./devel/honggfuzz, Security oriented fuzzer based on code coverage

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.3.1, Package name: honggfuzz-2.3.1, Maintainer: kamil

A security oriented, feedback-driven, evolutionary, easy-to-use fuzzer
with interesting analysis options.


Required to run:
[shells/bash] [devel/capstone] [lang/libBlocksRuntime]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: a1cc55ab7120d442a8d859782751915c38ab9056
RMD160: 22ff9d18e07ba95fd9039b43f407a382256e12e4
Filesize: 63693.184 KB

Version history: (Expand)


CVS history: (Expand)


   2020-07-22 23:54:26 by Kamil Rytarowski | Files touched by this commit (1)
Log message:
honggfuzz: Drop patch
   2020-07-22 23:53:59 by Kamil Rytarowski | Files touched by this commit (2)
Log message:
honggfuzz: Upgrade to 2.3.1

Version 2.3.1

    Fixed 'make install' with #356
   2020-07-22 22:45:13 by Kamil Rytarowski | Files touched by this commit (1)
Log message:
honggfuzz: Include patch
   2020-07-22 22:43:22 by Kamil Rytarowski | Files touched by this commit (3) | Package updated
Log message:
honggfuzz: upgrade to 2.3

Take maintainership.

Upstream changelog:

2020-07-22 - Version 2.3
        - honggfuzz.h - split run_t into substructs
        - clang-format options in .clang-format
        - added missing mutex initializers
        - removed unncessary comparisons to 'true' and 'false'
        - improved NetBSD compatibility
        - removed unnecessary memory fences (speed ups)
        - faster searching through the binary for const 4/8-byte values
        - removed unnecessary includes with iwyu
        - libhfnetdriver - general improvements around local socket fuzzing and \ 
timeouts

2020-04-24 - Version 2.2
        - Added 8bitcnt instrumentation - use hfuzz-cc/hfuzz-8bitcnt-(gcc|clang) \ 
for that
        - PC-guard instrumentation now uses edge counting
        - --experimental_const_feedback is now set to true by default
        - additional string instrumentation wrappers: glib, lcms
        - additional mutators: splicing, changing ascii numbers
        - additional integer comparison instrumentation (adding integers to the \ 
dynamic dictionary)
        - fixed linking with ld.lld
        - removed `sanitizer-coverage-prune-blocks` from hfuzz-cc.c
        - most mutators have now either overwrite or insert versions
        - fixed memory barriers in libhfuzz/
        - implemented skip_factor which dictates how often a given input is fuzzed
        - lowered the default timeout to 1 second
        - honggfuzz now uses microseconds, instead of milliseconds across the code
        - added some new functions to libhfcommon/files
        - enabled more aggressive inlining in hfuzz-cc/
        - fixed compilation dependency under MacOS X

2020-03-03 - Version 2.1
        - string/int comparison enabled for targets built with *SAN, but w/o hfuzz-cc
        - Parallel work made faster by using faster ATOMIC constructs (check \ 
first, then update)
        - Implement --experimental_const_feedback - const string/integer \ 
feedback (used as an additional dictionary)
        - Sanitizer report files are "better"-deleted (i.e. based on \ 
PID and not TID)
        - New patches for fuzzing added (e.g. for bind-9.16.0/9.15.7)
        - Buffered output enabled in display.c
        - Some functions moved from per-arch arch.c to common subproc.c
        - Compilation under MacOS X 10.15 (Catalina) is now supported
        - Added suport for bfd/binutils-2.33

2019-12-07 - Version 2.0
        - Coverage-based corpus minimizer with '-M'
        - QEmu mode: coverage feedback for Linux binaries
        - *SAN sanitizer stack-parsing improved for Linux and for POSIX
        - Move signal functionality to libhfcommon/
        - Fixed Android builds with newer unwind and capstone
        - NetDriver: more functionality - e.g. specifying custom addresses and \ 
custom tmpfs mount points
        - Examples: for /usr/bin/file, newer ISC Bind patch, improved OpenSSL code

2019-05-22 - Version 1.9
        - Don't include netdriver if not needed
        - Updated examples (bind/openssl)
        - Add missing TEMP_FAILURE_RETRY() wrappers
        - Add additional _HF_STATE_DYNAMIC_SWITCH_TO_MAIN state

2019-02-23 - Version 1.8
        - Native support for NetBSD
        - Multiple smaller changes wrt threading - e.g. introducing the signal thread
        - Removed the support for -p (pid fuzzing), honggfuzz net driver, or \ 
persistent fuzzing mode should be used instead
        - Reimplementation of memory comparison routines, now verified with \ 
glibc's test-suite
        - Improved hfuzz-cc/clang/gcc - e.g. for the MacOSX platform, also using \ 
-fno-sanitize=fuzzer if -fsanitize=fuzzer is specified, + some samba code \ 
wrappers
        - Examples: new corpora for some of those, new patch for ISC Bind (9.13.5)
   2018-08-24 00:08:07 by Kamil Rytarowski | Files touched by this commit (4)
Log message:
devel/honggfuzz: import honggfuzz-1.7

A security oriented, feedback-driven, evolutionary, easy-to-use fuzzer
with interesting analysis options.