./devel/afl, American Fuzzy Lop, a fuzzing tool for finding bugs by random input

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.41b, Package name: afl-2.41b, Maintainer: pkgsrc-users

American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly
simple but rock-solid instrumentation-guided genetic algorithm. It
uses an enhanced form of edge coverage to easily detect subtle,
local-scale changes to program control flow, without being bogged
down by complex comparisons between multiple long-winded execution
paths.


Required to run:
[shells/bash]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 42ac68c3ab655f5a5ba37bb894e795ecb440d52e
RMD160: 170b4c304f698d6461fb9572962f8b58fc6649bd
Filesize: 812.649 KB

Version history: (Expand)


CVS history: (Expand)


   2017-04-19 14:15:33 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated afl to 2.41b.

--------------
Version 2.41b:
--------------

  - Addressed a major user complaint related to timeout detection. Timing out
    inputs are now binned as "hangs" only if they exceed a far more \ 
generous
    time limit than the one used to reject slow paths.

--------------
Version 2.40b:
--------------

  - Fixed a minor oversight in the insertion strategy for dictionary words.
    Spotted by Andrzej Jackowski.

  - Made a small improvement to the havoc block insertion strategy.

  - Adjusted color rules for "is it done yet?" indicators.
   2017-02-07 13:18:54 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated afl to 2.39b.

--------------
Version 2.39b:
--------------

  - Improved error reporting in afl-cmin. Suggested by floyd.

  - Made a minor tweak to trace-pc-guard support. Suggested by kcc.

  - Added a mention of afl-monitor.

--------------
Version 2.38b:
--------------

  - Added -mllvm -sanitizer-coverage-block-threshold=0 to trace-pc-guard
    mode, as suggested by Kostya Serebryany.

--------------
Version 2.37b:
--------------

  - Fixed a typo. Spotted by Jakub Wilk.

  - Fixed support for make install when using trace-pc. Spotted by
    Kurt Roeckx.

  - Switched trace-pc to trace-pc-guard, which should be considerably
    faster and is less quirky. Kudos to Konstantin Serebryany (and sorry
    for dragging my feet).

    Note that for some reason, this mode doesn't perform as well as
    "vanilla" afl-clang-fast / afl-clang.
   2017-01-16 10:17:19 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated afl to 2.36b.

--------------
Version 2.36b:
--------------

  - Fixed a cosmetic bad free() bug when aborting -S sessions. Spotted
    by Johannes S.

  - Made a small change to afl-whatsup to sort fuzzers by name.

  - Fixed a minor issue with malloc(0) in libdislocator. Spotted by
    Rene Freingruber.

  - Changed the clobber pattern in libdislocator to a slightly more
    reliable one. Suggested by Rene Freingruber.

  - Added a note about THP performance. Suggested by Sergey Davidoff.

  - Added a somewhat unofficial support for running afl-tmin with a
    baseline "mask" that causes it to minimize only for edges that
    are unique to the input file, but not to the "boring" baseline.
    Suggested by Sami Liedes.

  - "Fixed" a getPassName() problem with never versions of clang.
    Reported by Craig Young and several other folks.

  Yep, I know I have a backlog on several other feature requests.
  Stay tuned!
   2016-09-30 14:39:07 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated afl to 2.35b.

--------------
Version 2.35b:
--------------

  - Fixed a minor cmdline reporting glitch, spotted by Leo Barnes.

  - Fixed a silly bug in libdislocator. Spotted by Johannes Schultz.
   2016-09-17 05:14:08 by Makoto Fujiwara | Files touched by this commit (2) | Package updated
Log message:
Updated devel/afl to 2.34b (from: docs/ChangeLog)
-------------------------------------------------
Version 2.34b:
--------------
  - Added a note about afl-tmin to technical_details.txt.
  - Added support for AFL_NO_UI, as suggested by Leo Barnes.
   2016-08-31 08:39:09 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated afl to 2.33b.

--------------
Version 2.33b:
--------------

  - Added code to strip -Wl,-z,defs and -Wl,--no-undefined for afl-clang-fast,
    since they interfere with -shared. Spotted and diagnosed by Toby Hutton.

  - Added some fuzzing tips for Android.
   2016-08-22 15:31:31 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated afl to 2.32b.

--------------
Version 2.32b:
--------------

  - Added a check for AFL_HARDEN combined with AFL_USE_*SAN. Suggested by
    Hanno Boeck.

  - Made several other cosmetic adjustments to cycle timing in the wake of the
    big tweak made in 2.31b.
   2016-08-19 13:39:10 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
pdated afl to 2.31b.

--------------
Version 2.31b:
--------------

  - Changed havoc cycle counts for a marked performance boost, especially
    with -S / -d. See the discussion of FidgetyAFL in:

    https://groups.google.com/forum/#!topic … OPeb62FZUg

    While this does not implement the approach proposed by the authors of
    the CCS paper, the solution is a result of digging into that research;
    more improvements may follow as I do more experiments and get more
    definitive data.

--------------
Version 2.30b:
--------------

  - Made minor improvements to persistent mode to avoid the remote
    possibility of "no instrumentation detected" issues with very low
    instrumentation densities.

  - Fixed a minor glitch with a leftover process in persistent mode.
    Reported by Jakub Wilk and Daniel Stender.

  - Made persistent mode bitmaps a bit more consistent and adjusted the way
    this is shown in the UI, especially in persistent mode.

--------------
Version 2.29b:
--------------

  - Made a minor #include fix to llvm_mode. Suggested by Jonathan Metzman.

  - Made cosmetic updates to the docs.

--------------
Version 2.28b:
--------------

  - Added "life pro tips" to docs/.

  - Moved testcases/_extras/ to dictionaries/ for visibility.

  - Made minor improvements to install scripts.

  - Added an important safety tip.

--------------
Version 2.27b:
--------------

  - Added libtokencap, a simple feature to intercept strcmp / memcmp and
    generate dictionary entries that can help extend coverage.

  - Moved libdislocator to its own dir, added README.

  - The demo in experimental/instrumented_cmp is no more.

--------------
Version 2.26b:
--------------

  - Made a fix for libdislocator.so to compile on MacOS X.

  - Added support for DYLD_INSERT_LIBRARIES.

  - Renamed AFL_LD_PRELOAD to AFL_PRELOAD.

--------------
Version 2.25b:
--------------

  - Made some cosmetic updates to libdislocator.so, renamed one env
    variable.

--------------
Version 2.24b:
--------------

  - Added libdislocator.so, an experimental, abusive allocator. Try
    it out with AFL_LD_PRELOAD=/path/to/libdislocator.so when running
    afl-fuzz.