Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update from stable #2

Open
wants to merge 454 commits into
base: dev-afl-only
Choose a base branch
from
Open
Changes from 22 commits
Commits
Show all changes
454 commits
Select commit Hold shift + click to select a range
748d417
afl-whatsup output fix
vanhauser-thc Sep 13, 2023
dee7699
Merge pull request #1863 from AFLplusplus/dev
vanhauser-thc Sep 13, 2023
0b6e74e
Add support for UTF-8 line rendering
ThomasTNO Sep 13, 2023
54f0148
UTF-8 line rendering for status screen as default
ThomasTNO Sep 19, 2023
6dc054b
Add usage compilation status print for NO_UTF
ThomasTNO Sep 19, 2023
abbdf1c
Use proper ifdef, remove else in line with other compile options
ThomasTNO Sep 19, 2023
5eb4c6e
Use shorter fuzzer name in stat header when user's banner is too big
nataraj-hates-MS-for-stealing-github Sep 19, 2023
a6b7da8
Remove Android specifics
ThomasTNO Sep 20, 2023
762fe0a
forgot removal of compiler flag
ThomasTNO Sep 20, 2023
14bca44
Merge pull request #1864 from ThomasTNO/utf8_support
vanhauser-thc Sep 20, 2023
c762b6a
fix afl-persistent-config for Debian
vanhauser-thc Sep 22, 2023
bd90283
update todo
vanhauser-thc Sep 22, 2023
5f7c3a1
fix afl-cc help output
vanhauser-thc Sep 27, 2023
1c582b6
Merge pull request #1874 from AFLplusplus/dev
vanhauser-thc Sep 27, 2023
fd76d6a
fix exploit mode on startup
vanhauser-thc Sep 28, 2023
d6b6278
Fixed script for pwndbg (#1876)
h0rac Sep 29, 2023
6b73dee
add afl-addseeds tool
vanhauser-thc Sep 30, 2023
efae28f
typo
tokatoka Oct 1, 2023
05bea40
update nyx-qemu
vanhauser-thc Oct 2, 2023
f3ec554
Merge pull request #1868 from nataraj-hates-MS-for-stealing-github/st…
vanhauser-thc Oct 2, 2023
49a1d81
benchmark: cleanup, add results, add a data exploration notebook
cjb Oct 2, 2023
b9db6b1
benchmark: add a README, lower default runs from 5 to 3
cjb Oct 2, 2023
3bfd194
benchmark: notebook wording tweaks
cjb Oct 2, 2023
9a9dbaf
remove old credits
vanhauser-thc Oct 2, 2023
bec74ae
Merge branch 'dev' of ssh://github.com/AFLplusplus/AFLplusplus into dev
vanhauser-thc Oct 2, 2023
d946265
urandom
tokatoka Oct 2, 2023
1f7f1ef
fix addseeds test
vanhauser-thc Oct 2, 2023
63100d2
Merge pull request #1879 from AFLplusplus/urandom
vanhauser-thc Oct 3, 2023
d09950f
Merge pull request #1880 from AFLplusplus/dev
vanhauser-thc Oct 3, 2023
d97c7e4
nits
vanhauser-thc Oct 3, 2023
8eaa590
Use sync_id instead of use_banner while building statsd metric messages
m4drat Oct 3, 2023
17bfb3a
Merge pull request #1882 from m4drat/statsd-banner-fix
vanhauser-thc Oct 3, 2023
c622e4c
Make fuzzer_stats update atomic
eqv Oct 4, 2023
a380615
Merge pull request #1883 from eqv/atomic_stats
vanhauser-thc Oct 4, 2023
48bff70
add AFL_NO_CFG_FUZZING to env list
vanhauser-thc Oct 6, 2023
af18f2c
update todos
vanhauser-thc Oct 8, 2023
9db9cc8
EarlyEPCallback for llvm16
tokatoka Oct 14, 2023
943fa7e
bracket
tokatoka Oct 14, 2023
c885a89
Merge pull request #1889 from AFLplusplus/early_llvm
vanhauser-thc Oct 14, 2023
92ac2c2
typo
tokatoka Oct 16, 2023
51f6229
Merge pull request #1890 from AFLplusplus/typos
vanhauser-thc Oct 16, 2023
bfb841d
Use proper AFL_NYX_AUX_SIZE for nyx_aux_string
choller Oct 19, 2023
b50b2e8
Merge pull request #1894 from choller/dev
vanhauser-thc Oct 21, 2023
389c88c
update unicorn
vanhauser-thc Oct 21, 2023
eaa6a17
Merge branch 'dev' of ssh://github.com/AFLplusplus/AFLplusplus into dev
vanhauser-thc Oct 21, 2023
85c5b52
Merge pull request #1896 from AFLplusplus/dev
vanhauser-thc Oct 23, 2023
4cdf7a1
add scale encode mode for cmplog
vanhauser-thc Oct 23, 2023
cf458a7
Add an env to afl-clang-fast to disable setting rpath if LLVM path isn't
jschwartzentruber Oct 19, 2023
d520138
Merge pull request #1893 from jschwartzentruber/add-no-rpath-flag
vanhauser-thc Oct 24, 2023
728401e
dict2file to silently return if AFL_LLVM_DICT2FILE not defined
vanhauser-thc Oct 24, 2023
b8e5506
Merge branch 'dev' of ssh://github.com/AFLplusplus/AFLplusplus into dev
vanhauser-thc Oct 24, 2023
f7fab79
code format
vanhauser-thc Oct 24, 2023
b22eef4
fix
vanhauser-thc Oct 24, 2023
