Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2017-07-09 13:04:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "afl" Sun Jul 9 13:04:16 2017 rev:35 rq:508930 version:2.45b Changes: -------- --- /work/SRC/openSUSE:Factory/afl/afl.changes 2017-07-04 09:11:17.918979025 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2017-07-09 13:04:18.118226739 +0200 @@ -1,0 +2,9 @@ +Fri Jul 7 14:59:31 UTC 2017 - meiss...@suse.com + +- update to 2.45b: + - Added strstr, strcasestr support to libtokencap. Contributed by + Daniel Hodson. + - Fixed a resumption offset glitch spotted by Jakub Wilk. + - There are definitely no bugs in afl-showmap -c now. + +------------------------------------------------------------------- Old: ---- afl-2.44b.tgz New: ---- afl-2.45b.tgz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ afl.spec ++++++ --- /var/tmp/diff_new_pack.gQatZh/_old 2017-07-09 13:04:18.726140976 +0200 +++ /var/tmp/diff_new_pack.gQatZh/_new 2017-07-09 13:04:18.730140412 +0200 @@ -17,7 +17,7 @@ Name: afl -Version: 2.44b +Version: 2.45b Release: 0 Summary: American fuzzy lop is a security-oriented fuzzer License: Apache-2.0 ++++++ afl-2.44b.tgz -> afl-2.45b.tgz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.44b/afl-fuzz.c new/afl-2.45b/afl-fuzz.c --- old/afl-2.44b/afl-fuzz.c 2017-06-16 20:01:29.000000000 +0200 +++ new/afl-2.45b/afl-fuzz.c 2017-07-01 03:55:06.000000000 +0200 @@ -3310,10 +3310,10 @@ i = read(fd, tmp, sizeof(tmp) - 1); (void)i; /* Ignore errors */ close(fd); - off = strstr(tmp, "cur_path : "); + off = strstr(tmp, "cur_path : "); if (!off) return 0; - ret = atoi(off + 17); + ret = atoi(off + 20); if (ret >= queued_paths) ret = 0; return ret; @@ -3401,7 +3401,7 @@ "paths_found : %u\n" "paths_imported : %u\n" "max_depth : %u\n" - "cur_path : %u\n" + "cur_path : %u\n" /* Must match find_start_position() */ "pending_favs : %u\n" "pending_total : %u\n" "variable_paths : %u\n" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.44b/afl-gcc.c new/afl-2.45b/afl-gcc.c --- old/afl-2.44b/afl-gcc.c 2017-01-13 22:10:12.000000000 +0100 +++ new/afl-2.45b/afl-gcc.c 2017-06-28 19:25:22.000000000 +0200 @@ -287,6 +287,8 @@ cc_params[cc_par_cnt++] = "-fno-builtin-strcasecmp"; cc_params[cc_par_cnt++] = "-fno-builtin-strncasecmp"; cc_params[cc_par_cnt++] = "-fno-builtin-memcmp"; + cc_params[cc_par_cnt++] = "-fno-builtin-strstr"; + cc_params[cc_par_cnt++] = "-fno-builtin-strcasestr"; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.44b/afl-showmap.c new/afl-2.45b/afl-showmap.c --- old/afl-2.44b/afl-showmap.c 2017-06-28 09:04:47.000000000 +0200 +++ new/afl-2.45b/afl-showmap.c 2017-07-04 22:46:53.000000000 +0200 @@ -286,7 +286,7 @@ } - if (keep_cores) r.rlim_max = r.rlim_cur = 0; + if (!keep_cores) r.rlim_max = r.rlim_cur = 0; else r.rlim_max = r.rlim_cur = RLIM_INFINITY; setrlimit(RLIMIT_CORE, &r); /* Ignore errors */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.44b/config.h new/afl-2.45b/config.h --- old/afl-2.44b/config.h 2017-06-28 09:14:52.000000000 +0200 +++ new/afl-2.45b/config.h 2017-07-04 22:47:24.000000000 +0200 @@ -21,7 +21,7 @@ /* Version string: */ -#define VERSION "2.44b" +#define VERSION "2.45b" /****************************************************** * * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.44b/docs/ChangeLog new/afl-2.45b/docs/ChangeLog --- old/afl-2.44b/docs/ChangeLog 2017-06-28 09:11:54.000000000 +0200 +++ new/afl-2.45b/docs/ChangeLog 2017-07-04 22:47:17.000000000 +0200 @@ -17,6 +17,17 @@ to get on with the times. -------------- +Version 2.45b: +-------------- + + - Added strstr, strcasestr support to libtokencap. Contributed by + Daniel Hodson. + + - Fixed a resumption offset glitch spotted by Jakub Wilk. + + - There are definitely no bugs in afl-showmap -c now. + +-------------- Version 2.44b: -------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.44b/docs/README new/afl-2.45b/docs/README --- old/afl-2.44b/docs/README 2017-04-21 18:12:24.000000000 +0200 +++ new/afl-2.45b/docs/README 2017-06-28 19:27:57.000000000 +0200 @@ -482,7 +482,7 @@ Joshua J. Drake Toby Hutton Rene Freingruber Sergey Davidoff Sami Liedes Craig Young - Andrzej Jackowski + Andrzej Jackowski Daniel Hodson Thank you! diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.44b/libtokencap/README.tokencap new/afl-2.45b/libtokencap/README.tokencap --- old/afl-2.44b/libtokencap/README.tokencap 2016-08-07 08:02:59.000000000 +0200 +++ new/afl-2.45b/libtokencap/README.tokencap 2017-06-28 19:25:22.000000000 +0200 @@ -32,7 +32,8 @@ when using afl-gcc. This setting specifically adds the following flags: -fno-builtin-strcmp -fno-builtin-strncmp -fno-builtin-strcasecmp - -fno-builtin-strcasencmp -fno-builtin-memcmp + -fno-builtin-strcasencmp -fno-builtin-memcmp -fno-builtin-strstr + -fno-builtin-strcasestr The next step is simply loading this library via LD_PRELOAD. The optimal usage pattern is to allow afl-fuzz to fuzz normally for a while and build up a corpus, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.44b/libtokencap/libtokencap.so.c new/afl-2.45b/libtokencap/libtokencap.so.c --- old/afl-2.44b/libtokencap/libtokencap.so.c 2016-08-06 03:51:20.000000000 +0200 +++ new/afl-2.45b/libtokencap/libtokencap.so.c 2017-06-28 19:27:14.000000000 +0200 @@ -241,6 +241,57 @@ } +#undef strstr + +const char* strstr(const char* haystack, const char* needle) { + + if (__tokencap_is_ro(haystack)) + __tokencap_dump(haystack, strlen(haystack), 1); + + if (__tokencap_is_ro(needle)) + __tokencap_dump(needle, strlen(needle), 1); + + do { + const char* n = needle; + const char* h = haystack; + + while(*n && *h && *n == *h) n++, h++; + + if(!*n) return haystack; + + } while (*(haystack++)); + + return 0; + +} + + +#undef strcasestr + +const char* strcasestr(const char* haystack, const char* needle) { + + if (__tokencap_is_ro(haystack)) + __tokencap_dump(haystack, strlen(haystack), 1); + + if (__tokencap_is_ro(needle)) + __tokencap_dump(needle, strlen(needle), 1); + + do { + + const char* n = needle; + const char* h = haystack; + + while(*n && *h && tolower(*n) == tolower(*h)) n++, h++; + + if(!*n) return haystack; + + } while(*(haystack++)); + + return 0; + +} + + /* Init code to open the output file (or default to stderr). */ __attribute__((constructor)) void __tokencap_init(void) {