* This is handled in a manner roughly similar to timeouts, except for slightly different limits and no need to re-run test cases. */ @@ -3689,9 +3701,13 @@ /* Okay, let's get the ball rolling! First, we need to get rid of the entries in /.synced/.../id:*, if any are present. */ - fn = alloc_printf("%s/.synced", out_dir); - if (delete_files(fn, NULL)) goto dir_cleanup_failed; - ck_free(fn); + if (!in_place_resume) { + +fn = alloc_printf("%s/.synced", out_dir); +if (delete_files(fn, NULL)) goto dir_cleanup_failed; +ck_free(fn); + + } /* Next, we need to clean up /queue/.state/ subdirectories: */ @@ -4420,7 +4436,8 @@ } -/* Find first power of two greater or equal to val. */ +/* Find first power of two greater or equal to val (assuming val under + 2^31). */ static u32 next_p2(u32 val) { @@ -7128,7 +7145,10 @@ if (sync_id) { tmp = alloc_printf("%s/.synced/", out_dir); -if (mkdir(tmp, 0700)) PFATAL("Unable to create '%s'", tmp); + +if (mkdir(tmp, 0700) && (!in_place_resume || errno != EEXIST)) + PFATAL("Unable to create '%s'", tmp); + ck_free(tmp); } @@ -7883,8 +7903,9 @@ if (getenv("AFL_NO_FORKSRV"))
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2017-08-01 09:25:13 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Tue Aug 1 09:25:13 2017 rev:37 rq:513056 version:2.49b Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2017-07-26 13:06:34.211302863 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2017-08-01 09:25:15.160768059 +0200 @@ -1,0 +2,5 @@ +Sat Jul 29 23:04:43 UTC 2017 - meiss...@suse.com + +- include docs/README + +--- Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.Tkbelk/_old 2017-08-01 09:25:15.784680130 +0200 +++ /var/tmp/diff_new_pack.Tkbelk/_new 2017-08-01 09:25:15.788679566 +0200 @@ -56,7 +56,7 @@ make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} DESTDIR=%{buildroot} install %files -%doc docs/ChangeLog docs/COPYING README docs/*.txt +%doc docs/ChangeLog docs/COPYING docs/README docs/*.txt %{_bindir}/%{name}-* %dir %{_libexecdir}/%{name} %{_libexecdir}/%{name}/%{name}-as
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2017-07-26 13:06:26 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Wed Jul 26 13:06:26 2017 rev:36 rq:512611 version:2.49b Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2017-07-09 13:04:18.118226739 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2017-07-26 13:06:34.211302863 +0200 @@ -1,0 +2,18 @@ +Wed Jul 26 06:47:03 UTC 2017 - meiss...@suse.com + +- Version 2.49b + - Added AFL_TMIN_EXACT to allow path constraint for crash minimization. + - Added dates for releases (retroactively for all of 2017). +- Version 2.48b + - Added AFL_ALLOW_TMP to permit some scripts to run in /tmp. + - Fixed cwd handling in afl-analyze (similar to the quirk in afl-tmin). + - Made it possible to point -o and -f to the same file in afl-tmin. +- Version 2.47b + - Fixed cwd handling in afl-tmin. Spotted by Jakub Wilk. +- Version 2.46b + - libdislocator now supports AFL_LD_NO_CALLOC_OVER for folks who do not +want to abort on calloc() overflows. + - Made a minor fix to libtokencap. Reported by Daniel Stender. + - Added a small JSON dictionary, inspired on a dictionary done by Jakub Wilk. + +--- Old: afl-2.45b.tgz New: afl-2.49b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.TK7BvP/_old 2017-07-26 13:06:36.798937799 +0200 +++ /var/tmp/diff_new_pack.TK7BvP/_new 2017-07-26 13:06:36.802937235 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.45b +Version:2.49b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-2.45b.tgz -> afl-2.49b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.45b/afl-analyze.c new/afl-2.49b/afl-analyze.c --- old/afl-2.45b/afl-analyze.c 2016-08-03 19:52:58.0 +0200 +++ new/afl-2.49b/afl-analyze.c 2017-07-17 22:51:38.0 +0200 @@ -658,15 +658,15 @@ u8* use_dir = "."; -if (!access(use_dir, R_OK | W_OK | X_OK)) { +if (access(use_dir, R_OK | W_OK | X_OK)) { use_dir = getenv("TMPDIR"); if (!use_dir) use_dir = "/tmp"; - prog_in = alloc_printf("%s/.afl-tmin-temp-%u", use_dir, getpid()); - } +prog_in = alloc_printf("%s/.afl-analyze-temp-%u", use_dir, getpid()); + } /* Set sane defaults... */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.45b/afl-cmin new/afl-2.49b/afl-cmin --- old/afl-2.45b/afl-cmin 2017-01-24 23:00:28.0 +0100 +++ new/afl-2.49b/afl-cmin 2017-07-17 22:44:45.0 +0200 @@ -126,24 +126,28 @@ # Do a sanity check to discourage the use of /tmp, since we can't really # handle this safely from a shell script. -echo "$IN_DIR" | grep -qE '^(/var)?/tmp/' -T1="$?" +if [ "$AFL_ALLOW_TMP" = "" ]; then -echo "$TARGET_BIN" | grep -qE '^(/var)?/tmp/' -T2="$?" + echo "$IN_DIR" | grep -qE '^(/var)?/tmp/' + T1="$?" -echo "$OUT_DIR" | grep -qE '^(/var)?/tmp/' -T3="$?" + echo "$TARGET_BIN" | grep -qE '^(/var)?/tmp/' + T2="$?" -echo "$STDIN_FILE" | grep -qE '^(/var)?/tmp/' -T4="$?" + echo "$OUT_DIR" | grep -qE '^(/var)?/tmp/' + T3="$?" -echo "$PWD" | grep -qE '^(/var)?/tmp/' -T5="$?" + echo "$STDIN_FILE" | grep -qE '^(/var)?/tmp/' + T4="$?" + + echo "$PWD" | grep -qE '^(/var)?/tmp/' + T5="$?" + + if [ "$T1" = "0" -o "$T2" = "0" -o "$T3" = "0" -o "$T4" = "0" -o "$T5" = "0" ]; then +echo "[-] Error: do not use this script in /tmp or /var/tmp." 1>&2 +exit 1 + fi -if [ "$T1" = "0" -o "$T2" = "0" -o "$T3" = "0" -o "$T4" = "0" -o "$T5" = "0" ]; then - echo "[-] Error: do not use this script in /tmp or /var/tmp." 1>&2 - exit 1 fi # If @@ is specified, but there's no -f, let's come up with a temporary input diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.45b/afl-plot new/afl-2.49b/afl-plot --- old/afl-2.45b/afl-plot 2017-02-19 21:22:17.0 +0100 +++ new/afl-2.49b/afl-plot 2017-07-17 22:45:08.0 +0200 @@ -38,16 +38,20 @@ fi -echo "$1" | grep -qE '^(/var)?/tmp/' -T1="$?" +if [ "$AFL_ALLOW_TMP" = "" ]; then -echo "$2" | grep -qE '^(/var)?/tmp/' -T2="$?" + echo "$1" | grep -qE '^(/var)?/tmp/' + T1="$?" -if [ "$T1" = "0" -o "$T2" = "0" ]; then + echo "$2" | grep -qE '^(/var)?/tmp/' + T2="$?" - echo "[-] Error: this script shouldn't be used with shared /tmp directories." 1>&2 - exit 1 + if [ "$T1" = "0" -o "$T2" = "0" ]; then + +echo "[-]
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2017-07-09 13:04:16 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Sun Jul 9 13:04:16 2017 rev:35 rq:508930 version:2.45b Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2017-07-04 09:11:17.918979025 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2017-07-09 13:04:18.118226739 +0200 @@ -1,0 +2,9 @@ +Fri Jul 7 14:59:31 UTC 2017 - meiss...@suse.com + +- update to 2.45b: + - Added strstr, strcasestr support to libtokencap. Contributed by +Daniel Hodson. + - Fixed a resumption offset glitch spotted by Jakub Wilk. + - There are definitely no bugs in afl-showmap -c now. + +--- Old: afl-2.44b.tgz New: afl-2.45b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.gQatZh/_old 2017-07-09 13:04:18.726140976 +0200 +++ /var/tmp/diff_new_pack.gQatZh/_new 2017-07-09 13:04:18.730140412 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.44b +Version:2.45b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-2.44b.tgz -> afl-2.45b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.44b/afl-fuzz.c new/afl-2.45b/afl-fuzz.c --- old/afl-2.44b/afl-fuzz.c2017-06-16 20:01:29.0 +0200 +++ new/afl-2.45b/afl-fuzz.c2017-07-01 03:55:06.0 +0200 @@ -3310,10 +3310,10 @@ i = read(fd, tmp, sizeof(tmp) - 1); (void)i; /* Ignore errors */ close(fd); - off = strstr(tmp, "cur_path : "); + off = strstr(tmp, "cur_path : "); if (!off) return 0; - ret = atoi(off + 17); + ret = atoi(off + 20); if (ret >= queued_paths) ret = 0; return ret; @@ -3401,7 +3401,7 @@ "paths_found : %u\n" "paths_imported: %u\n" "max_depth : %u\n" - "cur_path : %u\n" + "cur_path : %u\n" /* Must match find_start_position() */ "pending_favs : %u\n" "pending_total : %u\n" "variable_paths: %u\n" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.44b/afl-gcc.c new/afl-2.45b/afl-gcc.c --- old/afl-2.44b/afl-gcc.c 2017-01-13 22:10:12.0 +0100 +++ new/afl-2.45b/afl-gcc.c 2017-06-28 19:25:22.0 +0200 @@ -287,6 +287,8 @@ cc_params[cc_par_cnt++] = "-fno-builtin-strcasecmp"; cc_params[cc_par_cnt++] = "-fno-builtin-strncasecmp"; cc_params[cc_par_cnt++] = "-fno-builtin-memcmp"; +cc_params[cc_par_cnt++] = "-fno-builtin-strstr"; +cc_params[cc_par_cnt++] = "-fno-builtin-strcasestr"; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.44b/afl-showmap.c new/afl-2.45b/afl-showmap.c --- old/afl-2.44b/afl-showmap.c 2017-06-28 09:04:47.0 +0200 +++ new/afl-2.45b/afl-showmap.c 2017-07-04 22:46:53.0 +0200 @@ -286,7 +286,7 @@ } -if (keep_cores) r.rlim_max = r.rlim_cur = 0; +if (!keep_cores) r.rlim_max = r.rlim_cur = 0; else r.rlim_max = r.rlim_cur = RLIM_INFINITY; setrlimit(RLIMIT_CORE, ); /* Ignore errors */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.44b/config.h new/afl-2.45b/config.h --- old/afl-2.44b/config.h 2017-06-28 09:14:52.0 +0200 +++ new/afl-2.45b/config.h 2017-07-04 22:47:24.0 +0200 @@ -21,7 +21,7 @@ /* Version string: */ -#define VERSION "2.44b" +#define VERSION "2.45b" /** ** diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.44b/docs/ChangeLog new/afl-2.45b/docs/ChangeLog --- old/afl-2.44b/docs/ChangeLog2017-06-28 09:11:54.0 +0200 +++ new/afl-2.45b/docs/ChangeLog2017-07-04 22:47:17.0 +0200 @@ -17,6 +17,17 @@ to get on with the times. -- +Version 2.45b: +-- + + - Added strstr, strcasestr support to libtokencap. Contributed by +Daniel Hodson. + + - Fixed a resumption offset glitch spotted by Jakub Wilk. + + - There are definitely no bugs in afl-showmap -c now. + +-- Version 2.44b: -- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.44b/docs/README new/afl-2.45b/docs/README
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2017-07-04 09:10:40 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Tue Jul 4 09:10:40 2017 rev:34 rq:507727 version:2.44b Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2017-04-12 17:59:36.698828781 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2017-07-04 09:11:17.918979025 +0200 @@ -1,0 +2,11 @@ +Mon Jul 3 08:08:58 UTC 2017 - astie...@suse.com + +- update to 2.44b: + * Add visual indicator of ASAN / MSAN mode when compiling + * Add support for afl-showmap coredumps (-c) + * Add LD_BIND_NOW=1 for afl-showmap by default + * Added AFL_NO_ARITH to aid in the fuzzing of text-based formats + * Renamed the R() macro to avoid a problem with llvm_mode in the +latest versions of LLVM + +--- Old: afl-2.41b.tgz New: afl-2.44b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.BUdfyk/_old 2017-07-04 09:11:19.290786115 +0200 +++ /var/tmp/diff_new_pack.BUdfyk/_new 2017-07-04 09:11:19.294785553 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.41b +Version:2.44b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 @@ -27,7 +27,6 @@ Source1:afl-rpmlintrc Patch1: afl-1.58b-fix-paths.patch BuildRequires: gcc-c++ -BuildRoot: %{_tmppath}/%{name}-%{version}-build ExclusiveArch: i586 x86_64 %description @@ -57,7 +56,6 @@ make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} DESTDIR=%{buildroot} install %files -%defattr(-,root,root) %doc docs/ChangeLog docs/COPYING README docs/*.txt %{_bindir}/%{name}-* %dir %{_libexecdir}/%{name} ++ afl-2.41b.tgz -> afl-2.44b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.41b/afl-as.c new/afl-2.44b/afl-as.c --- old/afl-2.41b/afl-as.c 2016-02-10 16:53:12.0 +0100 +++ new/afl-2.44b/afl-as.c 2017-06-23 00:46:53.0 +0200 @@ -56,7 +56,8 @@ static u8 be_quiet, /* Quiet mode (no stderr output)*/ clang_mode, /* Running in clang mode? */ pass_thru, /* Just pass data through? */ -just_version; /* Just show version? */ +just_version, /* Just show version? */ +sanitizer; /* Using ASAN / MSAN*/ static u32 inst_ratio = 100, /* Instrumentation probability (%) */ as_par_cnt = 1; /* Number of params to 'as' */ @@ -454,7 +455,8 @@ pass_thru ? " (pass-thru mode)" : ""); else OKF("Instrumented %u locations (%s-bit, %s mode, ratio %u%%).", ins_lines, use_64bit ? "64" : "32", - getenv("AFL_HARDEN") ? "hardened" : "non-hardened", + getenv("AFL_HARDEN") ? "hardened" : + (sanitizer ? "ASAN/MSAN" : "non-hardened"), inst_ratio); } @@ -521,7 +523,10 @@ ASAN-specific branches. But we can probabilistically compensate for that... */ - if (getenv("AFL_USE_ASAN") || getenv("AFL_USE_MSAN")) inst_ratio /= 3; + if (getenv("AFL_USE_ASAN") || getenv("AFL_USE_MSAN")) { +sanitizer = 1; +inst_ratio /= 3; + } if (!just_version) add_instrumentation(); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.41b/afl-fuzz.c new/afl-2.44b/afl-fuzz.c --- old/afl-2.41b/afl-fuzz.c2017-04-12 06:45:34.0 +0200 +++ new/afl-2.44b/afl-fuzz.c2017-06-16 20:01:29.0 +0200 @@ -114,6 +114,7 @@ in_place_resume, /* Attempt in-place resume? */ auto_changed, /* Auto-generated tokens changed? */ no_cpu_meter_red, /* Feng shui on the status screen */ + no_arith, /* Skip most arithmetic ops */ shuffle_queue, /* Shuffle input queue? */ bitmap_changed = 1,/* Time to update bitmap? */ qemu_mode, /* Running in QEMU mode?*/ @@ -4412,7 +4413,7 @@ limit is very expensive, so let's select a more conservative default. */ if (dumb_mode && !getenv("AFL_HANG_TMOUT")) -hang_tmout = exec_tmout * 4; +hang_tmout = MIN(EXEC_TIMEOUT, exec_tmout * 2 + 100); OKF("All set and ready to roll!"); @@ -4546,8