7210a1c
fix scale
vanhauser-thc Oct 25, 2023
7eafe22
add to gitignore
vanhauser-thc Oct 25, 2023
e241280
Merge pull request #1899 from AFLplusplus/scale
vanhauser-thc Oct 25, 2023
2230f88
add --help/--version/...
vanhauser-thc Nov 3, 2023
7e67dc9
Merge branch 'dev' of ssh://github.com/AFLplusplus/AFLplusplus into dev
vanhauser-thc Nov 3, 2023
8338844
copy 'detect_leaks=0' from ASAN to LSAN
hexcoder- Nov 4, 2023
6ed3f4c
fix of fix: make sure ASAN_OPTIONS and LSAN_OPTIONS agree on leak det…
hexcoder- Nov 4, 2023
053334f
fix lsan fix
vanhauser-thc Nov 6, 2023
f3d2127
clang-format 16->17
vanhauser-thc Nov 6, 2023
8ad36af
Add missing initialisation for havoc_queued during the custom mutator…
m-carrasco Nov 6, 2023
ac0ad56
fix dictionary and cmin
vanhauser-thc Nov 7, 2023
f7d1939
Merge pull request #1902 from m-carrasco/dev-cm-init-fix
vanhauser-thc Nov 7, 2023
cfbf120
Use direct call to write to OpenBSD
jasperla Nov 9, 2023
6f8696c
Fix possible doc inconsistency for custom mutator's queue_get function.
m-carrasco Nov 9, 2023
a6efdfd
Merge pull request #1905 from m-carrasco/fix-queue-get-docs
vanhauser-thc Nov 9, 2023
61e27c6
Merge pull request #1906 from AFLplusplus/dev
vanhauser-thc Nov 9, 2023
3fd2e16
update todos
vanhauser-thc Nov 9, 2023
16993bb
benchmark: Add support for COMPARISON file
cjb Nov 11, 2023
8c1f25b
Merge pull request #1904 from jasperla/nosyscall
vanhauser-thc Nov 11, 2023
8b79d9b
benchmark: show the number of cores used in COMPARISON
cjb Nov 12, 2023
df9f2c4
benchmark: lower minimum Python version to 3.8
cjb Nov 12, 2023
2604583
benchmark: use afl's execs/s; increase CPU model width
cjb Nov 12, 2023
afb9b8a
benchmark: disallow duplicate entries for the same CPU in COMPARISON
cjb Nov 14, 2023
a289a3e
Update benchmark.py
vanhauser-thc Nov 15, 2023
a071430
fix inf in stats
vanhauser-thc Nov 16, 2023
885f949
Fix benchmark.py
vanhauser-thc Nov 16, 2023
b05e3f7
missing closing parenthesis
ifyGecko Nov 17, 2023
1179bfe
Merge pull request #1909 from ifyGecko/quick_fix
vanhauser-thc Nov 17, 2023
43b8812
Update benchmark.py
vanhauser-thc Nov 17, 2023
4d8df78
benchmark: remove self-calculation of execs/sec
cjb Nov 19, 2023
75a3af8
benchmark: update COMPARISON
cjb Nov 19, 2023
d34bed5
benchmark: Update Jupyter notebook and results file.
cjb Nov 19, 2023
d9ffe74
benchmark: rename afl_execs_per_sec to execs_per_sec
cjb Nov 19, 2023
f2cbcdf
benchmark: update README
cjb Nov 19, 2023
444ddb2
Merge pull request #1853 from cjb/dev-benchmark-py
vanhauser-thc Nov 19, 2023
91a1459
update
vanhauser-thc Nov 20, 2023
07352a9
add benchmark
vanhauser-thc Nov 20, 2023
5681267
nits
vanhauser-thc Nov 20, 2023
aabbdac
add benchmarks
vanhauser-thc Nov 20, 2023
d6cefdc
Update unicornafl ref
domenukk Nov 20, 2023
a2a4171
Pass correct Nyx ID when creating a Nyx runner
choller Nov 22, 2023
d17e0b3
Fix typo in docker pull command, add exampe to mount current dir as v…
CarloMara Nov 22, 2023
c96aa40
mini fix
vanhauser-thc Nov 23, 2023
770e868
add custom_post_run.c
yangzao Nov 24, 2023
8af74bc
update afl-fuzz-run
yangzao Nov 25, 2023
faedb3f
update python module
yangzao Nov 26, 2023
0547c49
Merge pull request #1913 from choller/nyx-id-fix-2
vanhauser-thc Nov 27, 2023
c9e0f01
format code
yangzao Nov 27, 2023
bb523b4
update
yangzao Nov 27, 2023
81b43ce
merge function
yangzao Nov 27, 2023
e4f3ebc
Merge pull request #1915 from yangzao/dev
vanhauser-thc Nov 28, 2023
d2aef74
changes
vanhauser-thc Nov 22, 2023
dd9a04c
code format
vanhauser-thc Nov 28, 2023
74f8ca6
improve cmplog
vanhauser-thc Nov 28, 2023
39be50e
nit
vanhauser-thc Nov 28, 2023
1fa2850
nit
vanhauser-thc Nov 30, 2023
d02036a
fix
vanhauser-thc Dec 1, 2023
858e0bf
fix
vanhauser-thc Dec 1, 2023
3fc9e68
Stop hardcoding the path /usr/local/lib/afl in afl-ld-lto.c and respe…
Romain-Geissler-1A Dec 1, 2023
21f874c
Merge pull request #1917 from Romain-Geissler-1A/dev
vanhauser-thc Dec 1, 2023
4e0a794
Add benchmark for Raspberry Pi 5
jakoblell Dec 2, 2023
5d544ce
Merge pull request #1918 from jakoblell/benchmark_raspberry_pi5
vanhauser-thc Dec 2, 2023
b0cb2f7
ryzen 5950 benchmark
