Version: 2.52b-bp150.2.4
* Sun Nov 05 2017 mardnh@gmx.de
- Update to version 2.52b:
* Upgraded QEMU patches from 2.3.0 to 2.10.0. Required troubleshooting
several weird issues.
* Added setsid to afl-showmap. See the notes for 2.51b.
* Added target mode (deferred, persistent, qemu, etc) to fuzzer_stats.
* afl-tmin should now save a partially minimized file when Ctrl-C
is pressed.
* Added an option for afl-analyze to dump offsets in hex.
* Added support for parameters in triage_crashes.sh.
* Sun Sep 03 2017 astieger@suse.com
- afl 2.51b:
* Make afl-tmin call setsid to prevent glibc traceback junk from
showing up on the terminal
- includes changes form 2.50b:
* Fix a timing corner case
* Address a libtokencap / pthreads incompatibility issue
* Add AFL_FAST_CAL.
* In-place resume now preserves .synced
* Sat Jul 29 2017 meissner@suse.com
- include docs/README
* Wed Jul 26 2017 meissner@suse.com
- Version 2.49b
- Added AFL_TMIN_EXACT to allow path constraint for crash minimization.
- Added dates for releases (retroactively for all of 2017).
- Version 2.48b
- Added AFL_ALLOW_TMP to permit some scripts to run in /tmp.
- Fixed cwd handling in afl-analyze (similar to the quirk in afl-tmin).
- Made it possible to point -o and -f to the same file in afl-tmin.
- Version 2.47b
- Fixed cwd handling in afl-tmin. Spotted by Jakub Wilk.
- Version 2.46b
- libdislocator now supports AFL_LD_NO_CALLOC_OVER for folks who do not
want to abort on calloc() overflows.
- Made a minor fix to libtokencap. Reported by Daniel Stender.
- Added a small JSON dictionary, inspired on a dictionary done by Jakub Wilk.
* Fri Jul 07 2017 meissner@suse.com
- update to 2.45b:
- Added strstr, strcasestr support to libtokencap. Contributed by
Daniel Hodson.
- Fixed a resumption offset glitch spotted by Jakub Wilk.
- There are definitely no bugs in afl-showmap -c now.
* Mon Jul 03 2017 astieger@suse.com
- update to 2.44b:
* Add visual indicator of ASAN / MSAN mode when compiling
* Add support for afl-showmap coredumps (-c)
* Add LD_BIND_NOW=1 for afl-showmap by default
* Added AFL_NO_ARITH to aid in the fuzzing of text-based formats
* Renamed the R() macro to avoid a problem with llvm_mode in the
latest versions of LLVM
* Wed Apr 12 2017 meissner@suse.com
- update to 2.41b:
- Addressed a major user complaint related to timeout detection. Timing out
inputs are now binned as "hangs" only if they exceed a far more generous
time limit than the one used to reject slow paths.
- update to 2.40b:
- Fixed a minor oversight in the insertion strategy for dictionary words.
Spotted by Andrzej Jackowski.
- Made a small improvement to the havoc block insertion strategy.
- Adjusted color rules for "is it done yet?" indicators.
* Wed Mar 08 2017 sfalken@opensuse.org
- Changed %doc line, to clear buildfailure in openSUSE:Factory
Due to unpackaged files
* Fri Feb 10 2017 meissner@suse.com
- update to 2.39b:
- Improved error reporting in afl-cmin. Suggested by floyd.
- Made a minor tweak to trace-pc-guard support. Suggested by kcc.
- Added a mention of afl-monitor.
* Mon Jan 30 2017 astieger@suse.com
- update to 2.38b:
* Added -mllvm -sanitizer-coverage-block-threshold=0 to
trace-pc-guard mode
* Fixed a cosmetic bad free() bug when aborting -S sessions
* Made a small change to afl-whatsup to sort fuzzers by name.
* Fixed a minor issue with malloc(0) in libdislocator
* Changed the clobber pattern in libdislocator to a slightly more
reliable one
* Added a note about THP performance
* Added a somewhat unofficial support for running afl-tmin with a
baseline "mask" that causes it to minimize only for edges that
are unique to the input file, but not to the "boring" baseline.
* "Fixed" a getPassName() problem with never versions of clang.
* Wed Oct 19 2016 mpluskal@suse.com
- Update to version 2.35b:
* Fixed a minor cmdline reporting glitch, spotted by Leo Barnes.
* Fixed a silly bug in libdislocator. Spotted by Johannes Schultz.
- Changes for version 2.34b:
* Added a note about afl-tmin to technical_details.txt.
* Added support for AFL_NO_UI, as suggested by Leo Barnes.
- Changes for version 2.33b:
* Added code to strip -Wl,-z,defs and -Wl,--no-undefined for
fl-clang-fast, since they interfere with -shared. Spotted and
iagnosed by Toby Hutton.
* Added some fuzzing tips for Android.
* Thu Aug 25 2016 meissner@suse.com
- Version 2.32b:
- Added a check for AFL_HARDEN combined with AFL_USE_*SAN. Suggested by Hanno Boeck.
- Made several other cosmetic adjustments to cycle timing in the wake of the big tweak made in 2.31b.