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2017-04-12 17:37:50 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Wed Apr 12 17:37:50 2017 rev:33 rq:487488 version:2.41b Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2017-03-12 20:04:31.585287600 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2017-04-12 17:59:36.698828781 +0200 @@ -1,0 +2,13 @@ +Wed Apr 12 06:25:50 UTC 2017 - meiss...@suse.com + +- update to 2.41b: + - Addressed a major user complaint related to timeout detection. Timing out +inputs are now binned as "hangs" only if they exceed a far more generous +time limit than the one used to reject slow paths. +- update to 2.40b: + - Fixed a minor oversight in the insertion strategy for dictionary words. +Spotted by Andrzej Jackowski. + - Made a small improvement to the havoc block insertion strategy. + - Adjusted color rules for "is it done yet?" indicators. + +--- Old: afl-2.39b.tgz New: afl-2.41b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.Wr9qAq/_old 2017-04-12 17:59:37.206756948 +0200 +++ /var/tmp/diff_new_pack.Wr9qAq/_new 2017-04-12 17:59:37.210756383 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.39b +Version:2.41b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-2.39b.tgz -> afl-2.41b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.39b/afl-fuzz.c new/afl-2.41b/afl-fuzz.c --- old/afl-2.39b/afl-fuzz.c2016-11-27 03:10:23.0 +0100 +++ new/afl-2.41b/afl-fuzz.c2017-04-12 06:45:34.0 +0200 @@ -92,7 +92,9 @@ *orig_cmdline; /* Original command line*/ EXP_ST u32 exec_tmout = EXEC_TIMEOUT; /* Configurable exec timeout (ms) */ -EXP_ST u64 mem_limit = MEM_LIMIT; /* Memory cap for child (MB)*/ +static u32 hang_tmout = EXEC_TIMEOUT; /* Timeout used for hang det (ms) */ + +EXP_ST u64 mem_limit = MEM_LIMIT;/* Memory cap for child (MB)*/ static u32 stats_update_freq = 1; /* Stats update frequency (execs) */ @@ -132,7 +134,7 @@ EXP_ST u8* trace_bits;/* SHM with instrumentation bitmap */ EXP_ST u8 virgin_bits[MAP_SIZE], /* Regions yet untouched by fuzzing */ - virgin_hang[MAP_SIZE], /* Bits we haven't seen in hangs*/ + virgin_tmout[MAP_SIZE],/* Bits we haven't seen in tmouts */ virgin_crash[MAP_SIZE];/* Bits we haven't seen in crashes */ static u8 var_bytes[MAP_SIZE]; /* Bytes that appear to be variable */ @@ -162,7 +164,8 @@ EXP_ST u64 total_crashes, /* Total number of crashes */ unique_crashes,/* Crashes with unique signatures */ - total_hangs, /* Total number of hangs*/ + total_tmouts, /* Total number of timeouts */ + unique_tmouts, /* Timeouts with unique signatures */ unique_hangs, /* Hangs with unique signatures */ total_execs, /* Total execve() calls */ start_time,/* Unix start time (ms) */ @@ -178,7 +181,7 @@ blocks_eff_total, /* Blocks subject to effector maps */ blocks_eff_select; /* Blocks selected as fuzzable */ -static u32 subseq_hangs; /* Number of hangs in a row */ +static u32 subseq_tmouts; /* Number of timeouts in a row */ static u8 *stage_name = "init", /* Name of the current fuzz stage */ *stage_short, /* Short stage name */ @@ -308,7 +311,7 @@ enum { /* 00 */ FAULT_NONE, - /* 01 */ FAULT_HANG, + /* 01 */ FAULT_TMOUT, /* 02 */ FAULT_CRASH, /* 03 */ FAULT_ERROR, /* 04 */ FAULT_NOINST, @@ -1031,7 +1034,7 @@ /* Destructively simplify trace by eliminating hit count information and replacing it with 0x80 or 0x01 depending on whether the tuple - is hit or not. Called on every new crash or hang, should be + is hit or not. Called on every new crash or timeout, should be reasonably fast. */ static const u8 simplify_lookup[256] = { @@ -1122,7 +1125,7 @@ static u16 count_class_lookup16[65536]; -static void init_count_class16(void) { +EXP_ST void init_count_class16(void) { u32 b1, b2; @@ -1339,7 +1342,7 @@
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2017-03-12 20:04:31 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Sun Mar 12 20:04:31 2017 rev:32 rq:477897 version:2.39b Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2017-02-13 07:49:36.594041732 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2017-03-12 20:04:31.585287600 +0100 @@ -1,0 +2,6 @@ +Wed Mar 8 20:52:05 UTC 2017 - sfal...@opensuse.org + +- Changed %doc line, to clear buildfailure in openSUSE:Factory + Due to unpackaged files + +--- Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.Dv7LrV/_old 2017-03-12 20:04:32.329182336 +0100 +++ /var/tmp/diff_new_pack.Dv7LrV/_new 2017-03-12 20:04:32.333181771 +0100 @@ -58,7 +58,7 @@ %files %defattr(-,root,root) -%doc docs/COPYING +%doc docs/ChangeLog docs/COPYING README docs/*.txt %{_bindir}/%{name}-* %dir %{_libexecdir}/%{name} %{_libexecdir}/%{name}/%{name}-as
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2017-02-13 07:49:35 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2016-10-23 12:51:53.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2017-02-13 07:49:36.594041732 +0100 @@ -1,0 +2,25 @@ +Fri Feb 10 12:09:01 UTC 2017 - meiss...@suse.com + +- update to 2.39b: + - Improved error reporting in afl-cmin. Suggested by floyd. + - Made a minor tweak to trace-pc-guard support. Suggested by kcc. + - Added a mention of afl-monitor. + +--- +Mon Jan 30 14:21:37 UTC 2017 - astie...@suse.com + +- update to 2.38b: + * Added -mllvm -sanitizer-coverage-block-threshold=0 to +trace-pc-guard mode + * Fixed a cosmetic bad free() bug when aborting -S sessions + * Made a small change to afl-whatsup to sort fuzzers by name. + * Fixed a minor issue with malloc(0) in libdislocator + * Changed the clobber pattern in libdislocator to a slightly more +reliable one + * Added a note about THP performance + * Added a somewhat unofficial support for running afl-tmin with a +baseline "mask" that causes it to minimize only for edges that +are unique to the input file, but not to the "boring" baseline. + * "Fixed" a getPassName() problem with never versions of clang. + +--- Old: afl-2.35b.tgz New: afl-2.39b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.QsW2PF/_old 2017-02-13 07:49:37.757875568 +0100 +++ /var/tmp/diff_new_pack.QsW2PF/_new 2017-02-13 07:49:37.761874996 +0100 @@ -1,7 +1,7 @@ # # spec file for package afl # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: afl -Version:2.35b +Version:2.39b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-2.35b.tgz -> afl-2.39b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.35b/Makefile new/afl-2.39b/Makefile --- old/afl-2.35b/Makefile 2016-08-07 09:03:02.0 +0200 +++ new/afl-2.39b/Makefile 2017-01-15 02:50:54.0 +0100 @@ -123,7 +123,11 @@ install -m 755 $(PROGS) $(SH_PROGS) $${DESTDIR}$(BIN_PATH) rm -f $${DESTDIR}$(BIN_PATH)/afl-as if [ -f afl-qemu-trace ]; then install -m 755 afl-qemu-trace $${DESTDIR}$(BIN_PATH); fi +ifndef AFL_TRACE_PC if [ -f afl-clang-fast -a -f afl-llvm-pass.so -a -f afl-llvm-rt.o ]; then set -e; install -m 755 afl-clang-fast $${DESTDIR}$(BIN_PATH); ln -sf afl-clang-fast $${DESTDIR}$(BIN_PATH)/afl-clang-fast++; install -m 755 afl-llvm-pass.so afl-llvm-rt.o $${DESTDIR}$(HELPER_PATH); fi +else + if [ -f afl-clang-fast -a -f afl-llvm-rt.o ]; then set -e; install -m 755 afl-clang-fast $${DESTDIR}$(BIN_PATH); ln -sf afl-clang-fast $${DESTDIR}$(BIN_PATH)/afl-clang-fast++; install -m 755 afl-llvm-rt.o $${DESTDIR}$(HELPER_PATH); fi +endif if [ -f afl-llvm-rt-32.o ]; then set -e; install -m 755 afl-llvm-rt-32.o $${DESTDIR}$(HELPER_PATH); fi if [ -f afl-llvm-rt-64.o ]; then set -e; install -m 755 afl-llvm-rt-64.o $${DESTDIR}$(HELPER_PATH); fi set -e; for i in afl-g++ afl-clang afl-clang++; do ln -sf afl-gcc $${DESTDIR}$(BIN_PATH)/$$i; done diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.35b/afl-cmin new/afl-2.39b/afl-cmin --- old/afl-2.35b/afl-cmin 2015-09-11 19:20:46.0 +0200 +++ new/afl-2.39b/afl-cmin 2017-01-24 23:00:28.0 +0100 @@ -240,13 +240,23 @@ IN_COUNT=$((`ls -- "$IN_DIR" 2>/dev/null | wc -l`)) if [ "$IN_COUNT" = "0" ]; then - echo "No inputs in the target directory - nothing to be done." + echo "[+] Hmm, no inputs in the target directory. Nothing to be done." rm -rf "$TRACE_DIR" exit 1 fi FIRST_FILE=`ls "$IN_DIR" | head -1` +# Make sure that we're not dealing with a directory. + +if [ -d "$IN_DIR/$FIRST_FILE" ]; then + echo "[-] Error: The target directory contains subdirectories - please fix." 1>&2 + rm -rf "$TRACE_DIR" + exit 1 +fi + +# Check for the more efficient way to copy files... + if ln "$IN_DIR/$FIRST_FILE" "$TRACE_DIR/.link_test" 2>/dev/null; then CP_TOOL=ln else
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2016-10-23 12:51:46 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2016-08-29 15:39:46.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2016-10-23 12:51:53.0 +0200 @@ -1,0 +2,15 @@ +Wed Oct 19 20:05:42 UTC 2016 - mplus...@suse.com + +- Update to version 2.35b: + * Fixed a minor cmdline reporting glitch, spotted by Leo Barnes. + * Fixed a silly bug in libdislocator. Spotted by Johannes Schultz. +- Changes for version 2.34b: + * Added a note about afl-tmin to technical_details.txt. + * Added support for AFL_NO_UI, as suggested by Leo Barnes. +- Changes for version 2.33b: + * Added code to strip -Wl,-z,defs and -Wl,--no-undefined for +fl-clang-fast, since they interfere with -shared. Spotted and +iagnosed by Toby Hutton. + * Added some fuzzing tips for Android. + +--- Old: afl-2.32b.tgz New: afl-2.35b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.kZd3jQ/_old 2016-10-23 12:51:55.0 +0200 +++ /var/tmp/diff_new_pack.kZd3jQ/_new 2016-10-23 12:51:55.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.32b +Version:2.35b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 @@ -31,9 +31,19 @@ ExclusiveArch: i586 x86_64 %description -American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary. This substantially improves the functional coverage for the fuzzed code. The compact synthesized corpora produced by the tool are also useful for seeding other, more labor- or resource-intensive testing regimes down the road. - -Compared to other instrumented fuzzers, afl-fuzz is designed to be practical: it has modest performance overhead, uses a variety of highly effective fuzzing strategies and effort minimization tricks, requires essentially no configuration, and seamlessly handles complex, real-world use cases - say, common image parsing or file compression libraries. +American fuzzy lop is a security-oriented fuzzer that employs a novel type +of compile-time instrumentation and genetic algorithms to automatically +discover clean, interesting test cases that trigger new internal states in +the targeted binary. This substantially improves the functional coverage +for the fuzzed code. The compact synthesized corpora produced by the tool +are also useful for seeding other, more labor- or resource-intensive +testing regimes down the road. + +Compared to other instrumented fuzzers, afl-fuzz is designed to be +practical: it has modest performance overhead, uses a variety of highly +effective fuzzing strategies and effort minimization tricks, requires +essentially no configuration, and seamlessly handles complex, real-world +use cases - say, common image parsing or file compression libraries. %prep %setup -q @@ -56,7 +66,7 @@ %dir %{_datadir}/%{name} %dir %{_datadir}/%{name}/testcases %{_datadir}/%{name}/testcases/* -%dir /usr/share/afl/dictionaries/ -/usr/share/afl/dictionaries/* +%dir %{_datadir}/afl/dictionaries/ +%{_datadir}/afl/dictionaries/* %changelog ++ afl-2.32b.tgz -> afl-2.35b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.32b/afl-fuzz.c new/afl-2.35b/afl-fuzz.c --- old/afl-2.32b/afl-fuzz.c2016-08-20 08:40:05.0 +0200 +++ new/afl-2.35b/afl-fuzz.c2016-09-20 04:38:39.0 +0200 @@ -4924,8 +4924,11 @@ #endif /* ^IGNORE_FINDS */ - if (not_on_tty) -ACTF("Fuzzing test case #%u (%u total)...", current_entry, queued_paths); + if (not_on_tty) { +ACTF("Fuzzing test case #%u (%u total, %llu uniq crashes found)...", + current_entry, queued_paths, unique_crashes); +fflush(stdout); + } /* Map the test case into memory. */ @@ -6922,6 +6925,12 @@ struct winsize ws; + if (getenv("AFL_NO_UI")) { +OKF("Disabling the UI because AFL_NO_UI is set."); +not_on_tty = 1; +return; + } + if (ioctl(1, TIOCGWINSZ, )) { if (errno == ENOTTY) { @@ -7652,7 +7661,7 @@ u8* c; if (sync_id) FATAL("Multiple -S or -M options not supported"); - sync_id = optarg; + sync_id = ck_strdup(optarg); if ((c = strchr(sync_id, ':'))) { @@
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2016-08-29 15:35:48 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2016-07-28 23:46:41.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2016-08-29 15:39:46.0 +0200 @@ -1,0 +2,63 @@ +Thu Aug 25 12:45:55 UTC 2016 - meiss...@suse.com + +- Version 2.32b: + - Added a check for AFL_HARDEN combined with AFL_USE_*SAN. Suggested by Hanno Boeck. + - Made several other cosmetic adjustments to cycle timing in the wake of the big tweak made in 2.31b. + +- Version 2.31b: + - Changed havoc cycle counts for a marked performance boost, especially +with -S / -d. See the discussion of FidgetyAFL in: + +https://groups.google.com/forum/#!topic/afl-users/fOPeb62FZUg + +While this does not implement the approach proposed by the authors of +the CCS paper, the solution is a result of digging into that research; +more improvements may follow as I do more experiments and get more +definitive data. +- Version 2.30b: + - Made minor improvements to persistent mode to avoid the remote +possibility of "no instrumentation detected" issues with very low +instrumentation densities. + - Fixed a minor glitch with a leftover process in persistent mode. +Reported by Jakub Wilk and Daniel Stender. + - Made persistent mode bitmaps a bit more consistent and adjusted the way +this is shown in the UI, especially in persistent mode. + +- Version 2.29b: + - Made a minor #include fix to llvm_mode. Suggested by Jonathan Metzman. + - Made cosmetic updates to the docs. +- Version 2.28b: + - Added "life pro tips" to docs/. + - Moved testcases/_extras/ to dictionaries/ for visibility. + - Made minor improvements to install scripts. + - Added an important safety tip. +- Version 2.27b: + - Added libtokencap, a simple feature to intercept strcmp / memcmp and +generate dictionary entries that can help extend coverage. + - Moved libdislocator to its own dir, added README. + - The demo in experimental/instrumented_cmp is no more. +- Version 2.26b: + - Made a fix for libdislocator.so to compile on MacOS X. + - Added support for DYLD_INSERT_LIBRARIES. + - Renamed AFL_LD_PRELOAD to AFL_PRELOAD. +- Version 2.25b: + - Made some cosmetic updates to libdislocator.so, renamed one env +variable. +- Version 2.24b: + - Added libdislocator.so, an experimental, abusive allocator. Try +it out with AFL_LD_PRELOAD=/path/to/libdislocator.so when running +afl-fuzz. +- Version 2.23b: + - Improved the stability metric for persistent mode binaries. Problem +spotted by Kurt Roeckx. + - Made a related improvement that may bring the metric to 100% for those +targets. +- Version 2.22b: + - Mentioned the potential conflicts between MSAN / ASAN and FORTIFY_SOURCE. +There is no automated check for this, since some distros may implicitly +set FORTIFY_SOURCE outside of the compiler's argv[]. + - Populated the support for AFL_LD_PRELOAD to all companion tools. + - Made a change to the handling of ./afl-clang-fast -v. Spotted by +Jan Kneschke. + +--- Old: afl-2.21b.tgz New: afl-2.32b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.apSISK/_old 2016-08-29 15:39:55.0 +0200 +++ /var/tmp/diff_new_pack.apSISK/_new 2016-08-29 15:39:55.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.21b +Version:2.32b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 @@ -56,5 +56,7 @@ %dir %{_datadir}/%{name} %dir %{_datadir}/%{name}/testcases %{_datadir}/%{name}/testcases/* +%dir /usr/share/afl/dictionaries/ +/usr/share/afl/dictionaries/* %changelog ++ afl-1.58b-fix-paths.patch ++ --- /var/tmp/diff_new_pack.apSISK/_old 2016-08-29 15:39:55.0 +0200 +++ /var/tmp/diff_new_pack.apSISK/_new 2016-08-29 15:39:55.0 +0200 @@ -2,11 +2,11 @@ Makefile |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -Index: afl-2.05b/Makefile +Index: afl-2.32b/Makefile === afl-2.05b.orig/Makefile -+++ afl-2.05b/Makefile -@@ -18,8 +18,8 @@ VERSION = 2.05b +--- afl-2.32b.orig/Makefile afl-2.32b/Makefile +@@ -18,8 +18,8 @@ VERSION = $(shell grep '^\#define VE PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -16,4 +16,4 @@ +DOC_PATH= $(DOC_DIR)/afl MISC_PATH = $(PREFIX)/share/afl