vanhauser-thc Dec 3, 2023
477a517
add missing raspery5
vanhauser-thc Dec 3, 2023
01e0d4a
comparison -> comparison.md
vanhauser-thc Dec 3, 2023
0e7afb7
removing options "-Wl,-rpath" "LLVM_LIBDIR" when using gcc
vmezzela Dec 4, 2023
5759b93
Merge pull request #1920 from m-Vins/dev
vanhauser-thc Dec 4, 2023
6c04d4c
fixing -Wl,-rpath=<LLVM_LIBDIR>
vmezzela Dec 4, 2023
638273e
nits
vanhauser-thc Dec 5, 2023
1250586
Merge pull request #1923 from AFLplusplus/dev
vanhauser-thc Dec 5, 2023
5482204
Merge pull request #1922 from m-Vins/dev
vanhauser-thc Dec 5, 2023
981a90d
Merge pull request #1924 from AFLplusplus/dev
vanhauser-thc Dec 5, 2023
5b655e0
fix
vanhauser-thc Dec 5, 2023
ef706ad
Merge pull request #1925 from AFLplusplus/dev
vanhauser-thc Dec 5, 2023
bb1d4a2
afl-cc fixes
vanhauser-thc Dec 7, 2023
520daf5
nit
vanhauser-thc Dec 10, 2023
a062e84
add n_fuzz to ignore_timeouts
vanhauser-thc Dec 10, 2023
b2d118f
fix
vanhauser-thc Dec 10, 2023
ab532e7
Fix #1927
andreafioraldi Dec 11, 2023
a576f7a
in-depth blog post
vanhauser-thc Dec 12, 2023
f290bdd
add AFL_FUZZER_LOOPCOUNT
vanhauser-thc Dec 14, 2023
ae9cdb3
AFL_FUZZER_LOOPCOUNT
vanhauser-thc Dec 14, 2023
3750592
fix 2 mutation bugs
vanhauser-thc Dec 15, 2023
8a7705a
v4.09c release
vanhauser-thc Dec 15, 2023
108fb0b
Merge pull request #1933 from AFLplusplus/dev
vanhauser-thc Dec 15, 2023
ca0c9f6
v4.10a init
vanhauser-thc Dec 15, 2023
353ae36
switch to explore powerschedule as default
vanhauser-thc Dec 15, 2023
7fabe50
fix MUT_INSERTASCIINUM
vanhauser-thc Dec 19, 2023
f822cde
fix MUT_STRATEGY_ARRAY_SIZE
vanhauser-thc Dec 19, 2023
806a76a
fix bad fix for MUT_STRATEGY_ARRAY_SIZE
vanhauser-thc Dec 19, 2023
2f74fea
remove afl-network-client on uninstall
vanhauser-thc Dec 19, 2023
c38dedb
update nyx
vanhauser-thc Dec 21, 2023
86d76b5
Improve binary-only related docs
bet4it Dec 21, 2023
27d05f3
Merge pull request #1939 from bet4it/docs
vanhauser-thc Dec 22, 2023
df0638a
llvm 18 build fixes.
devnexen Dec 22, 2023
3c0cfd8
Merge pull request #1940 from devnexen/llvm_18_build_fix
vanhauser-thc Dec 23, 2023
daaefcd
code format
vanhauser-thc Dec 24, 2023
dcb5bc3
Merge pull request #1941 from AFLplusplus/dev
vanhauser-thc Dec 24, 2023
a9e6998
Fix custom_send link
Xeonacid Dec 25, 2023
c3197df
Use ../ instead
Xeonacid Dec 25, 2023
b01ef97
Merge pull request #1942 from Xeonacid/patch-1
vanhauser-thc Dec 25, 2023
1fc1b32
initial simple injection detection support
vanhauser-thc Dec 27, 2023
98a2a33
inject docs
vanhauser-thc Dec 27, 2023
934a02f
fix for issue #1916, iLLVM crash in split-floatingpoint-compares
hexcoder- Dec 28, 2023
25f9c1f
Merge branch 'dev' of https://github.com/AFLplusplus/AFLplusplus into…
hexcoder- Dec 28, 2023
88cbaeb
LLVM 17 bug workaround
vanhauser-thc Dec 29, 2023
c39596c
Merge pull request #1943 from AFLplusplus/dev
vanhauser-thc Dec 29, 2023
1eb54c4
finish injection implementation
vanhauser-thc Dec 30, 2023
2260a06
Merge pull request #1944 from AFLplusplus/inject
vanhauser-thc Dec 30, 2023
1a60e35
Merge pull request #1945 from AFLplusplus/stable
vanhauser-thc Dec 30, 2023
c5b4e26
remove tmp todo
vanhauser-thc Dec 30, 2023
5f492da
update changelog
vanhauser-thc Dec 30, 2023
9d305ac
Merge pull request #1946 from AFLplusplus/dev
vanhauser-thc Dec 30, 2023
0aeee03
forgot to add the injection pass
vanhauser-thc Jan 3, 2024
358cd1b
Merge pull request #1947 from AFLplusplus/dev
vanhauser-thc Jan 3, 2024
aad9ac2
Output afl-clang-fast stuffs only if necessary (#1912)
SonicStark Jan 4, 2024
ee7d69b
changelog
vanhauser-thc Jan 4, 2024
bb6d9cd
update grammar mutator
vanhauser-thc Jan 8, 2024
db65dc5
lto llvm 12+
vanhauser-thc Jan 9, 2024
f75778a
docs(custom_mutators): fix missing ':' (#1953)
Xeonacid Jan 11, 2024
4e9c605
Fix broken LTO mode and response file support (#1948)
SonicStark Jan 11, 2024
9d3c25a
Strip `-Wl,-no-undefined` during compilation (#1952)
nbars Jan 11, 2024
b99bbf6
Remove dead code in write_to_testcase (#1955)
Xeonacid Jan 11, 2024
a401740
update qemuafl
vanhauser-thc Jan 12, 2024
355dcf6
WIP: Add ability to generate drcov trace using QEMU backend (#1956)