- Version 2.31b:
- Changed havoc cycle counts for a marked performance boost, especially
with -S / -d. See the discussion of FidgetyAFL in:
https://groups.google.com/forum/#!topic/afl-users/fOPeb62FZUg
While this does not implement the approach proposed by the authors of
the CCS paper, the solution is a result of digging into that research;
more improvements may follow as I do more experiments and get more
definitive data.
- Version 2.30b:
- Made minor improvements to persistent mode to avoid the remote
possibility of "no instrumentation detected" issues with very low
instrumentation densities.
- Fixed a minor glitch with a leftover process in persistent mode.
Reported by Jakub Wilk and Daniel Stender.
- Made persistent mode bitmaps a bit more consistent and adjusted the way
this is shown in the UI, especially in persistent mode.
- Version 2.29b:
- Made a minor #include fix to llvm_mode. Suggested by Jonathan Metzman.
- Made cosmetic updates to the docs.
- Version 2.28b:
- Added "life pro tips" to docs/.
- Moved testcases/_extras/ to dictionaries/ for visibility.
- Made minor improvements to install scripts.
- Added an important safety tip.
- Version 2.27b:
- Added libtokencap, a simple feature to intercept strcmp / memcmp and
generate dictionary entries that can help extend coverage.
- Moved libdislocator to its own dir, added README.
- The demo in experimental/instrumented_cmp is no more.
- Version 2.26b:
- Made a fix for libdislocator.so to compile on MacOS X.
- Added support for DYLD_INSERT_LIBRARIES.
- Renamed AFL_LD_PRELOAD to AFL_PRELOAD.
- Version 2.25b:
- Made some cosmetic updates to libdislocator.so, renamed one env
variable.
- Version 2.24b:
- Added libdislocator.so, an experimental, abusive allocator. Try
it out with AFL_LD_PRELOAD=/path/to/libdislocator.so when running
afl-fuzz.
- Version 2.23b:
- Improved the stability metric for persistent mode binaries. Problem
spotted by Kurt Roeckx.
- Made a related improvement that may bring the metric to 100% for those
targets.
- Version 2.22b:
- Mentioned the potential conflicts between MSAN / ASAN and FORTIFY_SOURCE.
There is no automated check for this, since some distros may implicitly
set FORTIFY_SOURCE outside of the compiler's argv[].
- Populated the support for AFL_LD_PRELOAD to all companion tools.
- Made a change to the handling of ./afl-clang-fast -v. Spotted by
Jan Kneschke.
* Sat Jul 23 2016 astieger@suse.com
- afl 2.21b:
* Minor UI fixes
- includes changes from 2.20b:
* Revamp handling of variable paths
* Stablility improvements
* Include current input bitmap density in UI
* Add experimental support for parallelizing -M.
- includes changes from 2.19b:
* Ensure auto CPU binding happens at non-overlapping times
- includes changes from 2.18b
* Performance improvements
* Tue Jun 28 2016 astieger@suse.com
- afl 2.17b:
* Remove error-prone and manual -Z option
* automatically bind to the first free core
* Wed Jun 15 2016 astieger@suse.com
- afl 2.14b:
- Added FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION as a macro
defined when compiling with afl-gcc and friends
- Refreshed some of the non-x86 docs.
* Tue May 31 2016 astieger@suse.com
- afl 2.13b:
* Fixed a spurious build test error with trace-pc and
llvm_mode/Makefile.
* Fixed a cosmetic issue with afl-whatsup
- includes changes from 2.12b
* Fixed a minor issue in afl-tmin that can make alphabet
minimization less efficient during passes > 1
* Mon May 02 2016 astieger@suse.com
- afl 2.11b:
- Fixed a minor typo in instrumented_cmp
- Added a missing size check for deterministic insertion steps.
- Made an improvement to afl-gotcpu when -Z not used.
- Fixed a typo in post_library_png.so.c in experimental/
* Sat Apr 16 2016 astieger@suse.com
- afl 2.10b:
* Fix a minor core counting glitch
* Mon Mar 28 2016 mpluskal@suse.com
- Update to 2.09b
* Made several documentation updates.
* Added some visual indicators to promote and simplify the use
of -Z.
- Changes for 2.08b
* Added explicit support for -m32 and -m64 for llvm_mode.
Inspired by a request from Christian Holler.
* Added a new benchmarking option, as requested by Kostya
Serebryany.
- Changes for 2.07b
* Added CPU affinity option (-Z) on Linux. With some caution,
this can offer a significant (10%+) performance bump and
reduce jitter. Proposed by Austin Seipp.
* Updated afl-gotcpu to use CPU affinity where supported.
* Fixed confusing CPU_TARGET error messages with QEMU build.
Spotted by Daniel Komaromy and others.
- Changes for 2.06b
* Worked around LLVM persistent mode hiccups with -shared code.
Contributed by Christian Holler.
* Added __AFL_COMPILER as a convenient way to detect that
something is built under afl-gcc / afl-clang / afl-clang-fast
and enable custom optimizations in your code. Suggested by
Pedro Corte-Real.
* Upstreamed several minor changes developed by Franjo Ivancic to
allow AFL to be built as a library. This is fairly use-specific
and may have relatively little appeal to general audiences.
* Sun Feb 28 2016 astieger@suse.com
- afl 2.05b:
* Put __sanitizer_cov_module_init & co behind #ifdef to avoid
problems with ASAN.