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2016-07-28 23:46:39 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2016-07-01 09:59:30.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2016-07-28 23:46:41.0 +0200 @@ -1,0 +2,15 @@ +Sat Jul 23 19:10:30 UTC 2016 - astie...@suse.com + +- afl 2.21b: + * Minor UI fixes +- includes changes from 2.20b: + * Revamp handling of variable paths + * Stablility improvements + * Include current input bitmap density in UI + * Add experimental support for parallelizing -M. +- includes changes from 2.19b: + * Ensure auto CPU binding happens at non-overlapping times +- includes changes from 2.18b + * Performance improvements + +--- Old: afl-2.17b.tgz New: afl-2.21b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.oASzMh/_old 2016-07-28 23:46:42.0 +0200 +++ /var/tmp/diff_new_pack.oASzMh/_new 2016-07-28 23:46:42.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.17b +Version:2.21b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-2.17b.tgz -> afl-2.21b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.17b/afl-as.h new/afl-2.21b/afl-as.h --- old/afl-2.17b/afl-as.h 2016-06-21 06:44:52.0 +0200 +++ new/afl-2.21b/afl-as.h 2016-07-04 22:08:29.0 +0200 @@ -98,7 +98,7 @@ of every .c file. This should have no impact in any practical sense. Another side effect of this design is that getenv() will be called once per - every .o file when running in non-instrumented mode; an since getenv() tends + every .o file when running in non-instrumented mode; and since getenv() tends to be optimized in funny ways, we need to be very careful to save every oddball register it may touch. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.17b/afl-fuzz.c new/afl-2.21b/afl-fuzz.c --- old/afl-2.17b/afl-fuzz.c2016-06-28 07:22:19.0 +0200 +++ new/afl-2.21b/afl-fuzz.c2016-07-23 01:21:04.0 +0200 @@ -112,12 +112,12 @@ in_place_resume, /* Attempt in-place resume? */ auto_changed, /* Auto-generated tokens changed? */ no_cpu_meter_red, /* Feng shui on the status screen */ - no_var_check, /* Don't detect variable behavior */ shuffle_queue, /* Shuffle input queue? */ bitmap_changed = 1,/* Time to update bitmap? */ qemu_mode, /* Running in QEMU mode?*/ skip_requested,/* Skip request, via SIGUSR1*/ - run_over10m; /* Run time over 10 minutes?*/ + run_over10m, /* Run time over 10 minutes?*/ + persistent_mode; /* Running in persistent mode? */ static s32 out_fd,/* Persistent fd for out_file */ dev_urandom_fd = -1, /* Persistent fd for /dev/urandom */ @@ -135,6 +135,8 @@ virgin_hang[MAP_SIZE], /* Bits we haven't seen in hangs*/ virgin_crash[MAP_SIZE];/* Bits we haven't seen in crashes */ +static u8 var_bytes[MAP_SIZE]; /* Bytes that appear to be variable */ + static s32 shm_id;/* ID of the SHM region */ static volatile u8 stop_soon, /* Ctrl-C pressed? */ @@ -154,6 +156,7 @@ cur_depth, /* Current path depth */ max_depth, /* Max path depth */ useless_at_start, /* Number of useless starting paths */ + var_byte_count,/* Bitmap bytes with var behavior */ current_entry, /* Current queue entry ID */ havoc_div = 1; /* Cycle count divisor for havoc*/ @@ -166,6 +169,7 @@ last_path_time,/* Time for most recent path (ms) */ last_crash_time, /* Time for most recent crash (ms) */ last_hang_time,/* Time for most recent hang (ms) */ + last_crash_execs, /* Exec counter at last crash */ queue_cycle,
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2016-07-01 09:59:29 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2016-06-19 10:49:35.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2016-07-01 09:59:30.0 +0200 @@ -1,0 +2,7 @@ +Tue Jun 28 06:26:03 UTC 2016 - astie...@suse.com + +- afl 2.17b: + * Remove error-prone and manual -Z option + * automatically bind to the first free core + +--- Old: afl-2.14b.tgz New: afl-2.17b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.VM0fOM/_old 2016-07-01 09:59:31.0 +0200 +++ /var/tmp/diff_new_pack.VM0fOM/_new 2016-07-01 09:59:31.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.14b +Version:2.17b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-2.14b.tgz -> afl-2.17b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.14b/Makefile new/afl-2.17b/Makefile --- old/afl-2.14b/Makefile 2016-06-07 08:45:45.0 +0200 +++ new/afl-2.17b/Makefile 2016-06-24 04:35:35.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 2.14b +VERSION = $(shell grep '^\#define VERSION ' config.h | cut -d '"' -f2) PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -30,7 +30,7 @@ CFLAGS ?= -O3 -funroll-loops CFLAGS += -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign \ -DAFL_PATH=\"$(HELPER_PATH)\" -DDOC_PATH=\"$(DOC_PATH)\" \ - -DBIN_PATH=\"$(BIN_PATH)\" -DVERSION=\"$(VERSION)\" + -DBIN_PATH=\"$(BIN_PATH)\" ifneq "$(filter Linux GNU%,$(shell uname))" "" LDFLAGS += -ldl @@ -66,7 +66,7 @@ set -e; for i in afl-g++ afl-clang afl-clang++; do ln -sf afl-gcc $$i; done afl-as: afl-as.c afl-as.h $(COMM_HDR) | test_x86 - $(CC) $(CFLAGS) $@.c -o $@ $(LDFLAGS) + $(CC) $(CFLAGS) $@.c -o $@ $(LDFLAGS) ln -sf afl-as as afl-fuzz: afl-fuzz.c $(COMM_HDR) | test_x86 @@ -132,7 +132,7 @@ publish: clean test "`basename $$PWD`" = "afl" || exit 1 - test -f ~/www/afl/releases/$(PROGNAME)-$(VERSION).tgz; if [ "$$?" = "0" ]; then echo; echo "Change program version in Makefile, mmkay?"; echo; exit 1; fi + test -f ~/www/afl/releases/$(PROGNAME)-$(VERSION).tgz; if [ "$$?" = "0" ]; then echo; echo "Change program version in config.h, mmkay?"; echo; exit 1; fi cd ..; rm -rf $(PROGNAME)-$(VERSION); cp -pr $(PROGNAME) $(PROGNAME)-$(VERSION); \ tar -cvz -f ~/www/afl/releases/$(PROGNAME)-$(VERSION).tgz $(PROGNAME)-$(VERSION) chmod 644 ~/www/afl/releases/$(PROGNAME)-$(VERSION).tgz diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.14b/afl-analyze.c new/afl-2.17b/afl-analyze.c --- old/afl-2.14b/afl-analyze.c 2016-02-21 06:41:47.0 +0100 +++ new/afl-2.17b/afl-analyze.c 2016-06-28 07:23:28.0 +0200 @@ -89,21 +89,17 @@ /* Classify tuple counts. This is a slow & naive version, but good enough here. */ -#define AREP4(_sym) (_sym), (_sym), (_sym), (_sym) -#define AREP8(_sym) AREP4(_sym), AREP4(_sym) -#define AREP16(_sym) AREP8(_sym), AREP8(_sym) -#define AREP32(_sym) AREP16(_sym), AREP16(_sym) -#define AREP64(_sym) AREP32(_sym), AREP32(_sym) -#define AREP128(_sym) AREP64(_sym), AREP64(_sym) - static u8 count_class_lookup[256] = { - /* 0 - 3: 4 */ 0, 1, 2, 4, - /* 4 - 7: +4 */ AREP4(8), - /* 8 - 15: +8 */ AREP8(16), - /* 16 - 31: +16 */ AREP16(32), - /* 32 - 127: +96 */ AREP64(64), AREP32(64), - /* 128+: +128 */ AREP128(128) + [0] = 0, + [1] = 1, + [2] = 2, + [3] = 4, + [4 ... 7] = 8, + [8 ... 15]= 16, + [16 ... 31] = 32, + [32 ... 127] = 64, + [128 ... 255] = 128 }; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.14b/afl-as.h new/afl-2.17b/afl-as.h --- old/afl-2.14b/afl-as.h 2015-11-03 05:29:51.0 +0100 +++ new/afl-2.17b/afl-as.h 2016-06-21 06:44:52.0 +0200 @@ -181,7 +181,9 @@ " xorl %ecx, %edi\n" " shrl $1, %ecx\n" " movl %ecx, __afl_prev_loc\n" -#endif /* !COVERAGE_ONLY */ +#else + " movl %ecx, %edi\n" +#endif /* ^!COVERAGE_ONLY */ "\n" #ifdef SKIP_COUNTS " orb $1, (%edx, %edi, 1)\n" diff -urN '--exclude=CVS' '--exclude=.cvsignore'
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2016-06-19 10:49:33 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2016-06-02 09:38:51.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2016-06-19 10:49:35.0 +0200 @@ -1,0 +2,8 @@ +Wed Jun 15 18:26:54 UTC 2016 - astie...@suse.com + +- afl 2.14b: + - Added FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION as a macro +defined when compiling with afl-gcc and friends + - Refreshed some of the non-x86 docs. + +--- Old: afl-2.13b.tgz New: afl-2.14b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.3zHLfB/_old 2016-06-19 10:49:36.0 +0200 +++ /var/tmp/diff_new_pack.3zHLfB/_new 2016-06-19 10:49:36.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.13b +Version:2.14b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-2.13b.tgz -> afl-2.14b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.13b/Makefile new/afl-2.14b/Makefile --- old/afl-2.13b/Makefile 2016-05-14 19:43:15.0 +0200 +++ new/afl-2.14b/Makefile 2016-06-07 08:45:45.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 2.13b +VERSION = 2.14b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -50,7 +50,7 @@ test_x86: @echo "[*] Checking for the ability to compile x86 code..." - @echo 'main() { __asm__("xorb %al, %al"); }' | $(CC) -w -x c - -o .test || ( echo; echo "Oops, looks like your compiler can't generate x86 code."; echo; echo "You can still try using the LLVM or QEMU mode, but see docs/INSTALL first."; echo "To ignore this error, set AFL_NO_X86=1."; echo; exit 1 ) + @echo 'main() { __asm__("xorb %al, %al"); }' | $(CC) -w -x c - -o .test || ( echo; echo "Oops, looks like your compiler can't generate x86 code."; echo; echo "Don't panic! You can use the LLVM or QEMU mode, but see docs/INSTALL first."; echo "(To ignore this error, set AFL_NO_X86=1 and try again.)"; echo; exit 1 ) @rm -f .test @echo "[+] Everything seems to be working, ready to compile." diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.13b/afl-gcc.c new/afl-2.14b/afl-gcc.c --- old/afl-2.13b/afl-gcc.c 2016-03-05 01:08:50.0 +0100 +++ new/afl-2.14b/afl-gcc.c 2016-06-07 20:07:28.0 +0200 @@ -262,7 +262,12 @@ cc_params[cc_par_cnt++] = "-O3"; cc_params[cc_par_cnt++] = "-funroll-loops"; + +/* Two indicators that you're building for fuzzing; one of them is + AFL-specific, the other is shared with libfuzzer. */ + cc_params[cc_par_cnt++] = "-D__AFL_COMPILER=1"; +cc_params[cc_par_cnt++] = "-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION=1"; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.13b/afl-tmin.c new/afl-2.14b/afl-tmin.c --- old/afl-2.13b/afl-tmin.c2016-05-02 21:54:46.0 +0200 +++ new/afl-2.14b/afl-tmin.c2016-05-29 23:42:29.0 +0200 @@ -15,7 +15,7 @@ A simple test case minimizer that takes an input file and tries to remove as much data as possible while keeping the binary in a crashing state *or* producing consistent instrumentation output (the mode is auto-selected - based on initially observed behavior). + based on the initially observed behavior). */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.13b/docs/ChangeLog new/afl-2.14b/docs/ChangeLog --- old/afl-2.13b/docs/ChangeLog2016-05-15 17:31:07.0 +0200 +++ new/afl-2.14b/docs/ChangeLog2016-06-07 20:06:05.0 +0200 @@ -17,6 +17,15 @@ to get on with the times. -- +Version 2.14b: +-- + + - Added FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION as a macro defined when +compiling with afl-gcc and friends. Suggested by Kostya Serebryany. + + - Refreshed some of the non-x86 docs. + +-- Version 2.13b: -- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.13b/docs/INSTALL new/afl-2.14b/docs/INSTALL --- old/afl-2.13b/docs/INSTALL 2016-02-20 21:10:50.0 +0100 +++ new/afl-2.14b/docs/INSTALL 2016-06-07 20:17:00.0 +0200 @@ -105,12 +105,19 @@ leverage two other options: - The
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2016-06-02 09:38:50 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2016-05-05 08:12:46.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2016-06-02 09:38:51.0 +0200 @@ -1,0 +2,11 @@ +Tue May 31 11:18:02 UTC 2016 - astie...@suse.com + +- afl 2.13b: + * Fixed a spurious build test error with trace-pc and +llvm_mode/Makefile. + * Fixed a cosmetic issue with afl-whatsup +- includes changes from 2.12b + * Fixed a minor issue in afl-tmin that can make alphabet +minimization less efficient during passes > 1 + +--- Old: afl-2.11b.tgz New: afl-2.13b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.Wd39pn/_old 2016-06-02 09:38:52.0 +0200 +++ /var/tmp/diff_new_pack.Wd39pn/_new 2016-06-02 09:38:52.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.11b +Version:2.13b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-2.11b.tgz -> afl-2.13b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.11b/Makefile new/afl-2.13b/Makefile --- old/afl-2.11b/Makefile 2016-04-27 20:55:27.0 +0200 +++ new/afl-2.13b/Makefile 2016-05-14 19:43:15.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 2.11b +VERSION = 2.13b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.11b/afl-fuzz.c new/afl-2.13b/afl-fuzz.c --- old/afl-2.11b/afl-fuzz.c2016-04-08 20:37:29.0 +0200 +++ new/afl-2.13b/afl-fuzz.c2016-05-07 01:23:31.0 +0200 @@ -7034,9 +7034,9 @@ SAYF("\n" cLRD "[-] " cRST "Hmm, your system is configured to send core dump notifications to an\n" - "external utility. This will cause issues due to an extended delay\n" - "between the fuzzed binary malfunctioning and this information being\n" - "eventually relayed to the fuzzer via the standard waitpid() API.\n\n" + "external utility. This will cause issues: there will be an extended delay\n" + "between stumbling upon a crash and having this information relayed to the\n" + "fuzzer via the standard waitpid() API.\n\n" "To avoid having crashes misinterpreted as hangs, please log in as root\n" "and temporarily modify /proc/sys/kernel/core_pattern, like so:\n\n" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.11b/afl-showmap.c new/afl-2.13b/afl-showmap.c --- old/afl-2.11b/afl-showmap.c 2016-02-21 06:41:24.0 +0100 +++ new/afl-2.13b/afl-showmap.c 2016-05-04 03:28:27.0 +0200 @@ -157,11 +157,16 @@ u8 cco = !!getenv("AFL_CMIN_CRASHES_ONLY"), caa = !!getenv("AFL_CMIN_ALLOW_ANY"); - if (!strncmp(out_file,"/dev/", 5)) { + if (!strncmp(out_file, "/dev/", 5)) { fd = open(out_file, O_WRONLY, 0600); if (fd < 0) PFATAL("Unable to open '%s'", out_file); + } else if (!strcmp(out_file, "-")) { + +fd = dup(1); +if (fd < 0) PFATAL("Unable to open stdout"); + } else { unlink(out_file); /* Ignore errors */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.11b/afl-tmin.c new/afl-2.13b/afl-tmin.c --- old/afl-2.11b/afl-tmin.c2016-02-21 06:41:01.0 +0100 +++ new/afl-2.13b/afl-tmin.c2016-05-02 21:54:46.0 +0200 @@ -533,7 +533,7 @@ alpha_del1 = 0; syms_removed = 0; - memset(alpha_map, 0, 256); + memset(alpha_map, 0, 256 * sizeof(u32)); for (i = 0; i < in_len; i++) { if (!alpha_map[in_data[i]]) alpha_size++; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.11b/afl-whatsup new/afl-2.13b/afl-whatsup --- old/afl-2.11b/afl-whatsup 2015-04-08 07:33:24.0 +0200 +++ new/afl-2.13b/afl-whatsup 2016-05-15 17:30:06.0 +0200 @@ -61,6 +61,7 @@ TOTAL_TIME=0 TOTAL_EXECS=0 +TOTAL_EPS=0 TOTAL_CRASHES=0 TOTAL_PFAV=0 TOTAL_PENDING=0 @@ -105,15 +106,16 @@ ALIVE_CNT=$((ALIVE_CNT + 1)) + EXEC_SEC=$((execs_done / RUN_UNIX)) + PATH_PERC=$((cur_path * 100 / paths_total)) + TOTAL_TIME=$((TOTAL_TIME + RUN_UNIX)) + TOTAL_EPS=$((TOTAL_EPS + EXEC_SEC)) TOTAL_EXECS=$((TOTAL_EXECS +