JRomainG Jan 12, 2024
46ef6a5
code format
vanhauser-thc Jan 12, 2024
68d883d
changelog
vanhauser-thc Jan 12, 2024
e9621db
sleep on uid != 0 afl-system-config
vanhauser-thc Jan 16, 2024
8412b17
fix segv about skip_next, warn on unsupported cases of linking option…
SonicStark Jan 18, 2024
046473a
todos
vanhauser-thc Jan 18, 2024
136feba
ensure afl-cc only allows available compiler modes
vanhauser-thc Jan 18, 2024
04219f9
update grammar mutator
vanhauser-thc Jan 18, 2024
523ce15
disable aslr on apple
vanhauser-thc Jan 18, 2024
e731a1c
fix for arm64
vanhauser-thc Jan 18, 2024
0c054f5
push to stable (#1960)
vanhauser-thc Jan 18, 2024
cefc9a0
help selective instrumentation
vanhauser-thc Jan 18, 2024
660b697
typos
vanhauser-thc Jan 19, 2024
a518c4d
macos
vanhauser-thc Jan 19, 2024
de561b7
add compiler test script
vanhauser-thc Jan 19, 2024
ab0823c
apple fixes
vanhauser-thc Jan 19, 2024
3046c80
bump nyx submodules (#1963)
schumilo Jan 20, 2024
9cefc4d
fix docs
vanhauser-thc Jan 22, 2024
33a129e
update changelog
vanhauser-thc Jan 22, 2024
243c664
update grammar mutator
vanhauser-thc Jan 23, 2024
227c1a7
improve compiler test script
vanhauser-thc Jan 23, 2024
d581278
gcc asan workaround (#1966)
vanhauser-thc Jan 24, 2024
a5db79e
Merge branch 'stable' into dev
vanhauser-thc Jan 24, 2024
8746b3e
fix github merge fuckup
vanhauser-thc Jan 24, 2024
ba28c49
fix
vanhauser-thc Jan 24, 2024
d88c97a
Fix afl-cc (#1968)
SonicStark Jan 25, 2024
2f9eeef
Avoid adding llvmnative instrumentation when linking rust sanitizer r…
choller Jan 26, 2024
58b80b6
Dynamic instrumentation filtering for LLVM native (#1971)
choller Jan 26, 2024
1ffb1b6
changelog
vanhauser-thc Jan 26, 2024
4859b58
todos
vanhauser-thc Jan 28, 2024
12ab9eb
new forkserver check
vanhauser-thc Jan 30, 2024
d5b6c0f
fix
vanhauser-thc Jan 30, 2024
9604fe9
nyx test for CI
vanhauser-thc Jan 30, 2024
75af391
improve nyx docs
vanhauser-thc Jan 30, 2024
644e069
Fixes to afl-cc and documentation (#1974)
choller Jan 30, 2024
0d164e4
nits
vanhauser-thc Jan 30, 2024
ccad11f
nyx build script updates
vanhauser-thc Jan 31, 2024
da5d3d6
test error output
vanhauser-thc Jan 31, 2024
3768933
debug ci
vanhauser-thc Jan 31, 2024
970e0b1
debug ci
vanhauser-thc Feb 1, 2024
643df2b
Improve afl-cc (#1975)
SonicStark Feb 1, 2024
c33de47
enable nyx
vanhauser-thc Feb 1, 2024
5da5d6e
debug ci
vanhauser-thc Feb 1, 2024
123ec5d
debug ci
vanhauser-thc Feb 1, 2024
6e6d91b
debug ci
vanhauser-thc Feb 1, 2024
97ba817
debug ci
vanhauser-thc Feb 1, 2024
7793692
debug ci
vanhauser-thc Feb 1, 2024
76a0334
debug ci
vanhauser-thc Feb 1, 2024
e5d305a
debug ci
vanhauser-thc Feb 1, 2024
236fb9b
debug ci
vanhauser-thc Feb 1, 2024
eb52f1c
fix ci
vanhauser-thc Feb 1, 2024
5549212
clean test script
vanhauser-thc Feb 1, 2024
a84b7c7
NO_NYX
vanhauser-thc Feb 1, 2024
ac63901
NO_NYX
vanhauser-thc Feb 1, 2024
8759610
fix ci
vanhauser-thc Feb 1, 2024
96ada75
debug ci
vanhauser-thc Feb 1, 2024
d8e8d34
fix ci
vanhauser-thc Feb 1, 2024
37d2039
finalize ci fix
vanhauser-thc Feb 1, 2024
eda770f
push to stable (#1967)
vanhauser-thc Feb 1, 2024
06f0982
Enhancement on Deterministic stage (#1972)
kdsjZh Feb 1, 2024
5ba66a8
final touches for skipdet
vanhauser-thc Feb 1, 2024
ba28f5f
remove unused var
vanhauser-thc Feb 1, 2024
028d4c8
remove redundant eff struct (#1977)
kdsjZh Feb 1, 2024
f98dc8a
update QEMU-Nyx submodule (#1978)
schumilo Feb 2, 2024
5887177
update QEMU-Nyx submodule (#1980)
schumilo Feb 2, 2024
1e7485d
Fix type in AFL_NOOPT env variable in afl-cc help message (#1982)
kyakdan Feb 3, 2024
a929262
nits
vanhauser-thc Feb 3, 2024
ed1a6f8
2024 v4.10c release
vanhauser-thc Feb 3, 2024
a25f27d
fixes
vanhauser-thc Feb 3, 2024
68dc482
fixes
vanhauser-thc Feb 3, 2024
602ecee
push to stable (#1983)
vanhauser-thc Feb 3, 2024
775861e
Merge pull request #1985 from AFLplusplus/dev
vanhauser-thc Feb 3, 2024
621f784
Merge pull request #3 from AFLplusplus/stable
Feb 22, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .custom-format.py
Original file line number Diff line number Diff line change
@@ -24,7 +24,7 @@

