From 18f36b7eace6ff66e7c7e6749dbd62eed2411dfe Mon Sep 17 00:00:00 2001 From: Thomas HUET Date: Sat, 21 May 2016 18:49:39 +0200 Subject: [PATCH] 2.13b --- Makefile | 2 +- afl-fuzz.c | 6 +++--- afl-showmap.c | 7 ++++++- afl-whatsup | 10 ++++++---- docs/ChangeLog | 9 +++++++++ docs/sister_projects.txt | 14 +++++++++++--- llvm_mode/Makefile | 2 +- 7 files changed, 37 insertions(+), 13 deletions(-) diff --git a/Makefile b/Makefile index f16bb612..2feed4ce 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,7 @@ # PROGNAME = afl -VERSION = 2.12b +VERSION = 2.13b PREFIX ?= /usr/local BIN_PATH = $(PREFIX)/bin diff --git a/afl-fuzz.c b/afl-fuzz.c index 6770e4f0..2d362933 100644 --- a/afl-fuzz.c +++ b/afl-fuzz.c @@ -7034,9 +7034,9 @@ static void check_crash_handling(void) { SAYF("\n" cLRD "[-] " cRST "Hmm, your system is configured to send core dump notifications to an\n" - " external utility. This will cause issues due to an extended delay\n" - " between the fuzzed binary malfunctioning and this information being\n" - " eventually relayed to the fuzzer via the standard waitpid() API.\n\n" + " external utility. This will cause issues: there will be an extended delay\n" + " between stumbling upon a crash and having this information relayed to the\n" + " fuzzer via the standard waitpid() API.\n\n" " To avoid having crashes misinterpreted as hangs, please log in as root\n" " and temporarily modify /proc/sys/kernel/core_pattern, like so:\n\n" diff --git a/afl-showmap.c b/afl-showmap.c index 2cc3b783..cd66772e 100644 --- a/afl-showmap.c +++ b/afl-showmap.c @@ -157,11 +157,16 @@ static u32 write_results(void) { u8 cco = !!getenv("AFL_CMIN_CRASHES_ONLY"), caa = !!getenv("AFL_CMIN_ALLOW_ANY"); - if (!strncmp(out_file,"/dev/", 5)) { + if (!strncmp(out_file, "/dev/", 5)) { fd = open(out_file, O_WRONLY, 0600); if (fd < 0) PFATAL("Unable to open '%s'", out_file); + } else if (!strcmp(out_file, "-")) { + + fd = dup(1); + if (fd < 0) PFATAL("Unable to open stdout"); + } else { unlink(out_file); /* Ignore errors */ diff --git a/afl-whatsup b/afl-whatsup index f693567a..9a186f96 100755 --- a/afl-whatsup +++ b/afl-whatsup @@ -61,6 +61,7 @@ DEAD_CNT=0 TOTAL_TIME=0 TOTAL_EXECS=0 +TOTAL_EPS=0 TOTAL_CRASHES=0 TOTAL_PFAV=0 TOTAL_PENDING=0 @@ -105,15 +106,16 @@ for i in `find . -maxdepth 2 -iname fuzzer_stats`; do ALIVE_CNT=$((ALIVE_CNT + 1)) + EXEC_SEC=$((execs_done / RUN_UNIX)) + PATH_PERC=$((cur_path * 100 / paths_total)) + TOTAL_TIME=$((TOTAL_TIME + RUN_UNIX)) + TOTAL_EPS=$((TOTAL_EPS + EXEC_SEC)) TOTAL_EXECS=$((TOTAL_EXECS + execs_done)) TOTAL_CRASHES=$((TOTAL_CRASHES + unique_crashes)) TOTAL_PENDING=$((TOTAL_PENDING + pending_total)) TOTAL_PFAV=$((TOTAL_PFAV + pending_favs)) - EXEC_SEC=$((execs_done / RUN_UNIX)) - PATH_PERC=$((cur_path * 100 / paths_total)) - if [ "$SUMMARY_ONLY" = "" ]; then echo " cycle $((cycles_done + 1)), lifetime speed $EXEC_SEC execs/sec, path $cur_path/$paths_total (${PATH_PERC}%)" @@ -148,7 +150,7 @@ fi echo " Total run time : $TOTAL_DAYS days, $TOTAL_HRS hours" echo " Total execs : $((TOTAL_EXECS / 1000 / 1000)) million" -echo " Cumulative speed : $((TOTAL_EXECS * ALIVE_CNT / TOTAL_TIME)) execs/sec" +echo " Cumulative speed : $TOTAL_EPS execs/sec" echo " Pending paths : $TOTAL_PFAV faves, $TOTAL_PENDING total" if [ "$ALIVE_CNT" -gt "1" ]; then diff --git a/docs/ChangeLog b/docs/ChangeLog index ed6912f6..db9ce179 100644 --- a/docs/ChangeLog +++ b/docs/ChangeLog @@ -16,6 +16,15 @@ Not sure if you should upgrade? The lowest currently recommended version is 2.07b. If you're stuck on an earlier release, it's strongly advisable to get on with the times. +-------------- +Version 2.13b: +-------------- + + - Fixed a spurious build test error with trace-pc and llvm_mode/Makefile. + Spotted by Markus Teufelberger. + + - Fixed a cosmetic issue with afl-whatsup. Spotted by Brandon Perry. + -------------- Version 2.12b: -------------- diff --git a/docs/sister_projects.txt b/docs/sister_projects.txt index 067a7f37..886c2f59 100644 --- a/docs/sister_projects.txt +++ b/docs/sister_projects.txt @@ -133,9 +133,9 @@ afl-sid (Jacek Wielemborek) https://github.com/d33tah/afl-sid -------------------------------------- -Crash triage, coverage analysis, etc: -------------------------------------- +----------------------------------------------------------- +Crash triage, coverage analysis, and other companion tools: +----------------------------------------------------------- afl-crash-analyzer (Tobias Ospelt) ---------------------------------- @@ -172,6 +172,14 @@ aflize (Jacek Wielemborek) https://github.com/d33tah/aflize +afl-ddmin-mod (Markus Teufelberger) +----------------------------------- + + A variant of afl-tmin that uses a more sophisticated (but slower) + minimization algorithm. + + https://github.com/MarkusTeufelberger/afl-ddmin-mod + ------------------------------- Narrow-purpose or experimental: ------------------------------- diff --git a/llvm_mode/Makefile b/llvm_mode/Makefile index 0176fb79..46b36784 100644 --- a/llvm_mode/Makefile +++ b/llvm_mode/Makefile @@ -95,7 +95,7 @@ endif test_build: $(PROGS) @echo "[*] Testing the CC wrapper and instrumentation output..." - unset AFL_USE_ASAN AFL_USE_MSAN; AFL_QUIET=1 AFL_INST_RATIO=100 AFL_PATH=. AFL_CC=$(CC) ../afl-clang-fast $(CFLAGS) ../test-instr.c -o test-instr $(LDFLAGS) + unset AFL_USE_ASAN AFL_USE_MSAN AFL_INST_RATIO; AFL_QUIET=1 AFL_PATH=. AFL_CC=$(CC) ../afl-clang-fast $(CFLAGS) ../test-instr.c -o test-instr $(LDFLAGS) echo 0 | ../afl-showmap -m none -q -o .test-instr0 ./test-instr echo 1 | ../afl-showmap -m none -q -o .test-instr1 ./test-instr @rm -f test-instr