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2016-05-05 08:12:45 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2016-04-28 16:57:13.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2016-05-05 08:12:46.0 +0200 @@ -1,0 +2,9 @@ +Mon May 2 11:02:02 UTC 2016 - astie...@suse.com + +- afl 2.11b: + - Fixed a minor typo in instrumented_cmp + - Added a missing size check for deterministic insertion steps. + - Made an improvement to afl-gotcpu when -Z not used. + - Fixed a typo in post_library_png.so.c in experimental/ + +--- Old: afl-2.10b.tgz New: afl-2.11b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.xmdDHW/_old 2016-05-05 08:12:47.0 +0200 +++ /var/tmp/diff_new_pack.xmdDHW/_new 2016-05-05 08:12:47.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.10b +Version:2.11b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-2.10b.tgz -> afl-2.11b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.10b/Makefile new/afl-2.11b/Makefile --- old/afl-2.10b/Makefile 2016-03-31 05:06:26.0 +0200 +++ new/afl-2.11b/Makefile 2016-04-27 20:55:27.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 2.10b +VERSION = 2.11b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.10b/afl-fuzz.c new/afl-2.11b/afl-fuzz.c --- old/afl-2.10b/afl-fuzz.c2016-03-31 05:02:35.0 +0200 +++ new/afl-2.11b/afl-fuzz.c2016-04-08 20:37:29.0 +0200 @@ -5750,6 +5750,11 @@ for (j = 0; j < extras_cnt; j++) { + if (len + extras[j].len > MAX_FILE) { +stage_max--; +continue; + } + /* Insert token */ memcpy(ex_tmp + i, extras[j].data, extras[j].len); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.10b/afl-gotcpu.c new/afl-2.11b/afl-gotcpu.c --- old/afl-2.10b/afl-gotcpu.c 2016-03-08 08:09:26.0 +0100 +++ new/afl-2.11b/afl-gotcpu.c 2016-04-28 00:31:44.0 +0200 @@ -37,6 +37,7 @@ #include #include #include +#include #include "types.h" #include "debug.h" @@ -125,41 +126,57 @@ SAYF(cCYA "afl-gotcpu " cBRI VERSION cRST " by\n"); ACTF("Measuring per-core preemption rate (this will take %0.02f sec)...", - ((double)CTEST_CORE_TRG_MS) * cpu_cnt / 1000); + ((double)CTEST_CORE_TRG_MS) / 1000); for (i = 0; i < cpu_cnt; i++) { -cpu_set_t c; -u32 util_perc; +s32 fr = fork(); -CPU_ZERO(); -CPU_SET(i, ); +if (fr < 0) PFATAL("fork failed"); -if (sched_setaffinity(0, sizeof(c), )) - PFATAL("sched_setaffinity failed"); +if (!fr) { -util_perc = measure_preemption(CTEST_CORE_TRG_MS); + cpu_set_t c; + u32 util_perc; -if (util_perc < 105) { + CPU_ZERO(); + CPU_SET(i, ); - SAYF("Core #%u: " cLGN "AVAILABLE\n" cRST, i); - maybe_cpus++; - idle_cpus++; + if (sched_setaffinity(0, sizeof(c), )) +PFATAL("sched_setaffinity failed"); -} else if (util_perc < 130) { + util_perc = measure_preemption(CTEST_CORE_TRG_MS); - SAYF("Core #%u: " cYEL "CAUTION " cRST "(%u%%)\n", i, util_perc); - maybe_cpus++; + if (util_perc < 110) { -} else { +SAYF("Core #%u: " cLGN "AVAILABLE\n" cRST, i); +exit(0); + + } else if (util_perc < 250) { + +SAYF("Core #%u: " cYEL "CAUTION " cRST "(%u%%)\n", i, util_perc); +exit(1); + + } SAYF("Core #%u: " cLRD "OVERBOOKED " cRST "(%u%%)\n" cRST, i, util_perc); + exit(2); } } + for (i = 0; i < cpu_cnt; i++) { + +int ret; +if (waitpid(-1, , 0) < 0) PFATAL("waitpid failed"); + +if (WEXITSTATUS(ret) == 0) idle_cpus++; +if (WEXITSTATUS(ret) <= 1) maybe_cpus++; + + } + SAYF(cGRA "\n>>> "); if (idle_cpus) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.10b/docs/ChangeLog new/afl-2.11b/docs/ChangeLog --- old/afl-2.10b/docs/ChangeLog2016-03-31 05:06:13.0 +0200 +++ new/afl-2.11b/docs/ChangeLog2016-04-27 22:44:07.0 +0200 @@ -17,6 +17,19 @@ to get on with the
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2016-04-28 16:54:21 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2016-03-31 13:03:14.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2016-04-28 16:57:13.0 +0200 @@ -1,0 +2,6 @@ +Sat Apr 16 15:12:46 UTC 2016 - astie...@suse.com + +- afl 2.10b: + * Fix a minor core counting glitch + +--- Old: afl-2.09b.tgz New: afl-2.10b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.2u2OFS/_old 2016-04-28 16:57:15.0 +0200 +++ /var/tmp/diff_new_pack.2u2OFS/_new 2016-04-28 16:57:15.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.09b +Version:2.10b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-2.09b.tgz -> afl-2.10b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.09b/Makefile new/afl-2.10b/Makefile --- old/afl-2.09b/Makefile 2016-03-26 23:08:53.0 +0100 +++ new/afl-2.10b/Makefile 2016-03-31 05:06:26.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 2.09b +VERSION = 2.10b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.09b/afl-fuzz.c new/afl-2.10b/afl-fuzz.c --- old/afl-2.09b/afl-fuzz.c2016-03-26 23:07:40.0 +0100 +++ new/afl-2.10b/afl-fuzz.c2016-03-31 05:02:35.0 +0200 @@ -7133,19 +7133,24 @@ #else - /* On Linux, a simple way is to look at /proc/stat, especially since we'd - be parsing it anyway for other reasons later on. */ + if (!cpu_core_count) { - FILE* f = fopen("/proc/stat", "r"); - u8 tmp[1024]; +/* On Linux, a simple way is to look at /proc/stat, especially since we'd + be parsing it anyway for other reasons later on. But do this only if + cpu_core_count hasn't been obtained before as a result of specifying + -Z. */ - if (!f) return; +FILE* f = fopen("/proc/stat", "r"); +u8 tmp[1024]; - while (fgets(tmp, sizeof(tmp), f)) -if (!strncmp(tmp, "cpu", 3) && isdigit(tmp[3])) cpu_core_count++; +if (!f) return; + +while (fgets(tmp, sizeof(tmp), f)) + if (!strncmp(tmp, "cpu", 3) && isdigit(tmp[3])) cpu_core_count++; + +fclose(f); + } - fclose(f); - #endif /* ^(__APPLE__ || __FreeBSD__ || __OpenBSD__) */ if (cpu_core_count) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.09b/docs/ChangeLog new/afl-2.10b/docs/ChangeLog --- old/afl-2.09b/docs/ChangeLog2016-03-26 23:08:34.0 +0100 +++ new/afl-2.10b/docs/ChangeLog2016-03-31 05:06:13.0 +0200 @@ -17,6 +17,12 @@ to get on with the times. -- +Version 2.10b: +-- + + - Fixed a minor core counting glitch, reported by Tyler Nighswander. + +-- Version 2.09b: --
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2016-03-31 13:03:13 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2016-03-01 10:20:59.0 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2016-03-31 13:03:14.0 +0200 @@ -1,0 +2,30 @@ +Mon Mar 28 19:11:03 UTC 2016 - mplus...@suse.com + +- Update to 2.09b + * Made several documentation updates. + * Added some visual indicators to promote and simplify the use +of -Z. +- Changes for 2.08b + * Added explicit support for -m32 and -m64 for llvm_mode. +Inspired by a request from Christian Holler. + * Added a new benchmarking option, as requested by Kostya +Serebryany. +- Changes for 2.07b + * Added CPU affinity option (-Z) on Linux. With some caution, +this can offer a significant (10%+) performance bump and +reduce jitter. Proposed by Austin Seipp. + * Updated afl-gotcpu to use CPU affinity where supported. + * Fixed confusing CPU_TARGET error messages with QEMU build. +Spotted by Daniel Komaromy and others. +- Changes for 2.06b + * Worked around LLVM persistent mode hiccups with -shared code. +Contributed by Christian Holler. + * Added __AFL_COMPILER as a convenient way to detect that +something is built under afl-gcc / afl-clang / afl-clang-fast +and enable custom optimizations in your code. Suggested by +Pedro Corte-Real. + * Upstreamed several minor changes developed by Franjo Ivancic to +allow AFL to be built as a library. This is fairly use-specific +and may have relatively little appeal to general audiences. + +--- Old: afl-2.05b.tgz New: afl-2.09b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.SVZiNL/_old 2016-03-31 13:03:15.0 +0200 +++ /var/tmp/diff_new_pack.SVZiNL/_new 2016-03-31 13:03:15.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:2.05b +Version:2.09b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 @@ -41,10 +41,10 @@ %build export CFLAGS="$CFLAGS %{optflags}" -make PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} %{?_smp_mflags} +make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} %install -make PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} DESTDIR=%{buildroot} install %{?_smp_mflags} +make %{?_smp_mflags} PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} DESTDIR=%{buildroot} install %files %defattr(-,root,root) ++ afl-2.05b.tgz -> afl-2.09b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.05b/Makefile new/afl-2.09b/Makefile --- old/afl-2.05b/Makefile 2016-02-24 23:45:50.0 +0100 +++ new/afl-2.09b/Makefile 2016-03-26 23:08:53.0 +0100 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 2.05b +VERSION = 2.09b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -103,6 +103,7 @@ endif all_done: test_build + @if [ ! "`which clang 2>/dev/null`" = "" ]; then echo "[+] LLVM users: see llvm_mode/README.llvm for a faster alternative to afl-gcc."; fi @echo "[+] All done! Be sure to review README - it's pretty short and useful." @if [ "`uname`" = "Darwin" ]; then printf "\nWARNING: Fuzzing on MacOS X is slow because of the unusually high overhead of\nfork() on this OS. Consider using Linux or *BSD. You can also use VirtualBox\n(virtualbox.org) to put AFL inside a Linux or *BSD VM.\n\n"; fi @! tty <&1 >/dev/null || printf "\033[0;30mNOTE: If you can read this, your terminal probably uses white background.\nThis will make the UI hard to read. See docs/status_screen.txt for advice.\033[0m\n" 2>/dev/null @@ -121,6 +122,8 @@ rm -f $${DESTDIR}$(BIN_PATH)/afl-as if [ -f afl-qemu-trace ]; then install -m 755 afl-qemu-trace $${DESTDIR}$(BIN_PATH); fi if [ -f afl-clang-fast -a -f afl-llvm-pass.so -a -f afl-llvm-rt.o ]; then set -e; install -m 755 afl-clang-fast $${DESTDIR}$(BIN_PATH); ln -sf afl-clang-fast $${DESTDIR}$(BIN_PATH)/afl-clang-fast++; install -m 755 afl-llvm-pass.so afl-llvm-rt.o $${DESTDIR}$(HELPER_PATH); fi + if [ -f afl-llvm-rt-32.o ]; then set -e; install -m 755 afl-llvm-rt-32.o $${DESTDIR}$(HELPER_PATH); fi + if [ -f afl-llvm-rt-64.o ]; then set -e; install -m 755 afl-llvm-rt-64.o $${DESTDIR}$(HELPER_PATH); fi set -e; for i in afl-g++
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2016-03-01 09:45:14 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2016-02-26 00:26:45.0 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2016-03-01 10:20:59.0 +0100 @@ -1,0 +2,7 @@ +Sun Feb 28 13:59:04 UTC 2016 - astie...@suse.com + +- afl 2.05b: + * Put __sanitizer_cov_module_init & co behind #ifdef to avoid +problems with ASAN. + +--- Old: afl-2.04b.tgz New: afl-2.05b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.QAWoCC/_old 2016-03-01 10:21:00.0 +0100 +++ /var/tmp/diff_new_pack.QAWoCC/_new 2016-03-01 10:21:00.0 +0100 @@ -17,7 +17,7 @@ Name: afl -Version:2.04b +Version:2.05b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-1.58b-fix-paths.patch ++ --- /var/tmp/diff_new_pack.QAWoCC/_old 2016-03-01 10:21:00.0 +0100 +++ /var/tmp/diff_new_pack.QAWoCC/_new 2016-03-01 10:21:00.0 +0100 @@ -2,11 +2,11 @@ Makefile |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -Index: afl-2.04b/Makefile +Index: afl-2.05b/Makefile === afl-2.04b.orig/Makefile -+++ afl-2.04b/Makefile -@@ -18,8 +18,8 @@ VERSION = 2.04b +--- afl-2.05b.orig/Makefile afl-2.05b/Makefile +@@ -18,8 +18,8 @@ VERSION = 2.05b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -16,4 +16,4 @@ +DOC_PATH= $(DOC_DIR)/afl MISC_PATH = $(PREFIX)/share/afl - # PROGS intentionally omit afl-as, which gets installed elsewhere. + # PROGS intentionally omit afl-as, which gets installed to its own dir. ++ afl-2.04b.tgz -> afl-2.05b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.04b/Makefile new/afl-2.05b/Makefile --- old/afl-2.04b/Makefile 2016-02-22 03:22:50.0 +0100 +++ new/afl-2.05b/Makefile 2016-02-24 23:45:50.0 +0100 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 2.04b +VERSION = 2.05b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -22,7 +22,7 @@ DOC_PATH= $(PREFIX)/share/doc/afl MISC_PATH = $(PREFIX)/share/afl -# PROGS intentionally omit afl-as, which gets installed elsewhere. +# PROGS intentionally omit afl-as, which gets installed to its own dir. PROGS = afl-gcc afl-fuzz afl-showmap afl-tmin afl-gotcpu afl-analyze SH_PROGS= afl-plot afl-cmin afl-whatsup diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.04b/docs/ChangeLog new/afl-2.05b/docs/ChangeLog --- old/afl-2.04b/docs/ChangeLog2016-02-21 21:19:12.0 +0100 +++ new/afl-2.05b/docs/ChangeLog2016-02-24 23:07:22.0 +0100 @@ -17,6 +17,13 @@ to get on with the times. -- +Version 2.05b: +-- + + - Put __sanitizer_cov_module_init & co behind #ifdef to avoid problems +with ASAN. Spotted by Christian Holler. + +-- Version 2.04b: -- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.04b/docs/sister_projects.txt new/afl-2.05b/docs/sister_projects.txt --- old/afl-2.04b/docs/sister_projects.txt 2016-02-21 01:27:47.0 +0100 +++ new/afl-2.05b/docs/sister_projects.txt 2016-02-22 09:43:30.0 +0100 @@ -249,3 +249,11 @@ https://github.com/choller/afl/blob/master/docs/mozilla/partial_instrumentation.txt + +Kernel fuzzing (Dmitry Vyukov) +-- + + A similar guided approach as applied to fuzzing syscalls: + + https://github.com/google/syzkaller/wiki/Found-Bugs + https://github.com/dvyukov/linux/commit/33787098ffaaa83b8a7ccf519913ac5fd6125931 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.04b/llvm_mode/afl-llvm-rt.o.c new/afl-2.05b/llvm_mode/afl-llvm-rt.o.c --- old/afl-2.04b/llvm_mode/afl-llvm-rt.o.c 2016-02-21 21:23:08.0 +0100 +++ new/afl-2.05b/llvm_mode/afl-llvm-rt.o.c 2016-02-25 01:28:21.0 +0100 @@ -203,12 +203,17 @@ } +static void __afl_trace_pc_init(void); + + /* Proper initialization routine. */ __attribute__((constructor(0))) void __afl_auto_init(void) { is_persistent = !!getenv(PERSIST_ENV_VAR); +