# string_re = re.compile('(\\"(\\\\.|[^"\\\\])*\\")') # TODO: for future use

CURRENT_LLVM = os.getenv('LLVM_VERSION', 16)
CURRENT_LLVM = os.getenv('LLVM_VERSION', 17)
CLANG_FORMAT_BIN = os.getenv("CLANG_FORMAT_BIN", "")


1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -10,6 +10,7 @@
.test
.test2
.vscode
afl-addseeds.8
afl-analyze
afl-analyze.8
afl-as
32 changes: 15 additions & 17 deletions afl-cmin
Original file line number Diff line number Diff line change
@@ -259,22 +259,20 @@ BEGIN {
# Do a sanity check to discourage the use of /tmp, since we can't really
# handle this safely from an awk script.

#if (!ENVIRON["AFL_ALLOW_TMP"]) {
# dirlist[0] = in_dir
# dirlist[1] = target_bin
# dirlist[2] = out_dir
# dirlist[3] = stdin_file
# "pwd" | getline dirlist[4] # current directory
# for (dirind in dirlist) {
# dir = dirlist[dirind]
#
# if (dir ~ /^(\/var)?\/tmp/) {
# print "[-] Error: do not use this script in /tmp or /var/tmp." > "/dev/stderr"
# exit 1
# }
# }
# delete dirlist
#}
if (!ENVIRON["AFL_ALLOW_TMP"]) {
dirlist[0] = in_dir
dirlist[1] = target_bin
dirlist[2] = out_dir
dirlist[3] = stdin_file
"pwd" | getline dirlist[4] # current directory
for (dirind in dirlist) {
dir = dirlist[dirind]
if (dir ~ /^(\/var)?\/tmp/) {
print "[-] Warning: do not use this script in /tmp or /var/tmp for security reasons." > "/dev/stderr"
}
}
delete dirlist
}

