Hello community, here is the log from the commit of package afl for openSUSE:Factory checked in at 2017-09-04 12:39:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/afl (Old) and /work/SRC/openSUSE:Factory/.afl.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "afl" Mon Sep 4 12:39:06 2017 rev:38 rq:520490 version:2.51b Changes: -------- --- /work/SRC/openSUSE:Factory/afl/afl.changes 2017-08-01 09:25:15.160768059 +0200 +++ /work/SRC/openSUSE:Factory/.afl.new/afl.changes 2017-09-04 12:39:09.651552081 +0200 @@ -1,0 +2,12 @@ +Sun Sep 3 12:08:41 UTC 2017 - [email protected] + +- afl 2.51b: + * Make afl-tmin call setsid to prevent glibc traceback junk from + showing up on the terminal +- includes changes form 2.50b: + * Fix a timing corner case + * Address a libtokencap / pthreads incompatibility issue + * Add AFL_FAST_CAL. + * In-place resume now preserves .synced + +------------------------------------------------------------------- Old: ---- afl-2.49b.tgz New: ---- afl-2.51b.tgz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ afl.spec ++++++ --- /var/tmp/diff_new_pack.e8WNfC/_old 2017-09-04 12:39:11.247327570 +0200 +++ /var/tmp/diff_new_pack.e8WNfC/_new 2017-09-04 12:39:11.247327570 +0200 @@ -17,7 +17,7 @@ Name: afl -Version: 2.49b +Version: 2.51b Release: 0 Summary: American fuzzy lop is a security-oriented fuzzer License: Apache-2.0 ++++++ afl-2.49b.tgz -> afl-2.51b.tgz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.49b/afl-fuzz.c new/afl-2.51b/afl-fuzz.c --- old/afl-2.49b/afl-fuzz.c 2017-07-01 03:55:06.000000000 +0200 +++ new/afl-2.51b/afl-fuzz.c 2017-08-20 06:34:26.000000000 +0200 @@ -120,7 +120,8 @@ qemu_mode, /* Running in QEMU mode? */ skip_requested, /* Skip request, via SIGUSR1 */ run_over10m, /* Run time over 10 minutes? */ - persistent_mode; /* Running in persistent mode? */ + persistent_mode, /* Running in persistent mode? */ + fast_cal; /* Try to calibrate faster? */ static s32 out_fd, /* Persistent fd for out_file */ dev_urandom_fd = -1, /* Persistent fd for /dev/urandom */ @@ -2433,11 +2434,14 @@ /* Report outcome to caller. */ - if (child_timed_out) return FAULT_TMOUT; - if (WIFSIGNALED(status) && !stop_soon) { + kill_signal = WTERMSIG(status); + + if (child_timed_out && kill_signal == SIGKILL) return FAULT_TMOUT; + return FAULT_CRASH; + } /* A somewhat nasty hack for MSAN, which doesn't support abort_on_error and @@ -2548,7 +2552,7 @@ q->cal_failed++; stage_name = "calibration"; - stage_max = CAL_CYCLES; + stage_max = fast_cal ? 3 : CAL_CYCLES; /* Make sure the forkserver is up before we do anything, and let's not count its spin-up time toward binary calibration. */ @@ -3200,6 +3204,12 @@ write_to_testcase(mem, len); new_fault = run_target(argv, hang_tmout); + /* A corner case that one user reported bumping into: increasing the + timeout actually uncovers a crash. Make sure we don't discard it if + so. */ + + if (!stop_soon && new_fault == FAULT_CRASH) goto keep_as_crash; + if (stop_soon || new_fault != FAULT_TMOUT) return keeping; } @@ -3224,6 +3234,8 @@ case FAULT_CRASH: +keep_as_crash: + /* This is handled in a manner roughly similar to timeouts, except for slightly different limits and no need to re-run test cases. */ @@ -3689,9 +3701,13 @@ /* Okay, let's get the ball rolling! First, we need to get rid of the entries in <out_dir>/.synced/.../id:*, if any are present. */ - fn = alloc_printf("%s/.synced", out_dir); - if (delete_files(fn, NULL)) goto