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2016-02-25 22:10:56 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2016-02-18 12:36:29.0 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2016-02-26 00:26:45.0 +0100 @@ -1,0 +2,13 @@ +Wed Feb 24 21:52:33 UTC 2016 - astie...@suse.com + +- afl 2.04b: + * remove indirect-calls coverage from -fsanitize-coverage + * LLVM: Added experimental -fsanitize-coverage=trace-pc support + - LLVM: better support non-standard map sizes + - LLVM: use thread-local execution tracing + - Force-disabled symbolization for ASAN + - Added AFL_LD_PRELOAD to allow LD_PRELOAD to be set for targets +without affecting AFL itself + - Fixed a "lcamtuf can't count to 16" bug in the havoc stage. + +--- Old: afl-2.01b.tgz New: afl-2.04b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.1fQjCg/_old 2016-02-26 00:26:46.0 +0100 +++ /var/tmp/diff_new_pack.1fQjCg/_new 2016-02-26 00:26:46.0 +0100 @@ -17,7 +17,7 @@ Name: afl -Version:2.01b +Version:2.04b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-1.58b-fix-paths.patch ++ --- /var/tmp/diff_new_pack.1fQjCg/_old 2016-02-26 00:26:46.0 +0100 +++ /var/tmp/diff_new_pack.1fQjCg/_new 2016-02-26 00:26:46.0 +0100 @@ -2,11 +2,11 @@ Makefile |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -Index: afl-2.01b/Makefile +Index: afl-2.04b/Makefile === afl-2.01b.orig/Makefile2016-02-16 08:14:22.0 +0100 -+++ afl-2.01b/Makefile 2016-02-16 16:36:39.051519647 +0100 -@@ -18,8 +18,8 @@ VERSION = 2.01b +--- afl-2.04b.orig/Makefile afl-2.04b/Makefile +@@ -18,8 +18,8 @@ VERSION = 2.04b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -16,4 +16,4 @@ +DOC_PATH= $(DOC_DIR)/afl MISC_PATH = $(PREFIX)/share/afl - PROGS = afl-gcc afl-fuzz afl-showmap afl-tmin afl-gotcpu afl-analyze + # PROGS intentionally omit afl-as, which gets installed elsewhere. ++ afl-2.01b.tgz -> afl-2.04b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.01b/Makefile new/afl-2.04b/Makefile --- old/afl-2.01b/Makefile 2016-02-16 08:14:22.0 +0100 +++ new/afl-2.04b/Makefile 2016-02-22 03:22:50.0 +0100 @@ -4,7 +4,7 @@ # # Written and maintained by Michal Zalewski# -# Copyright 2013, 2014, 2015 Google Inc. All rights reserved. +# Copyright 2013, 2014, 2015, 2016 Google Inc. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 2.01b +VERSION = 2.04b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -22,6 +22,8 @@ DOC_PATH= $(PREFIX)/share/doc/afl MISC_PATH = $(PREFIX)/share/afl +# PROGS intentionally omit afl-as, which gets installed elsewhere. + PROGS = afl-gcc afl-fuzz afl-showmap afl-tmin afl-gotcpu afl-analyze SH_PROGS= afl-plot afl-cmin afl-whatsup @@ -44,18 +46,18 @@ all: test_x86 $(PROGS) afl-as test_build all_done -ifndef AFL_NOX86 +ifndef AFL_NO_X86 test_x86: @echo "[*] Checking for the ability to compile x86 code..." - @echo 'main() { __asm__("xorb %al, %al"); }' | $(CC) -w -x c - -o .test || ( echo; echo "Oops, looks like your compiler can't generate x86 code."; echo; echo "You can still try using the LLVM or QEMU mode, but see docs/INSTALL first."; echo "To ignore this error, set AFL_NOX86=1."; echo; exit 1 ) + @echo 'main() { __asm__("xorb %al, %al"); }' | $(CC) -w -x c - -o .test || ( echo; echo "Oops, looks like your compiler can't generate x86 code."; echo; echo "You can still try using the LLVM or QEMU mode, but see docs/INSTALL first."; echo "To ignore this error, set AFL_NO_X86=1."; echo; exit 1 ) @rm -f .test @echo "[+] Everything seems to be working, ready to compile." else test_x86: - @echo "[!] Note: skipping x86 compilation checks (AFL_NOX86 set)." + @echo "[!] Note: skipping x86 compilation checks (AFL_NO_X86 set)." endif @@ -82,7 +84,7 @@ afl-gotcpu: afl-gotcpu.c $(COMM_HDR) | test_x86 $(CC) $(CFLAGS) $@.c -o $@ $(LDFLAGS) -ifndef AFL_NOX86
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2016-02-18 11:07:07 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-12-23 08:49:50.0 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2016-02-18 12:36:29.0 +0100 @@ -1,0 +2,21 @@ +Tue Feb 16 15:37:01 UTC 2016 - astie...@suse.com + +- afl 2.01b: + - updates to color handling + - Fixed an installation issue with afl-as + +--- +Thu Feb 11 12:21:39 UTC 2016 - astie...@suse.com + +- afl 1.99b: + - Revamp the output and the internal logic of afl-analyze. + - Clean up color handling code + - added support for background colors. + +--- +Wed Feb 10 20:25:47 UTC 2016 - astie...@suse.com + +- afl 1.98b: + - new tool afl-analyze + +--- Old: afl-1.96b.tgz New: afl-2.01b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.zsFutn/_old 2016-02-18 12:36:30.0 +0100 +++ /var/tmp/diff_new_pack.zsFutn/_new 2016-02-18 12:36:30.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package afl # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: afl -Version:1.96b +Version:2.01b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-1.58b-fix-paths.patch ++ --- /var/tmp/diff_new_pack.zsFutn/_old 2016-02-18 12:36:30.0 +0100 +++ /var/tmp/diff_new_pack.zsFutn/_new 2016-02-18 12:36:30.0 +0100 @@ -2,11 +2,11 @@ Makefile |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -Index: afl-1.85b/Makefile +Index: afl-2.01b/Makefile === afl-1.85b.orig/Makefile -+++ afl-1.85b/Makefile -@@ -18,8 +18,8 @@ VERSION = 1.85b +--- afl-2.01b.orig/Makefile2016-02-16 08:14:22.0 +0100 afl-2.01b/Makefile 2016-02-16 16:36:39.051519647 +0100 +@@ -18,8 +18,8 @@ VERSION = 2.01b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -16,4 +16,4 @@ +DOC_PATH= $(DOC_DIR)/afl MISC_PATH = $(PREFIX)/share/afl - PROGS = afl-gcc afl-as afl-fuzz afl-showmap afl-tmin afl-gotcpu + PROGS = afl-gcc afl-fuzz afl-showmap afl-tmin afl-gotcpu afl-analyze ++ afl-1.96b.tgz -> afl-2.01b.tgz ++ 1850 lines of diff (skipped)
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2015-12-23 08:49:49 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-11-13 23:36:15.0 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2015-12-23 08:49:50.0 +0100 @@ -1,0 +2,11 @@ +Sat Dec 19 15:45:22 UTC 2015 - mplus...@suse.com + +- Update to 1.96b + * Added -fpic to CFLAGS for the clang plugin, as suggested by + Hanno Boeck. + * Made another clang change (IRBuilder) suggested by Jeff Trull. + * Fixed several typos, spotted by Jakub Wilk. + * Added support for AFL_SHUFFLE_QUEUE, based on discussions with +Christian Holler. + +--- Old: afl-1.95b.tgz New: afl-1.96b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.xfq7nb/_old 2015-12-23 08:49:51.0 +0100 +++ /var/tmp/diff_new_pack.xfq7nb/_new 2015-12-23 08:49:51.0 +0100 @@ -17,7 +17,7 @@ Name: afl -Version:1.95b +Version:1.96b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-1.95b.tgz -> afl-1.96b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.95b/Makefile new/afl-1.96b/Makefile --- old/afl-1.95b/Makefile 2015-11-13 03:58:12.0 +0100 +++ new/afl-1.96b/Makefile 2015-12-16 05:24:06.0 +0100 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 1.95b +VERSION = 1.96b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.95b/afl-fuzz.c new/afl-1.96b/afl-fuzz.c --- old/afl-1.95b/afl-fuzz.c2015-11-13 03:58:02.0 +0100 +++ new/afl-1.96b/afl-fuzz.c2015-12-16 05:57:42.0 +0100 @@ -96,6 +96,7 @@ auto_changed, /* Auto-generated tokens changed? */ no_cpu_meter_red, /* Feng shui on the status screen */ no_var_check, /* Don't detect variable behavior */ + shuffle_queue, /* Shuffle input queue? */ bitmap_changed = 1,/* Time to update bitmap? */ qemu_mode, /* Running in QEMU mode?*/ skip_requested,/* Skip request, via SIGUSR1*/ @@ -335,6 +336,24 @@ } +/* Shuffle an array of pointers. Might be slightly biased. */ + +static void shuffle_ptrs(void** ptrs, u32 cnt) { + + u32 i; + + for (i = 0; i < cnt - 2; i++) { + +u32 j = i + UR(cnt - i); +void *s = ptrs[i]; +ptrs[i] = ptrs[j]; +ptrs[j] = s; + + } + +} + + #ifndef IGNORE_FINDS /* Helper function to compare buffers; returns first and last differing offset. We @@ -1276,6 +1295,13 @@ } + if (shuffle_queue && nl_cnt > 1) { + +ACTF("Shuffling queue..."); +shuffle_ptrs((void**)nl, nl_cnt); + + } + for (i = 0; i < nl_cnt; i++) { struct stat st; @@ -1523,7 +1549,7 @@ } - if (x) FATAL("Dictinary levels not supported for directories."); + if (x) FATAL("Dictionary levels not supported for directories."); while ((de = readdir(d))) { @@ -2657,7 +2683,7 @@ useless_at_start++; -if (!in_bitmap) +if (!in_bitmap && !shuffle_queue) WARNF("No new instrumentation output, test case may be useless."); break; @@ -7517,9 +7543,10 @@ } - if (getenv("AFL_NO_FORKSRV")) no_forkserver= 1; - if (getenv("AFL_NO_CPU_RED")) no_cpu_meter_red = 1; - if (getenv("AFL_NO_VAR_CHECK")) no_var_check = 1; + if (getenv("AFL_NO_FORKSRV"))no_forkserver= 1; + if (getenv("AFL_NO_CPU_RED"))no_cpu_meter_red = 1; + if (getenv("AFL_NO_VAR_CHECK")) no_var_check = 1; + if (getenv("AFL_SHUFFLE_QUEUE")) shuffle_queue= 1; if (dumb_mode == 2 && no_forkserver) FATAL("AFL_DUMB_FORKSRV and AFL_NO_FORKSRV are mutually exclusive"); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.95b/docs/ChangeLog new/afl-1.96b/docs/ChangeLog --- old/afl-1.95b/docs/ChangeLog2015-11-13 03:56:43.0 +0100 +++ new/afl-1.96b/docs/ChangeLog2015-12-16 05:58:59.0 +0100 @@ -17,6 +17,19 @@ to get on with the times. -- +Version 1.96b: +-- + + - Added -fpic to CFLAGS for the clang plugin, as suggested by Hanno Boeck. + + - Made another clang change
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2015-11-13 23:36:14 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-10-06 13:25:58.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2015-11-13 23:36:15.0 +0100 @@ -1,0 +2,13 @@ +Fri Nov 13 09:06:47 UTC 2015 - astie...@suse.com + +- afl 1.95b: + * Fixed a harmless bug when handling -B + * Made the exit message a bit more accurate when +AFL_EXIT_WHEN_DONE is set. + * Added some error-checking for old-style forkserver syntax. + * Switched from exit() to _exit() in injected code to avoid +snafus with destructors in C++ code. + * Made a change to avoid spuriously setting __AFL_SHM_ID when +AFL_DUMB_FORKSRV is set in conjunction with -n. + +--- Old: afl-1.94b.tgz New: afl-1.95b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.m8P26L/_old 2015-11-13 23:36:16.0 +0100 +++ /var/tmp/diff_new_pack.m8P26L/_new 2015-11-13 23:36:16.0 +0100 @@ -17,7 +17,7 @@ Name: afl -Version:1.94b +Version:1.95b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-1.94b.tgz -> afl-1.95b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.94b/Makefile new/afl-1.95b/Makefile --- old/afl-1.94b/Makefile 2015-09-12 03:38:02.0 +0200 +++ new/afl-1.95b/Makefile 2015-11-13 03:58:12.0 +0100 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 1.94b +VERSION = 1.95b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.94b/afl-as.h new/afl-1.95b/afl-as.h --- old/afl-1.94b/afl-as.h 2015-07-17 19:53:09.0 +0200 +++ new/afl-1.95b/afl-as.h 2015-11-03 05:29:51.0 +0100 @@ -334,7 +334,7 @@ "__afl_die:\n" "\n" " xorl %eax, %eax\n" - " call exit\n" + " call _exit\n" "\n" "__afl_setup_abort:\n" "\n" @@ -639,7 +639,7 @@ "__afl_die:\n" "\n" " xorq %rax, %rax\n" - CALL_L64("exit") + CALL_L64("_exit") "\n" "__afl_setup_abort:\n" "\n" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.94b/afl-fuzz.c new/afl-1.95b/afl-fuzz.c --- old/afl-1.94b/afl-fuzz.c2015-09-03 07:12:32.0 +0200 +++ new/afl-1.95b/afl-fuzz.c2015-11-13 03:58:02.0 +0100 @@ -1201,8 +1201,7 @@ fork server commands. This should be replaced with better auto-detection later on, perhaps? */ - if (dumb_mode != 1) -setenv(SHM_ENV_VAR, shm_str, 1); + if (!dumb_mode) setenv(SHM_ENV_VAR, shm_str, 1); ck_free(shm_str); @@ -3700,7 +3699,7 @@ /* Honor AFL_EXIT_WHEN_DONE. */ if (!dumb_mode && cycles_wo_finds > 20 && !pending_not_fuzzed && - getenv("AFL_EXIT_WHEN_DONE")) stop_soon = 1; + getenv("AFL_EXIT_WHEN_DONE")) stop_soon = 2; /* If we're not on TTY, bail out. */ @@ -6613,6 +6612,10 @@ setenv(PERSIST_ENV_VAR, "1", 1); no_var_check = 1; + } else if (getenv("AFL_PERSISTENT")) { + +WARNF("AFL_PERSISTENT is no longer supported and may misbehave!"); + } if (memmem(f_data, f_len, DEFER_SIG, strlen(DEFER_SIG) + 1)) { @@ -6620,6 +6623,10 @@ OKF(cPIN "Deferred forkserver binary detected."); setenv(DEFER_ENV_VAR, "1", 1); + } else if (getenv("AFL_DEFER_FORKSRV")) { + +WARNF("AFL_DEFER_FORKSRV is no longer supported and may misbehave!"); + } if (munmap(f_data, f_len)) PFATAL("unmap() failed"); @@ -7468,7 +7475,7 @@ case 'n': if (dumb_mode) FATAL("Multiple -n options not supported"); -if (getenv("AFL_DUMB_FORKSRV")) dumb_mode = 2 ; else dumb_mode = 1; +if (getenv("AFL_DUMB_FORKSRV")) dumb_mode = 2; else dumb_mode = 1; break; @@ -7640,7 +7647,8 @@ stop_fuzzing: - SAYF(CURSOR_SHOW cLRD "\n\n+++ Testing aborted by user +++\n" cRST); + SAYF(CURSOR_SHOW cLRD "\n\n+++ Testing %s +++\n" cRST, + stop_soon == 2 ? "ended via AFL_EXIT_WHEN_DONE" : "aborted by user"); /* Running for more than 30 minutes but still doing first cycle? */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.94b/afl-gcc.c new/afl-1.95b/afl-gcc.c --- old/afl-1.94b/afl-gcc.c 2015-04-13 20:14:05.0 +0200 +++ new/afl-1.95b/afl-gcc.c 2015-09-22