if (threads && stdin_file) {
print "[-] Error: -T and -f cannot be used together." > "/dev/stderr"
@@ -430,7 +428,7 @@ BEGIN {
} else {
stat_format = "-f '%z %N'" # *BSD, MacOS
}
cmdline = "(cd "in_dir" && find . \\( ! -name \".*\" -a -type d \\) -o -type f -exec stat "stat_format" \\{\\} + | sort -k1n -k2r)"
cmdline = "(cd "in_dir" && find . \\( ! -name \".*\" -a -type d \\) -o -type f -exec stat "stat_format" \\{\\} + | sort -k1n -k2r) | grep -Ev '^0'"
#cmdline = "ls "in_dir" | (cd "in_dir" && xargs stat "stat_format" 2>/dev/null) | sort -k1n -k2r"
#cmdline = "(cd "in_dir" && stat "stat_format" *) | sort -k1n -k2r"
#cmdline = "(cd "in_dir" && ls | xargs stat "stat_format" ) | sort -k1n -k2r"
86 changes: 50 additions & 36 deletions afl-cmin.bash
Original file line number Diff line number Diff line change
@@ -167,29 +167,28 @@ fi
# Do a sanity check to discourage the use of /tmp, since we can't really
# handle this safely from a shell script.

#if [ "$AFL_ALLOW_TMP" = "" ]; then
#
# echo "$IN_DIR" | grep -qE '^(/var)?/tmp/'
# T1="$?"
#
# echo "$TARGET_BIN" | grep -qE '^(/var)?/tmp/'
# T2="$?"
#
# echo "$OUT_DIR" | grep -qE '^(/var)?/tmp/'
# T3="$?"
#
# echo "$STDIN_FILE" | grep -qE '^(/var)?/tmp/'
# T4="$?"
#
# echo "$PWD" | grep -qE '^(/var)?/tmp/'
# T5="$?"
#
# if [ "$T1" = "0" -o "$T2" = "0" -o "$T3" = "0" -o "$T4" = "0" -o "$T5" = "0" ]; then
# echo "[-] Error: do not use this script in /tmp or /var/tmp." 1>&2
# exit 1
# fi
#
#fi
if [ "$AFL_ALLOW_TMP" = "" ]; then

echo "$IN_DIR" | grep -qE '^(/var)?/tmp/'
T1="$?"

echo "$TARGET_BIN" | grep -qE '^(/var)?/tmp/'
T2="$?"

echo "$OUT_DIR" | grep -qE '^(/var)?/tmp/'
T3="$?"

echo "$STDIN_FILE" | grep -qE '^(/var)?/tmp/'
T4="$?"

echo "$PWD" | grep -qE '^(/var)?/tmp/'
T5="$?"

if [ "$T1" = "0" -o "$T2" = "0" -o "$T3" = "0" -o "$T4" = "0" -o "$T5" = "0" ]; then
echo "[-] Warning: do not use this script in /tmp or /var/tmp for security reasons." 1>&2
fi

fi

# If @@ is specified, but there's no -f, let's come up with a temporary input
# file name.
@@ -423,22 +422,30 @@ if [ "$THREADS" = "" ]; then

ls "$IN_DIR" | while read -r fn; do

CUR=$((CUR+1))
printf "\\r Processing file $CUR/$IN_COUNT... "
if [ -s "$IN_DIR/$fn" ]; then

"$SHOWMAP" -m "$MEM_LIMIT" -t "$TIMEOUT" -o "$TRACE_DIR/$fn" -Z $EXTRA_PAR -- "$@" <"$IN_DIR/$fn"
CUR=$((CUR+1))
printf "\\r Processing file $CUR/$IN_COUNT... "

"$SHOWMAP" -m "$MEM_LIMIT" -t "$TIMEOUT" -o "$TRACE_DIR/$fn" -Z $EXTRA_PAR -- "$@" <"$IN_DIR/$fn"

fi

done

else

ls "$IN_DIR" | while read -r fn; do

CUR=$((CUR+1))
printf "\\r Processing file $CUR/$IN_COUNT... "
if [ -s "$IN_DIR/$fn" ]; then

CUR=$((CUR+1))
printf "\\r Processing file $CUR/$IN_COUNT... "

cp "$IN_DIR/$fn" "$STDIN_FILE"
"$SHOWMAP" -m "$MEM_LIMIT" -t "$TIMEOUT" -o "$TRACE_DIR/$fn" -Z $EXTRA_PAR -H "$STDIN_FILE" -- "$@" </dev/null

cp "$IN_DIR/$fn" "$STDIN_FILE"
"$SHOWMAP" -m "$MEM_LIMIT" -t "$TIMEOUT" -o "$TRACE_DIR/$fn" -Z $EXTRA_PAR -H "$STDIN_FILE" -- "$@" </dev/null
fi

done

@@ -460,19 +467,26 @@ else

cat $inputs | while read -r fn; do

"$SHOWMAP" -m "$MEM_LIMIT" -t "$TIMEOUT" -o "$TRACE_DIR/$fn" -Z $EXTRA_PAR -- "$@" <"$IN_DIR/$fn"
if [ -s "$IN_DIR/$fn" ]; then