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2015-10-06 13:25:57 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-09-08 18:06:42.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2015-10-06 13:25:58.0 +0200 @@ -1,0 +2,9 @@ +Fri Oct 2 15:11:23 UTC 2015 - astie...@suse.com + +- afl 1.94b: + * Changed allocator alignment to improve support for non-x86 systems +(now that llvm_mode makes this more feasible). + * Fixed an obscure bug that would affect people trying to use afl-gcc +with $TMP set but $TMPDIR absent. + +--- Old: afl-1.92b.tgz New: afl-1.94b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.W54fAk/_old 2015-10-06 13:25:59.0 +0200 +++ /var/tmp/diff_new_pack.W54fAk/_new 2015-10-06 13:25:59.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:1.92b +Version:1.94b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-1.92b.tgz -> afl-1.94b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.92b/Makefile new/afl-1.94b/Makefile --- old/afl-1.92b/Makefile 2015-09-03 19:54:32.0 +0200 +++ new/afl-1.94b/Makefile 2015-09-12 03:38:02.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 1.92b +VERSION = 1.94b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.92b/afl-as.c new/afl-1.94b/afl-as.c --- old/afl-1.92b/afl-as.c 2015-05-06 01:47:47.0 +0200 +++ new/afl-1.94b/afl-as.c 2015-09-12 03:37:44.0 +0200 @@ -117,6 +117,12 @@ #endif /* __APPLE__ */ + /* Although this is not documented, GCC also uses TEMP and TMP when TMPDIR + is not set. We need to check these non-standard variables to properly + handle the pass_thru logic later on. */ + + if (!tmp_dir) tmp_dir = getenv("TEMP"); + if (!tmp_dir) tmp_dir = getenv("TMP"); if (!tmp_dir) tmp_dir = "/tmp"; as_params = ck_alloc((argc + 32) * sizeof(u8*)); @@ -444,7 +450,8 @@ if (!be_quiet) { -if (!ins_lines) WARNF("No instrumentation targets found."); +if (!ins_lines) WARNF("No instrumentation targets found%s.", + pass_thru ? " (pass-thru mode)" : ""); else OKF("Instrumented %u locations (%s-bit, %s mode, ratio %u%%).", ins_lines, use_64bit ? "64" : "32", getenv("AFL_HARDEN") ? "hardened" : "non-hardened", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.92b/afl-cmin new/afl-1.94b/afl-cmin --- old/afl-1.92b/afl-cmin 2015-08-09 07:58:08.0 +0200 +++ new/afl-1.94b/afl-cmin 2015-09-11 19:20:46.0 +0200 @@ -18,8 +18,8 @@ # the starting corpus. This has two uses: # # - Screening large corpora of input files before using them as a seed for -# seed for afl-fuzz. The tool will remove functionally redundant files and -# likely leave you with a much smaller set. +# afl-fuzz. The tool will remove functionally redundant files and likely +# leave you with a much smaller set. # # (In this case, you probably also want to consider running afl-tmin on # the individual files later on to reduce their size.) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.92b/alloc-inl.h new/afl-1.94b/alloc-inl.h --- old/afl-1.92b/alloc-inl.h 2015-02-09 06:05:56.0 +0100 +++ new/afl-1.94b/alloc-inl.h 2015-09-09 07:37:50.0 +0200 @@ -57,17 +57,17 @@ /* Magic tokens used to mark used / freed chunks. */ -#define ALLOC_MAGIC_C1 0xFF00 -#define ALLOC_MAGIC_F 0xFE00 -#define ALLOC_MAGIC_C2 0xF0 +#define ALLOC_MAGIC_C1 0xFF00FF00 /* Used head (dword) */ +#define ALLOC_MAGIC_F 0xFE00FE00 /* Freed head (dword) */ +#define ALLOC_MAGIC_C2 0xF0 /* Used tail (byte) */ /* Positions of guard tokens in relation to the user-visible pointer. */ -#define ALLOC_C1(_ptr) (((u16*)(_ptr))[-3]) +#define ALLOC_C1(_ptr) (((u32*)(_ptr))[-2]) #define ALLOC_S(_ptr) (((u32*)(_ptr))[-1]) #define ALLOC_C2(_ptr) (((u8*)(_ptr))[ALLOC_S(_ptr)]) -#define ALLOC_OFF_HEAD 6 +#define ALLOC_OFF_HEAD 8 #define ALLOC_OFF_TOTAL (ALLOC_OFF_HEAD + 1) /* Allocator increments for ck_realloc_block(). */ diff -urN '--exclude=CVS'
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2015-09-08 17:45:03 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is "afl" Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-08-12 15:13:00.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2015-09-08 18:06:42.0 +0200 @@ -1,0 +2,37 @@ +Mon Sep 7 13:22:07 UTC 2015 - astie...@suse.com + +- afl 1.92b: + * C++ fix (namespaces) + +--- +Thu Sep 3 14:32:09 UTC 2015 - astie...@suse.com + +- afl 1.91b: + * C++ instrumentation fixes +- includes changes from 1.90b: + * documentation updates + * Fixed a potential problem with deferred mode signatures getting +optimized out by the linker (with --gc-sections). + +--- +Wed Sep 2 07:57:31 UTC 2015 - astie...@suse.com + +- afl 1.89b: + * Revamped the support for persistent and deferred forkserver +modes. Both now feature simpler syntax and do not require +companion env variables. + * Added a bit more info about afl-showmap. + +--- +Sun Aug 30 23:40:19 UTC 2015 - astie...@suse.com + +- afl 1.88b: + * Make AFL_EXIT_WHEN_DONE work in non-tty mode. + +--- +Thu Aug 27 14:32:46 UTC 2015 - astie...@suse.com + +- afl 1.87b: + * Add QuickStartGuide.txt and other documentation updates + +--- Old: afl-1.86b.tgz New: afl-1.92b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.ukTcEm/_old 2015-09-08 18:06:45.0 +0200 +++ /var/tmp/diff_new_pack.ukTcEm/_new 2015-09-08 18:06:45.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:1.86b +Version:1.92b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-1.86b.tgz -> afl-1.92b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.86b/Makefile new/afl-1.92b/Makefile --- old/afl-1.86b/Makefile 2015-08-09 06:26:31.0 +0200 +++ new/afl-1.92b/Makefile 2015-09-03 19:54:32.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 1.86b +VERSION = 1.92b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -132,4 +132,5 @@ cat docs/historical_notes.txt >~/www/afl/historical_notes.txt cat docs/technical_details.txt >~/www/afl/technical_details.txt cat docs/ChangeLog >~/www/afl/ChangeLog.txt + cat docs/QuickStartGuide.txt >~/www/afl/QuickStartGuide.txt echo -n "$(VERSION)" >~/www/afl/version.txt diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.86b/QuickStartGuide.txt new/afl-1.92b/QuickStartGuide.txt --- old/afl-1.86b/QuickStartGuide.txt 1970-01-01 01:00:00.0 +0100 +++ new/afl-1.92b/QuickStartGuide.txt 2015-09-08 18:06:45.0 +0200 @@ -0,0 +1 @@ +symbolic link to docs/QuickStartGuide.txt diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.86b/afl-cmin new/afl-1.92b/afl-cmin --- old/afl-1.86b/afl-cmin 2015-08-01 04:43:30.0 +0200 +++ new/afl-1.92b/afl-cmin 2015-08-09 07:58:08.0 +0200 @@ -18,11 +18,11 @@ # the starting corpus. This has two uses: # # - Screening large corpora of input files before using them as a seed for -# seed for afl-fuzz. The tool effectively reject functionally redundant -# files and likely leave you with a much smaller set. +# seed for afl-fuzz. The tool will remove functionally redundant files and +# likely leave you with a much smaller set. # # (In this case, you probably also want to consider running afl-tmin on -# the individual files to reduce their size.) +# the individual files later on to reduce their size.) # # - Minimizing the corpus generated organically by afl-fuzz, perhaps when # planning to feed it to more resource-intensive tools. The tool achieves diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.86b/afl-fuzz.c new/afl-1.92b/afl-fuzz.c --- old/afl-1.86b/afl-fuzz.c2015-08-09 06:34:48.0 +0200 +++ new/afl-1.92b/afl-fuzz.c2015-09-03 07:12:32.0 +0200 @@ -2072,9 +2072,9 @@ "- Less likely, there is a horrible bug in the fuzzer. If other options\n" " fail, poke
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2015-08-12 15:12:58 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is afl Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-08-07 00:24:05.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2015-08-12 15:13:00.0 +0200 @@ -1,0 +2,7 @@ +Mon Aug 10 19:49:56 UTC 2015 - astie...@suse.com + +- afl 1.86b: + * Added support for AFL_SKIP_CRASHES + * Removed the hard-fail terminal size check + +--- Old: afl-1.85b.tgz New: afl-1.86b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.J1oWgy/_old 2015-08-12 15:13:01.0 +0200 +++ /var/tmp/diff_new_pack.J1oWgy/_new 2015-08-12 15:13:01.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:1.85b +Version:1.86b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-1.85b.tgz - afl-1.86b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.85b/Makefile new/afl-1.86b/Makefile --- old/afl-1.85b/Makefile 2015-08-01 04:44:56.0 +0200 +++ new/afl-1.86b/Makefile 2015-08-09 06:26:31.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 1.85b +VERSION = 1.86b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.85b/afl-fuzz.c new/afl-1.86b/afl-fuzz.c --- old/afl-1.85b/afl-fuzz.c2015-07-04 21:36:50.0 +0200 +++ new/afl-1.86b/afl-fuzz.c2015-08-09 06:34:48.0 +0200 @@ -88,6 +88,7 @@ resuming_fuzz, /* Resuming an older fuzzing job? */ timeout_given, /* Specific timeout given? */ not_on_tty,/* stdout is not a tty */ + term_too_small,/* terminal dimensions too small*/ uses_asan, /* Target uses ASAN?*/ no_forkserver, /* Disable forkserver? */ crash_mode,/* Crash mode! Yeah!*/ @@ -2491,8 +2492,8 @@ static void perform_dry_run(char** argv) { struct queue_entry* q = queue; - u32 id = 0; u32 cal_failures = 0; + u8* skip_crashes = getenv(AFL_SKIP_CRASHES); while (q) { @@ -2576,6 +2577,13 @@ if (crash_mode) break; +if (skip_crashes) { + WARNF(Test case results in a crash (skipping)); + q-cal_failed = CAL_CHANCES; + cal_failures++; + break; +} + if (mem_limit) { SAYF(\n cLRD [-] cRST @@ -2660,17 +2668,18 @@ if (q-var_behavior) WARNF(Instrumentation output varies across runs.); q = q-next; -id++; } if (cal_failures) { if (cal_failures == queued_paths) - FATAL(All test cases time out, giving up!); + FATAL(All test cases time out%s, giving up!, +skip_crashes ? or crash : ); -WARNF(Skipped %u test cases (%0.02f%%) due to timeouts., cal_failures, - ((double)cal_failures) * 100 / queued_paths); +WARNF(Skipped %u test cases (%0.02f%%) due to timeouts%s., cal_failures, + ((double)cal_failures) * 100 / queued_paths, + skip_crashes ? or crashes : ); if (cal_failures * 5 queued_paths) WARNF(cLRD High percentage of rejected test cases, check settings!); @@ -3605,6 +3614,9 @@ } +static void check_term_size(void); + + /* A spiffy retro stats screen! This is called every stats_update_freq execve() calls, plus in several other circumstances. */ @@ -3700,10 +3712,21 @@ SAYF(TERM_CLEAR CURSOR_HIDE); clear_screen = 0; +check_term_size(); + } SAYF(TERM_HOME); + if (term_too_small) { + +SAYF(cBRI Your terminal is too small to display the UI.\n + Please resize terminal window to at least 80x25.\n cNOR); + +return; + + } + /* Let's start by drawing a centered banner. */ banner_len = (crash_mode ? 24 : 22) + strlen(VERSION) + strlen(use_banner); @@ -3916,7 +3939,7 @@ sprintf(tmp, %s/%s, %s/%s, %s/%s, DI(stage_finds[STAGE_FLIP1]), DI(stage_cycles[STAGE_FLIP1]), -DI(stage_finds[STAGE_FLIP4]), DI(stage_cycles[STAGE_FLIP2]), +DI(stage_finds[STAGE_FLIP2]), DI(stage_cycles[STAGE_FLIP2]), DI(stage_finds[STAGE_FLIP4]), DI(stage_cycles[STAGE_FLIP4])); } @@ -6618,9 +6641,9
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2015-08-07 00:24:04 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is afl Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-06-16 14:05:18.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2015-08-07 00:24:05.0 +0200 @@ -1,0 +2,16 @@ +Wed Aug 5 13:46:26 UTC 2015 - mplus...@suse.com + +- Update to 1.85b + * Fixed a garbled sentence in notes on parallel fuzzing. + * Fixed a minor glitch in afl-cmin. +- Changes for 1.84b + * Made SIMPLE_FILES behave as expected when naming backup +directories for crashes and hangs. + * Added the total number of favored paths to fuzzer_stats. + * Made afl-tmin, afl-fuzz, and afl-cmin reject negative values +passed to -t and -m, since they generally won't work as +expected. + * Made a fix for no lahf / sahf support on older versions of +FreeBSD. + +--- Old: afl-1.83b.tgz New: afl-1.85b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.H94HV9/_old 2015-08-07 00:24:06.0 +0200 +++ /var/tmp/diff_new_pack.H94HV9/_new 2015-08-07 00:24:06.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:1.83b +Version:1.85b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-1.58b-fix-paths.patch ++ --- /var/tmp/diff_new_pack.H94HV9/_old 2015-08-07 00:24:06.0 +0200 +++ /var/tmp/diff_new_pack.H94HV9/_new 2015-08-07 00:24:06.0 +0200 @@ -2,11 +2,11 @@ Makefile |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -Index: afl-1.58b/Makefile +Index: afl-1.85b/Makefile === afl-1.58b.orig/Makefile2015-03-27 07:47:58.0 +0100 -+++ afl-1.58b/Makefile 2015-03-27 21:14:10.0 +0100 -@@ -18,8 +18,8 @@ VERSION = 1.58b +--- afl-1.85b.orig/Makefile afl-1.85b/Makefile +@@ -18,8 +18,8 @@ VERSION = 1.85b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin ++ afl-1.83b.tgz - afl-1.85b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.83b/Makefile new/afl-1.85b/Makefile --- old/afl-1.83b/Makefile 2015-06-14 16:34:26.0 +0200 +++ new/afl-1.85b/Makefile 2015-08-01 04:44:56.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 1.83b +VERSION = 1.85b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.83b/afl-as.h new/afl-1.85b/afl-as.h --- old/afl-1.83b/afl-as.h 2015-06-11 08:33:07.0 +0200 +++ new/afl-1.85b/afl-as.h 2015-07-17 19:53:09.0 +0200 @@ -388,11 +388,11 @@ \n __afl_maybe_log:\n \n -#ifdef __OpenBSD__ +#if defined(__OpenBSD__) || (defined(__FreeBSD__) (__FreeBSD__ 9)) .byte 0x9f /* lahf */\n #else lahf\n -#endif /* ^__OpenBSD__ */ +#endif /* ^__OpenBSD__, etc */ seto %al\n \n /* Check if SHM region is already mapped. */\n @@ -420,11 +420,11 @@ __afl_return:\n \n addb $127, %al\n -#ifdef __OpenBSD__ +#if defined(__OpenBSD__) || (defined(__FreeBSD__) (__FreeBSD__ 9)) .byte 0x9e /* sahf */\n #else sahf\n -#endif /* ^__OpenBSD__ */ +#endif /* ^__OpenBSD__, etc */ ret\n \n .align 8\n diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.83b/afl-cmin new/afl-1.85b/afl-cmin --- old/afl-1.83b/afl-cmin 2015-06-14 16:33:53.0 +0200 +++ new/afl-1.85b/afl-cmin 2015-08-01 04:43:30.0 +0200 @@ -260,7 +260,7 @@ if [ $STDIN_FILE = ]; then - AFL_CMIN_ALLOW_ANY=1 $SHOWMAP -m $MEM_LIMIT -t $TIMEOUT -o $TRACE_DIR/.run_test -Z $EXTRA_PAR -- $@ $IN_DIR/$fn + AFL_CMIN_ALLOW_ANY=1 $SHOWMAP -m $MEM_LIMIT -t $TIMEOUT -o $TRACE_DIR/.run_test -Z $EXTRA_PAR -- $@ $IN_DIR/$FIRST_FILE else diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.83b/afl-fuzz.c new/afl-1.85b/afl-fuzz.c --- old/afl-1.83b/afl-fuzz.c2015-06-12 09:50:07.0 +0200 +++ new/afl-1.85b/afl-fuzz.c2015-07-04 21:36:50.0 +0200 @@ -3168,6 +3168,7 @@ execs_done : %llu\n execs_per_sec : %0.02f\n paths_total: %u\n + paths_favored : %u\n paths_found: %u\n paths_imported : %u\n max_depth