"$SHOWMAP" -m "$MEM_LIMIT" -t "$TIMEOUT" -o "$TRACE_DIR/$fn" -Z $EXTRA_PAR -- "$@" <"$IN_DIR/$fn"

fi

done

else

STDIN_FILE="$inputs.$$"
cat $inputs | while read -r fn; do
if [ -s "$IN_DIR/$fn" ]; then
STDIN_FILE="$inputs.$$"
cat $inputs | while read -r fn; do

cp "$IN_DIR/$fn" "$STDIN_FILE"
"$SHOWMAP" -m "$MEM_LIMIT" -t "$TIMEOUT" -o "$TRACE_DIR/$fn" -Z $EXTRA_PAR -H "$STDIN_FILE" -- "$@" </dev/null
cp "$IN_DIR/$fn" "$STDIN_FILE"
"$SHOWMAP" -m "$MEM_LIMIT" -t "$TIMEOUT" -o "$TRACE_DIR/$fn" -Z $EXTRA_PAR -H "$STDIN_FILE" -- "$@" </dev/null

done
done

fi

fi

7 changes: 6 additions & 1 deletion afl-persistent-config
Original file line number Diff line number Diff line change
@@ -2,7 +2,7 @@
# written by jhertz
#

test "$1" = "-h" -o "$1" = "-hh" && {
test "$1" = "-h" -o "$1" = "-hh" -o "$1" = "--help" && {
echo 'afl-persistent-config'
echo
echo $0
@@ -17,6 +17,11 @@ test "$1" = "-h" -o "$1" = "-hh" && {
exit 0
}

if [ $# -ne 0 ]; then
echo "ERROR: Unknown option(s): $@"
exit 1
fi

echo
echo "WARNING: This scripts makes permanent configuration changes to the system to"
echo " increase the performance for fuzzing. As a result, the system also"
6 changes: 5 additions & 1 deletion afl-system-config
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#!/bin/sh
test "$1" = "-h" -o "$1" = "-hh" && {
test "$1" = "-h" -o "$1" = "-hh" -o "$1" = "--help" && {
echo 'afl-system-config by Marc Heuse <mh@mh-sec.de>'
echo
echo $0
@@ -13,6 +13,10 @@ test "$1" = "-h" -o "$1" = "-hh" && {
echo configuration options.
exit 0
}
if [ $# -ne 0 ]; then
echo "ERROR: Unknown option(s): $@"
exit 1
fi

DONE=
PLATFORM=`uname -s`
4 changes: 4 additions & 0 deletions docs/Changelog.md
Original file line number Diff line number Diff line change
@@ -10,6 +10,9 @@
- added AFL_IGNORE_SEED_PROBLEMS to skip over seeds that time out instead
of exiting with an error message
- allow -S/-M naming up to 50 characters (from 24)
- added scale support to CMPLOG (-l S)
- added --version and --help command line parameters
- fixed endless loop when reading malformed dictionaries
- afl-whatsup:
- detect instanced that are starting up and show them as such as not dead
- now also shows coverage reached
@@ -19,6 +22,7 @@
- fix for a few string compare transform functions for LAF
- frida_mode:
- fixes support for large map offsets
- afl-cmin/afl-cmin.bash: prevent unneeded file errors
- added new tool afl-addseeds that adds new seeds to a running campaign
- added benchmark/benchmark.sh if you want to see how good your fuzzing
speed is in comparison to other setups.
5 changes: 3 additions & 2 deletions docs/custom_mutators.md
Original file line number Diff line number Diff line change
@@ -125,8 +125,9 @@ def deinit(): # optional for Python

- `queue_get` (optional):

This method determines whether the custom fuzzer should fuzz the current
queue entry or not
This method determines whether AFL++ should fuzz the current
queue entry or not: all defined custom mutators as well as
all AFL++'s mutators.

- `fuzz_count` (optional):

6 changes: 6 additions & 0 deletions docs/env_variables.md
Original file line number Diff line number Diff line change
@@ -135,6 +135,12 @@ subset of the settings discussed in section 1, with the exception of:
- `TMPDIR` and `AFL_KEEP_ASSEMBLY`, since no temporary assembly files are
created.

- LLVM modes compiling C++ will normally set rpath in the binary if LLVM is
not in a usual location (/usr or /lib). Setting `AFL_LLVM_NO_RPATH=1`
disables this behaviour in case it isn't desired. For example, the compiling
toolchain might be in a custom location, but the target machine has LLVM
runtime libs in the search path.