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2015-06-16 14:05:16 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is afl Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-06-02 10:11:50.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2015-06-16 14:05:18.0 +0200 @@ -1,0 +2,17 @@ +Mon Jun 15 09:07:34 UTC 2015 - astie...@suse.com + +- afl 1.83b: + * fixes for platforms other than GNU/Linux + +--- +Sat Jun 13 10:41:30 UTC 2015 - astie...@suse.com + +- afl 1.82b: + * Fixed a harmless but annoying race condition in persistent mode + * Updated persistent mode documentation + - Tweaked AFL_PERSISTENT to force AFL_NO_VAR_CHECK. +- afl 1.81b: + * Added persistent mode for in-process fuzzing. + * in-place resume code to preserve crashes/README.txt. + +--- Old: afl-1.80b.tgz New: afl-1.83b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.Is5hsv/_old 2015-06-16 14:05:19.0 +0200 +++ /var/tmp/diff_new_pack.Is5hsv/_new 2015-06-16 14:05:19.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:1.80b +Version:1.83b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-1.80b.tgz - afl-1.83b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.80b/Makefile new/afl-1.83b/Makefile --- old/afl-1.80b/Makefile 2015-05-26 07:20:29.0 +0200 +++ new/afl-1.83b/Makefile 2015-06-14 16:34:26.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 1.80b +VERSION = 1.83b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -124,7 +124,7 @@ test `basename $$PWD` = afl || exit 1 test -f ~/www/afl/releases/$(PROGNAME)-$(VERSION).tgz; if [ $$? = 0 ]; then echo; echo Change program version in Makefile, mmkay?; echo; exit 1; fi cd ..; rm -rf $(PROGNAME)-$(VERSION); cp -pr $(PROGNAME) $(PROGNAME)-$(VERSION); \ - tar -cvz --exclude openssl-null-ptr2.der -f ~/www/afl/releases/$(PROGNAME)-$(VERSION).tgz $(PROGNAME)-$(VERSION) + tar -cvz -f ~/www/afl/releases/$(PROGNAME)-$(VERSION).tgz $(PROGNAME)-$(VERSION) chmod 644 ~/www/afl/releases/$(PROGNAME)-$(VERSION).tgz ( cd ~/www/afl/releases/; ln -s -f $(PROGNAME)-$(VERSION).tgz $(PROGNAME)-latest.tgz ) cat docs/README ~/www/afl/README.txt diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.80b/afl-as.h new/afl-1.83b/afl-as.h --- old/afl-1.80b/afl-as.h 2015-04-08 08:47:29.0 +0200 +++ new/afl-1.83b/afl-as.h 2015-06-11 08:33:07.0 +0200 @@ -295,7 +295,7 @@ call write\n addl $12, %esp\n \n -pushl $2 /* WUNTRACED */\n +pushl $0 /* no flags */\n pushl $__afl_temp/* status*/\n pushl __afl_fork_pid /* PID */\n call waitpid\n @@ -574,7 +574,7 @@ movq $ STRINGIFY((FORKSRV_FD + 1)) , %rdi /* file desc */\n CALL_L64(write) \n -movq $2, %rdx /* WUNTRACED */\n +movq $0, %rdx /* no flags */\n leaq __afl_temp(%rip), %rsi /* status*/\n movq __afl_fork_pid(%rip), %rdi /* PID */\n CALL_L64(waitpid) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.80b/afl-cmin new/afl-1.83b/afl-cmin --- old/afl-1.80b/afl-cmin 2015-05-24 05:01:18.0 +0200 +++ new/afl-1.83b/afl-cmin 2015-06-14 16:33:53.0 +0200 @@ -337,8 +337,8 @@ echo [*] Sorting trace sets (this may take a while)... -ls $IN_DIR | sed s#^#$TRACE_DIR/# | xargs -d '\n' -n 1 cat | sort | \ - uniq -c | sort -n $TRACE_DIR/.all_uniq +ls $IN_DIR | sed s#^#$TRACE_DIR/# | tr '\n' '\0' | xargs -0 -n 1 cat | \ + sort | uniq -c | sort -n $TRACE_DIR/.all_uniq TUPLE_COUNT=$((`grep -c . $TRACE_DIR/.all_uniq`)) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.80b/afl-fuzz.c new/afl-1.83b/afl-fuzz.c --- old/afl-1.80b/afl-fuzz.c2015-05-24 04:15:53.0 +0200 +++ new/afl-1.83b/afl-fuzz.c2015-06-12 09:50:07.0 +0200 @@ -1957,7 +1957,7 @@ if (child_timed_out) FATAL(Timeout while initializing fork server (adjusting -t may help)); - if (waitpid(forksrv_pid, status, WUNTRACED) = 0) + if (waitpid(forksrv_pid, status, 0) = 0)
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2015-06-02 10:11:49 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is afl Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-05-19 00:21:21.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2015-06-02 10:11:50.0 +0200 @@ -1,0 +2,20 @@ +Tue May 26 10:59:53 UTC 2015 - astie...@suse.com + +- afl 1.80b: + - Made afl-cmin tolerant of whitespaces in filenames + - Added support for AFL_EXIT_WHEN_DONE + +--- +Mon May 25 07:43:23 UTC 2015 - astie...@suse.com + +- afl 1.79b: + - Added support for dictionary levels, see testcases/README.testcases. + - Reworked the SQL dictionary to use levels. + - Added a note about Preeny. + +--- +Tue May 19 07:26:27 UTC 2015 - astie...@suse.com + +- builds for i586 x86_64 only + +--- Old: afl-1.78b.tgz New: afl-1.80b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.b5lpOL/_old 2015-06-02 10:11:51.0 +0200 +++ /var/tmp/diff_new_pack.b5lpOL/_new 2015-06-02 10:11:51.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:1.78b +Version:1.80b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 @@ -28,6 +28,7 @@ Patch1: afl-1.58b-fix-paths.patch BuildRequires: gcc-c++ BuildRoot: %{_tmppath}/%{name}-%{version}-build +ExclusiveArch: i586 x86_64 %description American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary. This substantially improves the functional coverage for the fuzzed code. The compact synthesized corpora produced by the tool are also useful for seeding other, more labor- or resource-intensive testing regimes down the road. ++ afl-1.78b.tgz - afl-1.80b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.78b/Makefile new/afl-1.80b/Makefile --- old/afl-1.78b/Makefile 2015-05-17 22:42:05.0 +0200 +++ new/afl-1.80b/Makefile 2015-05-26 07:20:29.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 1.78b +VERSION = 1.80b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -104,8 +104,8 @@ .NOTPARALLEL: clean clean: - rm -f $(PROGS) as afl-g++ afl-clang afl-clang++ *.o *~ a.out core core.[1-9][0-9]* *.stackdump test .test test-instr .test-instr0 .test-instr1 qemu_mode/qemu-2.2.0.tar.bz2 afl-qemu-trace - rm -rf out_dir qemu_mode/qemu-2.2.0 + rm -f $(PROGS) as afl-g++ afl-clang afl-clang++ *.o *~ a.out core core.[1-9][0-9]* *.stackdump test .test test-instr .test-instr0 .test-instr1 qemu_mode/qemu-2.3.0.tar.bz2 afl-qemu-trace + rm -rf out_dir qemu_mode/qemu-2.3.0 $(MAKE) -C llvm_mode clean install: all diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.78b/afl-cmin new/afl-1.80b/afl-cmin --- old/afl-1.78b/afl-cmin 2015-04-08 07:35:08.0 +0200 +++ new/afl-1.80b/afl-cmin 2015-05-24 05:01:18.0 +0200 @@ -297,18 +297,18 @@ if [ $STDIN_FILE = ]; then -for fn in `ls $IN_DIR`; do +while read -r fn; do CUR=$((CUR+1)) printf \\rProcessing file $CUR/$IN_COUNT... $SHOWMAP -m $MEM_LIMIT -t $TIMEOUT -o $TRACE_DIR/$fn -Z $EXTRA_PAR -- $@ $IN_DIR/$fn -done +done (ls $IN_DIR) else -for fn in `ls $IN_DIR`; do +while read -r fn; do CUR=$((CUR+1)) printf \\rProcessing file $CUR/$IN_COUNT... @@ -317,7 +317,7 @@ $SHOWMAP -m $MEM_LIMIT -t $TIMEOUT -o $TRACE_DIR/$fn -Z $EXTRA_PAR -A $STDIN_FILE -- $@ /dev/null -done +done (ls $IN_DIR) fi @@ -337,7 +337,7 @@ echo [*] Sorting trace sets (this may take a while)... -ls $IN_DIR | sed s#^#$TRACE_DIR/# | xargs -n 1 cat | sort | \ +ls $IN_DIR | sed s#^#$TRACE_DIR/# | xargs -d '\n' -n 1 cat | sort | \ uniq -c | sort -n $TRACE_DIR/.all_uniq TUPLE_COUNT=$((`grep -c . $TRACE_DIR/.all_uniq`)) @@ -358,14 +358,14 @@ CUR=0 -for fn in `ls -rS $IN_DIR`; do +while read -r fn; do CUR=$((CUR+1)) printf \\rProcessing file $CUR/$IN_COUNT... sed s#\$# $fn# $TRACE_DIR/$fn $TRACE_DIR/.candidate_list -done +done (ls -rS
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2015-05-19 00:21:20 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is afl Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-05-10 10:47:22.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2015-05-19 00:21:21.0 +0200 @@ -1,0 +2,7 @@ +Mon May 18 17:12:36 UTC 2015 - astie...@suse.com + +- afl 1.78b: + - Added a dictionary for PDF + - Added several references to afl-cov + +--- Old: afl-1.77b.tgz New: afl-1.78b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.JVBcJc/_old 2015-05-19 00:21:22.0 +0200 +++ /var/tmp/diff_new_pack.JVBcJc/_new 2015-05-19 00:21:22.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:1.77b +Version:1.78b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-1.77b.tgz - afl-1.78b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.77b/Makefile new/afl-1.78b/Makefile --- old/afl-1.77b/Makefile 2015-05-06 02:38:01.0 +0200 +++ new/afl-1.78b/Makefile 2015-05-17 22:42:05.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 1.77b +VERSION = 1.78b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.77b/afl-fuzz.c new/afl-1.78b/afl-fuzz.c --- old/afl-1.77b/afl-fuzz.c2015-05-06 05:44:40.0 +0200 +++ new/afl-1.78b/afl-fuzz.c2015-05-17 22:34:04.0 +0200 @@ -6782,7 +6782,7 @@ until I get a box to test the code. So, for now, we check for crash reporting the awful way. */ - if (system(launchctl bslist 2/dev/null | grep -q '\\.ReportCrash$')) return; + if (system(launchctl list 2/dev/null | grep -q '\\.ReportCrash$')) return; SAYF(\n cLRD [-] cRST Whoops, your system is configured to forward crash notifications to an\n diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.77b/docs/ChangeLog new/afl-1.78b/docs/ChangeLog --- old/afl-1.77b/docs/ChangeLog2015-05-06 05:49:31.0 +0200 +++ new/afl-1.78b/docs/ChangeLog2015-05-17 22:44:25.0 +0200 @@ -17,6 +17,17 @@ to get on with the times. -- +Version 1.78b: +-- + + - Added a dictionary for PDF, contributed by Ben Nagy. + + - Added several references to afl-cov, a new tool by Michael Rash. + + - Fixed a problem with crash reporter detection on MacOS X, as reported by +Louis Dassy. + +-- Version 1.77b: -- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.77b/docs/README new/afl-1.78b/docs/README --- old/afl-1.77b/docs/README 2015-05-06 05:57:13.0 +0200 +++ new/afl-1.78b/docs/README 2015-05-17 22:35:00.0 +0200 @@ -387,6 +387,9 @@ need to make simple code changes to make them behave in a more traditional way. + - AFL doesn't output human-readable coverage data. If you want to monitor +coverage, use afl-cov from Michael Rash: https://github.com/mrash/afl-cov + Beyond this, see INSTALL for platform-specific tips. 13) Special thanks @@ -415,6 +418,7 @@ Sam Hakim Laszlo Szekeres David A. Wheeler Turo Lamminen Andreas Stieger Richard Godbee + Louis Dassy Thank you! diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.77b/docs/sister_projects.txt new/afl-1.78b/docs/sister_projects.txt --- old/afl-1.77b/docs/sister_projects.txt 2015-05-01 08:59:42.0 +0200 +++ new/afl-1.78b/docs/sister_projects.txt 2015-05-08 22:14:00.0 +0200 @@ -84,6 +84,13 @@ https://github.com/bnagy/crashwalk +afl-cov (Michael Rash) +-- + + Produces human-readable coverage data based on the output queue of afl-fuzz. + + https://github.com/mrash/afl-cov + Distfuzz-AFL (Martijn Bogaard) -- Files old/afl-1.77b/docs/vuln_samples/sqlite-bad-ptr3.sql and new/afl-1.78b/docs/vuln_samples/sqlite-bad-ptr3.sql differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.77b/testcases/README.testcases new/afl-1.78b/testcases/README.testcases --- old/afl-1.77b/testcases/README.testcases2015-05-06
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2015-05-10 10:47:20 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is afl Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-05-06 07:49:04.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2015-05-10 10:47:22.0 +0200 @@ -1,0 +2,9 @@ +Fri May 8 13:05:09 UTC 2015 - astie...@suse.com + +- afl 1.77b: + * additional fuzzing functionality + * reduce number of duplicates + * documentation updates + * qemu_mode with qemu 2.3.0 + +--- Old: afl-1.73b.tgz New: afl-1.77b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.tEIazT/_old 2015-05-10 10:47:22.0 +0200 +++ /var/tmp/diff_new_pack.tEIazT/_new 2015-05-10 10:47:22.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:1.73b +Version:1.77b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-1.73b.tgz - afl-1.77b.tgz ++ 5670 lines of diff (skipped)
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2015-05-06 07:48:59 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is afl Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-04-22 01:18:45.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2015-05-06 07:49:04.0 +0200 @@ -1,0 +2,10 @@ +Mon Apr 27 08:45:05 UTC 2015 - astie...@suse.com + +- afl 1.73b: + - Fixed a bug in effector maps that could sometimes cause more +fuzzing than necessary, or SEGV +- includes changes from 1.72b: + - Fixed a glitch in non-x86 install + - Added a minor safeguard to llvm_mode Makefile + +--- Old: afl-1.71b.tgz New: afl-1.73b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.4FczG3/_old 2015-05-06 07:49:05.0 +0200 +++ /var/tmp/diff_new_pack.4FczG3/_new 2015-05-06 07:49:05.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:1.71b +Version:1.73b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-1.71b.tgz - afl-1.73b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.71b/Makefile new/afl-1.73b/Makefile --- old/afl-1.71b/Makefile 2015-04-20 03:17:54.0 +0200 +++ new/afl-1.73b/Makefile 2015-04-27 08:17:22.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 1.71b +VERSION = 1.73b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -108,11 +108,7 @@ rm -rf out_dir qemu_mode/qemu-2.2.0 $(MAKE) -C llvm_mode clean -ifndef AFL_NOX86 install: all -else -install: nox86 -endif mkdir -p -m 755 $${DESTDIR}$(BIN_PATH) $${DESTDIR}$(HELPER_PATH) $${DESTDIR}$(DOC_PATH) $${DESTDIR}$(MISC_PATH) rm -f $${DESTDIR}$(BIN_PATH)/afl-plot.sh install -m 755 afl-gcc afl-fuzz afl-showmap afl-plot afl-tmin afl-cmin afl-gotcpu afl-whatsup $${DESTDIR}$(BIN_PATH) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.71b/afl-fuzz.c new/afl-1.73b/afl-fuzz.c --- old/afl-1.71b/afl-fuzz.c2015-04-20 03:39:02.0 +0200 +++ new/afl-1.73b/afl-fuzz.c2015-04-27 08:15:10.0 +0200 @@ -4646,7 +4646,7 @@ /* Let's consult the effector map... */ -if (!*(u16*)(eff_map + EFF_APOS(i))) { +if (!eff_map[EFF_APOS(i)] !eff_map[EFF_APOS(i + 1)]) { stage_max--; continue; } @@ -4682,7 +4682,8 @@ for (i = 0; i len - 3; i++) { /* Let's consult the effector map... */ -if (!*(u32*)(eff_map + EFF_APOS(i))) { +if (!eff_map[EFF_APOS(i)] !eff_map[EFF_APOS(i + 1)] +!eff_map[EFF_APOS(i + 2)] !eff_map[EFF_APOS(i + 3)]) { stage_max--; continue; } @@ -4804,7 +4805,7 @@ /* Let's consult the effector map... */ -if (!*(u16*)(eff_map + EFF_APOS(i))) { +if (!eff_map[EFF_APOS(i)] !eff_map[EFF_APOS(i + 1)]) { stage_max -= 4 * ARITH_MAX; continue; } @@ -4895,7 +4896,8 @@ /* Let's consult the effector map... */ -if (!*(u32*)(eff_map + EFF_APOS(i))) { +if (!eff_map[EFF_APOS(i)] !eff_map[EFF_APOS(i + 1)] +!eff_map[EFF_APOS(i + 2)] !eff_map[EFF_APOS(i + 3)]) { stage_max -= 4 * ARITH_MAX; continue; } @@ -5040,7 +5042,7 @@ /* Let's consult the effector map... */ -if (!*(u16*)(eff_map + EFF_APOS(i))) { +if (!eff_map[EFF_APOS(i)] !eff_map[EFF_APOS(i + 1)]) { stage_max -= sizeof(interesting_16); continue; } @@ -5113,7 +5115,8 @@ /* Let's consult the effector map... */ -if (!*(u32*)(eff_map + EFF_APOS(i))) { +if (!eff_map[EFF_APOS(i)] !eff_map[EFF_APOS(i + 1)] +!eff_map[EFF_APOS(i + 2)] !eff_map[EFF_APOS(i + 3)]) { stage_max -= sizeof(interesting_32) 1; continue; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.71b/docs/ChangeLog new/afl-1.73b/docs/ChangeLog --- old/afl-1.71b/docs/ChangeLog2015-04-20 03:39:59.0 +0200 +++ new/afl-1.73b/docs/ChangeLog2015-04-27 08:17:07.0 +0200 @@ -17,6 +17,24 @@ to get on with the times. -- +Version 1.73b: +-- + + - Fixed a pretty stupid bug in effector maps that could sometimes cause +AFL to fuzz slightly more than necessary; and in very rare circumstances, +could lead to SEGV if eff_map is aligned with page boundary and followed +by an unmapped page. Spotted by Jonathan Gray.
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2015-04-22 01:18:44 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is afl Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-04-16 14:14:15.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2015-04-22 01:18:45.0 +0200 @@ -1,0 +2,15 @@ +Mon Apr 20 17:20:09 UTC 2015 - astie...@suse.com + +- afl 1.71b: + - Fix bug with installed copies of AFL trying to use QEMU mode. + - Add last path / crash / hang times to fuzzer_stats +- with changes from 1.70b: + - Modify resumption code to reuse the original timeout value when +resuming a session if -t is not given. This prevents timeout +creep in continuous fuzzing. + - Add improved error messages for failed handshake when +AFL_DEFER_FORKSRV is set. + - slight improvement to llvm_mode/Makefile + - Refresh several bits of documentation. + +--- Old: afl-1.69b.tgz New: afl-1.71b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.paSwkp/_old 2015-04-22 01:18:46.0 +0200 +++ /var/tmp/diff_new_pack.paSwkp/_new 2015-04-22 01:18:46.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:1.69b +Version:1.71b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-1.69b.tgz - afl-1.71b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.69b/Makefile new/afl-1.71b/Makefile --- old/afl-1.69b/Makefile 2015-04-16 08:11:39.0 +0200 +++ new/afl-1.71b/Makefile 2015-04-20 03:17:54.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 1.69b +VERSION = 1.71b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -98,6 +98,7 @@ all_done: test_build @echo [+] All done! Be sure to review README - it's pretty short and useful. + @if [ `uname` = Darwin ]; then printf \nWARNING: Fuzzing on MacOS X is slow because of the unusually high overhead of\nfork() on this OS. Consider using Linux or *BSD. You can also use VirtualBox\n(virtualbox.org) to put AFL inside a Linux or *BSD VM.\n\n; fi @! tty 1 /dev/null || printf \033[0;30mNOTE: If you can read this, your terminal probably uses white background.\nThis will make the UI hard to read. See docs/status_screen.txt for advice.\033[0m\n 2/dev/null .NOTPARALLEL: clean @@ -127,7 +128,7 @@ test `basename $$PWD` = afl || exit 1 test -f ~/www/afl/releases/$(PROGNAME)-$(VERSION).tgz; if [ $$? = 0 ]; then echo; echo Change program version in Makefile, mmkay?; echo; exit 1; fi cd ..; rm -rf $(PROGNAME)-$(VERSION); cp -pr $(PROGNAME) $(PROGNAME)-$(VERSION); \ - tar -cvz -f ~/www/afl/releases/$(PROGNAME)-$(VERSION).tgz $(PROGNAME)-$(VERSION) + tar -cvz --exclude openssl-null-ptr2.der -f ~/www/afl/releases/$(PROGNAME)-$(VERSION).tgz $(PROGNAME)-$(VERSION) chmod 644 ~/www/afl/releases/$(PROGNAME)-$(VERSION).tgz ( cd ~/www/afl/releases/; ln -s -f $(PROGNAME)-$(VERSION).tgz $(PROGNAME)-latest.tgz ) cat docs/README ~/www/afl/README.txt diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.69b/afl-fuzz.c new/afl-1.71b/afl-fuzz.c --- old/afl-1.69b/afl-fuzz.c2015-04-15 07:38:00.0 +0200 +++ new/afl-1.71b/afl-fuzz.c2015-04-20 03:39:02.0 +0200 @@ -1892,8 +1892,9 @@ SAYF(\n cLRD [-] cRST Hmm, looks like the target binary terminated before we could complete a\n - handshake with the injected code. There are two probable explanations:\n\n + handshake with the injected code. There are %s probable explanations:\n\n + %s - The current memory limit (%s) is too restrictive, causing an OOM\n fault in the dynamic linker. This can be fixed with the -m option. A\n simple way to confirm the diagnosis may be:\n\n @@ -1909,6 +1910,10 @@ - Less likely, there is a horrible bug in the fuzzer. If other options\n fail, poke lcam...@coredump.cx for troubleshooting tips.\n, + getenv(AFL_DEFER_FORKSRV) ? three : two, + getenv(AFL_DEFER_FORKSRV) ? + - You are using AFL_DEFER_FORKSRV, but __afl_manual_init() is never\n + reached before the program terminates.\n\n : , DMS(mem_limit 20), mem_limit - 1); } @@ -2371,7 +2376,7 @@ instructs afl-fuzz to
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2015-04-16 14:14:14 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is afl Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-04-12 00:11:15.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2015-04-16 14:14:15.0 +0200 @@ -1,0 +2,42 @@ +Thu Apr 16 07:19:18 UTC 2015 - astie...@suse.com + +- afl 1.69b: + - Added support for deferred initialization in LLVM mode. +- afl 1.68b: + - Fixed a minor PRNG glitch that would make the first seconds of +a fuzzing job deterministic. + - Made tmp[] static in the LLVM runtime to keep Valgrind happy + - Clarified the footnote in README. + +--- +Mon Apr 13 19:58:55 UTC 2015 - astie...@suse.com + +- afl 1.67b: + - One more correction to llvm_mode Makefile +- afl 1.66b: + - Added CC / CXX support to llvm_mode Makefile + - Fixed 'make clean' with gmake + - Fixed 'make -j n clean all' + - Removed build date and time from banners to give people deterministic +builds + - drop afl-1.46b-nodate.patch, thus obsoleted + +--- +Mon Apr 13 15:11:11 UTC 2015 - astie...@suse.com + +- afl 1.65b: + - Fixed a snafu with some leftover code in afl-clang-fast. + - Corrected even moar typos. + +--- +Sun Apr 12 09:41:38 UTC 2015 - astie...@suse.com + +- afl 1.64b: + - improve compatibility with non-ELF platforms. + - Fixed a problem with afl-clang-fast and -shared libraries. + - Removed unnecessary instrumentation density adjustment for LLVM +- includes changes from 1.63b: + - Updated cgroups_asan/ + - Fixed typos + +--- Old: afl-1.46b-nodate.patch afl-1.62b.tgz New: afl-1.69b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.vN4Arh/_old 2015-04-16 14:14:15.0 +0200 +++ /var/tmp/diff_new_pack.vN4Arh/_new 2015-04-16 14:14:15.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:1.62b +Version:1.69b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 @@ -25,7 +25,6 @@ Url:http://lcamtuf.coredump.cx/afl/ Source: http://lcamtuf.coredump.cx/afl/releases/%{name}-%{version}.tgz Source1:afl-rpmlintrc -Patch0: afl-1.46b-nodate.patch Patch1: afl-1.58b-fix-paths.patch BuildRequires: gcc-c++ BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -37,7 +36,6 @@ %prep %setup -q -%patch0 -p1 %patch1 -p1 %build ++ afl-1.62b.tgz - afl-1.69b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.62b/Makefile new/afl-1.69b/Makefile --- old/afl-1.62b/Makefile 2015-04-10 03:40:25.0 +0200 +++ new/afl-1.69b/Makefile 2015-04-16 08:11:39.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 1.62b +VERSION = 1.69b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -100,10 +100,12 @@ @echo [+] All done! Be sure to review README - it's pretty short and useful. @! tty 1 /dev/null || printf \033[0;30mNOTE: If you can read this, your terminal probably uses white background.\nThis will make the UI hard to read. See docs/status_screen.txt for advice.\033[0m\n 2/dev/null +.NOTPARALLEL: clean + clean: rm -f $(PROGS) as afl-g++ afl-clang afl-clang++ *.o *~ a.out core core.[1-9][0-9]* *.stackdump test .test test-instr .test-instr0 .test-instr1 qemu_mode/qemu-2.2.0.tar.bz2 afl-qemu-trace rm -rf out_dir qemu_mode/qemu-2.2.0 - cd llvm_mode make clean + $(MAKE) -C llvm_mode clean ifndef AFL_NOX86 install: all diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.62b/afl-as.c new/afl-1.69b/afl-as.c --- old/afl-1.62b/afl-as.c 2015-03-18 08:18:47.0 +0100 +++ new/afl-1.69b/afl-as.c 2015-04-13 20:14:13.0 +0200 @@ -471,8 +471,7 @@ if (isatty(2) !getenv(AFL_QUIET)) { -SAYF(cCYA afl-as cBRI VERSION cRST ( __DATE__ __TIME__ - ) by lcam...@google.com\n); +SAYF(cCYA afl-as cBRI VERSION cRST by lcam...@google.com\n); } else be_quiet = 1; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.62b/afl-fuzz.c new/afl-1.69b/afl-fuzz.c --- old/afl-1.62b/afl-fuzz.c2015-04-10 04:06:54.0 +0200 +++
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2015-04-12 00:11:13 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is afl Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-04-10 10:20:35.0 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2015-04-12 00:11:15.0 +0200 @@ -1,0 +2,13 @@ +Sat Apr 11 07:15:12 UTC 2015 - astie...@suse.com + +- afl 1.62b: + - Improved the handling of -x in afl-clang-fast, + - Improved the handling of low AFL_INST_RATIO settings for QEMU and +LLVM modes. + - Fixed the llvm-config bug for good +- includes changes from 1.61b: + - Fixed an obscure bug compiling OpenSSL with afl-clang-fast. + - Fixed a 'make install' bug on non-x86 systems + - Fixed a problem with half-broken llvm-config + +--- Old: afl-1.60b.tgz New: afl-1.62b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.tC00hk/_old 2015-04-12 00:11:16.0 +0200 +++ /var/tmp/diff_new_pack.tC00hk/_new 2015-04-12 00:11:16.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:1.60b +Version:1.62b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 ++ afl-1.60b.tgz - afl-1.62b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.60b/Makefile new/afl-1.62b/Makefile --- old/afl-1.60b/Makefile 2015-04-09 07:10:07.0 +0200 +++ new/afl-1.62b/Makefile 2015-04-10 03:40:25.0 +0200 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 1.60b +VERSION = 1.62b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin @@ -105,7 +105,11 @@ rm -rf out_dir qemu_mode/qemu-2.2.0 cd llvm_mode make clean +ifndef AFL_NOX86 install: all +else +install: nox86 +endif mkdir -p -m 755 $${DESTDIR}$(BIN_PATH) $${DESTDIR}$(HELPER_PATH) $${DESTDIR}$(DOC_PATH) $${DESTDIR}$(MISC_PATH) rm -f $${DESTDIR}$(BIN_PATH)/afl-plot.sh install -m 755 afl-gcc afl-fuzz afl-showmap afl-plot afl-tmin afl-cmin afl-gotcpu afl-whatsup $${DESTDIR}$(BIN_PATH) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.60b/docs/ChangeLog new/afl-1.62b/docs/ChangeLog --- old/afl-1.60b/docs/ChangeLog2015-04-09 04:17:56.0 +0200 +++ new/afl-1.62b/docs/ChangeLog2015-04-10 16:15:53.0 +0200 @@ -17,6 +17,30 @@ to get on with the times. -- +Version 1.62b: +-- + + - Improved the handling of -x in afl-clang-fast, + + - Improved the handling of low AFL_INST_RATIO settings for QEMU and +LLVM modes. + + - Fixed the llvm-config bug for good (thanks to Tobias Ospelt). + +-- +Version 1.61b: +-- + + - Fixed an obscure bug compiling OpenSSL with afl-clang-fast. Patch by +Laszlo Szekeres. + + - Fixed a 'make install' bug on non-x86 systems, thanks to Tobias Ospelt. + + - Fixed a problem with half-broken llvm-config on Odroid, thanks to +Tobias Ospelt. (There is another odd bug there that hasn't been fully +fixed - TBD). + +-- Version 1.60b: -- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.60b/docs/env_variables.txt new/afl-1.62b/docs/env_variables.txt --- old/afl-1.60b/docs/env_variables.txt2015-04-09 06:43:28.0 +0200 +++ new/afl-1.62b/docs/env_variables.txt2015-04-10 05:54:12.0 +0200 @@ -139,7 +139,7 @@ Note that AFL_INST_RATIO will behave a bit differently than for afl-gcc, because functions are *not* instrumented unconditionally - so low values -will have a more striking effect. +will have a more striking effect. For this tool, 0 is not a valid choice. 5) Settings for afl-cmin diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.60b/docs/vuln_samples/sqlite-stack-exhaustion.sql new/afl-1.62b/docs/vuln_samples/sqlite-stack-exhaustion.sql --- old/afl-1.60b/docs/vuln_samples/sqlite-stack-exhaustion.sql 1970-01-01 01:00:00.0 +0100 +++ new/afl-1.62b/docs/vuln_samples/sqlite-stack-exhaustion.sql 2015-04-10 06:04:15.0 +0200 @@ -0,0 +1 @@ +CREATE VIRTUAL TABLE t0 USING fts4(content=t0); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.60b/llvm_mode/Makefile new/afl-1.62b/llvm_mode/Makefile --- old/afl-1.60b/llvm_mode/Makefile2015-04-09 07:11:31.0
commit afl for openSUSE:Factory
Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2015-03-30 19:33:16 Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) Package is afl Changes: --- /work/SRC/openSUSE:Factory/afl/afl.changes 2015-03-25 21:32:49.0 +0100 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2015-03-30 19:33:18.0 +0200 @@ -1,0 +2,15 @@ +Fri Mar 27 20:26:35 UTC 2015 - astie...@suse.com + +- fix SLE 11 SP3 build, add afl-1.58b-fix-paths.patch + +--- +Fri Mar 27 14:40:09 UTC 2015 - astie...@suse.com + +- afl 1.58b: + * Added a workaround for abort() behavior in -lpthread programs in +QEMU mode. + * Made several documentation updates, including links to the +static instrumentation tool (sister_projects.txt). +- use libexecdir + +--- Old: afl-1.57b.tgz New: afl-1.58b-fix-paths.patch afl-1.58b.tgz Other differences: -- ++ afl.spec ++ --- /var/tmp/diff_new_pack.VS4I7U/_old 2015-03-30 19:33:18.0 +0200 +++ /var/tmp/diff_new_pack.VS4I7U/_new 2015-03-30 19:33:18.0 +0200 @@ -17,7 +17,7 @@ Name: afl -Version:1.57b +Version:1.58b Release:0 Summary:American fuzzy lop is a security-oriented fuzzer License:Apache-2.0 @@ -26,6 +26,7 @@ Source: http://lcamtuf.coredump.cx/afl/releases/%{name}-%{version}.tgz Source1: afl-rpmlintrc Patch0: afl-1.46b-nodate.patch +Patch1: afl-1.58b-fix-paths.patch BuildRequires: gcc-c++ BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -37,24 +38,24 @@ %prep %setup -q %patch0 -p1 +%patch1 -p1 %build export CFLAGS=$CFLAGS %{optflags} -make %{?_smp_mflags} +make PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} %{?_smp_mflags} %install -export PREFIX=%{_prefix} -make DESTDIR=%{buildroot} install %{?_smp_mflags} -rm -rf %{buildroot}%{_datadir}/doc/%{name} +make PREFIX=%{_prefix} LIBEXEC_DIR=%{_libexecdir} DOC_DIR=%{_docdir} DESTDIR=%{buildroot} install %{?_smp_mflags} %files %defattr(-,root,root) +%doc docs/COPYING %{_bindir}/%{name}-* -%dir /usr/lib/%{name} -/usr/lib/%{name}/%{name}-as -/usr/lib/%{name}/as +%dir %{_libexecdir}/%{name} +%{_libexecdir}/%{name}/%{name}-as +%{_libexecdir}/%{name}/as %dir %{_datadir}/%{name} %dir %{_datadir}/%{name}/testcases %{_datadir}/%{name}/testcases/* -%doc docs/COPYING docs/README docs/ChangeLog docs/*.txt docs/visualization docs/vuln_samples +%changelog ++ afl-1.58b-fix-paths.patch ++ --- Makefile |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Index: afl-1.58b/Makefile === --- afl-1.58b.orig/Makefile 2015-03-27 07:47:58.0 +0100 +++ afl-1.58b/Makefile 2015-03-27 21:14:10.0 +0100 @@ -18,8 +18,8 @@ VERSION = 1.58b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin -HELPER_PATH = $(PREFIX)/lib/afl -DOC_PATH= $(PREFIX)/share/doc/afl +HELPER_PATH = $(LIBEXEC_DIR)/afl +DOC_PATH= $(DOC_DIR)/afl MISC_PATH = $(PREFIX)/share/afl PROGS = afl-gcc afl-as afl-fuzz afl-showmap afl-tmin afl-gotcpu ++ afl-1.57b.tgz - afl-1.58b.tgz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.57b/Makefile new/afl-1.58b/Makefile --- old/afl-1.57b/Makefile 2015-03-18 08:24:38.0 +0100 +++ new/afl-1.58b/Makefile 2015-03-27 07:47:58.0 +0100 @@ -14,7 +14,7 @@ # PROGNAME= afl -VERSION = 1.57b +VERSION = 1.58b PREFIX ?= /usr/local BIN_PATH= $(PREFIX)/bin diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.57b/docs/ChangeLog new/afl-1.58b/docs/ChangeLog --- old/afl-1.57b/docs/ChangeLog2015-03-18 08:28:39.0 +0100 +++ new/afl-1.58b/docs/ChangeLog2015-03-27 07:48:35.0 +0100 @@ -17,6 +17,16 @@ to get on with the times. -- +Version 1.58b: +-- + + - Added a workaround for abort() behavior in -lpthread programs in QEMU mode. +Spotted by Aidan Thornton. + + - Made several documentation updates, including links to the static +instrumentation tool (sister_projects.txt). + +-- Version 1.57b: -- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-1.57b/docs/README new/afl-1.58b/docs/README --- old/afl-1.57b/docs/README 2015-03-18 08:25:01.0 +0100 +++ new/afl-1.58b/docs/README 2015-03-27