Then there are a few specific features that are only available in
instrumentation mode:

8 changes: 4 additions & 4 deletions frida_mode/src/main.c
Original file line number Diff line number Diff line change
@@ -49,10 +49,10 @@ extern void __libc_init(void *raw_args, void (*onexit)(void) __unused,
int (*slingshot)(int, char **, char **),
structors_array_t const *const structors);
#else
extern int __libc_start_main(int (*main)(int, char **, char **), int argc,
char **ubp_av, void (*init)(void),
void (*fini)(void), void (*rtld_fini)(void),
void(*stack_end));
extern int __libc_start_main(int (*main)(int, char **, char **), int argc,
char **ubp_av, void (*init)(void),
void (*fini)(void), void (*rtld_fini)(void),
void(*stack_end));
#endif

typedef int (*main_fn_t)(int argc, char **argv, char **envp);
2 changes: 1 addition & 1 deletion include/afl-fuzz.h
Original file line number Diff line number Diff line change
@@ -675,7 +675,7 @@ typedef struct afl_state {
u32 cmplog_max_filesize;
u32 cmplog_lvl;
u32 colorize_success;
u8 cmplog_enable_arith, cmplog_enable_transform,
u8 cmplog_enable_arith, cmplog_enable_transform, cmplog_enable_scale,
cmplog_enable_xtreme_transform, cmplog_random_colorization;

struct afl_pass_stat *pass_stats;
2 changes: 1 addition & 1 deletion include/afl-mutations.h
Original file line number Diff line number Diff line change
@@ -1854,7 +1854,7 @@ inline u32 afl_mutate(afl_state_t *afl, u8 *buf, u32 len, u32 steps,

for (u32 step = 0; step < steps; ++step) {

retry_havoc_step : {
retry_havoc_step: {

u32 r = rand_below(afl, MUT_STRATEGY_ARRAY_SIZE), item;

1 change: 1 addition & 0 deletions include/envs.h
Original file line number Diff line number Diff line change
@@ -162,6 +162,7 @@ static char *afl_environment_variables[] = {
"AFL_LLVM_MAP_DYNAMIC",
"AFL_LLVM_NGRAM_SIZE",
"AFL_NGRAM_SIZE",
"AFL_LLVM_NO_RPATH",
"AFL_LLVM_NOT_ZERO",
"AFL_LLVM_INSTRUMENT_FILE",
"AFL_LLVM_THREADSAFE_INST",
30 changes: 15 additions & 15 deletions include/xxhash.h
Original file line number Diff line number Diff line change
@@ -365,7 +365,7 @@ typedef uint32_t XXH32_hash_t;
(defined(__cplusplus) || \
(defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) /* C99 */))
#include <stdint.h>
typedef uint32_t XXH32_hash_t;
typedef uint32_t XXH32_hash_t;

#else
#include <limits.h>
@@ -1082,7 +1082,7 @@ struct XXH64_state_s {
#include <stdalign.h>
#define XXH_ALIGN(n) alignas(n)
#elif defined(__cplusplus) && (__cplusplus >= 201103L) /* >= C++11 */
/* In C++ alignas() is a keyword */
/* In C++ alignas() is a keyword */
#define XXH_ALIGN(n) alignas(n)
#elif defined(__GNUC__)
#define XXH_ALIGN(n) __attribute__((aligned(n)))
@@ -3031,8 +3031,8 @@ XXH64_hashFromCanonical(const XXH64_canonical_t *src) {
__STDC_VERSION__ >= 199901L /* >= C99 */
#define XXH_RESTRICT restrict
#else
/* Note: it might be useful to define __restrict or __restrict__ for
* some C++ compilers */
/* Note: it might be useful to define __restrict or __restrict__ for
* some C++ compilers */
#define XXH_RESTRICT /* disable */
#endif

@@ -3492,8 +3492,8 @@ XXH_FORCE_INLINE xxh_u64x2 XXH_vec_loadu(const void *ptr) {
#define XXH_vec_mulo vec_mulo
#define XXH_vec_mule vec_mule
#elif defined(__clang__) && XXH_HAS_BUILTIN(__builtin_altivec_vmuleuw)
/* Clang has a better way to control this, we can just use the builtin
* which doesn't swap. */
/* Clang has a better way to control this, we can just use the builtin
* which doesn't swap. */
#define XXH_vec_mulo __builtin_altivec_vmulouw
#define XXH_vec_mule __builtin_altivec_vmuleuw
#else
@@ -3604,15 +3604,15 @@ XXH_FORCE_INLINE xxh_u64 XXH_mult32to64(xxh_u64 x, xxh_u64 y) {
#include <intrin.h>
#define XXH_mult32to64(x, y) __emulu((unsigned)(x), (unsigned)(y))
#else
/*
* Downcast + upcast is usually better than masking on older compilers
* like GCC 4.2 (especially 32-bit ones), all without affecting newer
* compilers.
*
* The other method, (x & 0xFFFFFFFF) * (y & 0xFFFFFFFF), will AND both
* operands and perform a full 64x64 multiply -- entirely redundant on
* 32-bit.
*/
/*
* Downcast + upcast is usually better than masking on older compilers
* like GCC 4.2 (especially 32-bit ones), all without affecting newer
* compilers.
*
* The other method, (x & 0xFFFFFFFF) * (y & 0xFFFFFFFF), will AND both
* operands and perform a full 64x64 multiply -- entirely redundant on
* 32-bit.
*/
#define XXH_mult32to64(x, y) \
((xxh_u64)(xxh_u32)(x) * (xxh_u64)(xxh_u32)(y))
#endif
Loading
Loading