dir_cleanup_failed; - ck_free(fn); + if (!in_place_resume) { + + fn = alloc_printf("%s/.synced", out_dir); + if (delete_files(fn, NULL)) goto dir_cleanup_failed; + ck_free(fn); + + } /* Next, we need to clean up <out_dir>/queue/.state/ subdirectories: */ @@ -4420,7 +4436,8 @@ } -/* Find first power of two greater or equal to val. */ +/* Find first power of two greater or equal to val (assuming val under + 2^31). */ static u32 next_p2(u32 val) { @@ -7128,7 +7145,10 @@ if (sync_id) { tmp = alloc_printf("%s/.synced/", out_dir); - if (mkdir(tmp, 0700)) PFATAL("Unable to create '%s'", tmp); + + if (mkdir(tmp, 0700) && (!in_place_resume || errno != EEXIST)) + PFATAL("Unable to create '%s'", tmp); + ck_free(tmp); } @@ -7883,8 +7903,9 @@ if (getenv("AFL_NO_FORKSRV")) no_forkserver = 1; if (getenv("AFL_NO_CPU_RED")) no_cpu_meter_red = 1; - if (getenv("AFL_NO_ARITH")) no_arith = 1; + if (getenv("AFL_NO_ARITH")) no_arith = 1; if (getenv("AFL_SHUFFLE_QUEUE")) shuffle_queue = 1; + if (getenv("AFL_FAST_CAL")) fast_cal = 1; if (getenv("AFL_HANG_TMOUT")) { hang_tmout = atoi(getenv("AFL_HANG_TMOUT")); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.49b/afl-tmin.c new/afl-2.51b/afl-tmin.c --- old/afl-2.49b/afl-tmin.c 2017-07-18 18:05:19.000000000 +0200 +++ new/afl-2.51b/afl-tmin.c 2017-08-31 06:25:50.000000000 +0200 @@ -283,6 +283,8 @@ close(dev_null_fd); close(prog_in_fd); + setsid(); + if (mem_limit) { r.rlim_max = r.rlim_cur = ((rlim_t)mem_limit) << 20; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.49b/config.h new/afl-2.51b/config.h --- old/afl-2.49b/config.h 2017-07-19 01:28:15.000000000 +0200 +++ new/afl-2.51b/config.h 2017-08-31 06:27:31.000000000 +0200 @@ -21,7 +21,7 @@ /* Version string: */ -#define VERSION "2.49b" +#define VERSION "2.51b" /****************************************************** * * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.49b/docs/ChangeLog new/afl-2.51b/docs/ChangeLog --- old/afl-2.49b/docs/ChangeLog 2017-07-19 01:27:57.000000000 +0200 +++ new/afl-2.51b/docs/ChangeLog 2017-08-31 06:27:21.000000000 +0200 @@ -17,6 +17,28 @@ to get on with the times. --------------------------- +Version 2.51b (2017-08-30): +--------------------------- + + - Made afl-tmin call setsid to prevent glibc traceback junk from showing + up on the terminal in some distros. Suggested by Jakub Wilk. + +--------------------------- +Version 2.50b (2017-08-19): +--------------------------- + + - Fixed an interesting timing corner case spotted by Jakub Wilk. + + - Addressed a libtokencap / pthreads incompatibility issue. Likewise, spotted + by Jakub Wilk. + + - Added a mention of afl-kit and Pythia. + + - Added AFL_FAST_CAL. + + - In-place resume now preserves .synced. Suggested by Jakub Wilk. + +--------------------------- Version 2.49b (2017-07-18): --------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.49b/docs/env_variables.txt new/afl-2.51b/docs/env_variables.txt --- old/afl-2.49b/docs/env_variables.txt 2017-07-18 17:41:40.000000000 +0200 +++ new/afl-2.51b/docs/env_variables.txt 2017-08-06 16:30:17.000000000 +0200 @@ -145,6 +145,9 @@ mutated files - say, to fix up checksums. See experimental/post_library/ for more. + - AFL_FAST_CAL keeps the calibration stage about 2.5x faster (albeit less + precise), which can help when starting a session against a slow target. + - The CPU widget shown at the bottom of the screen is fairly simplistic and may complain of high load prematurely, especially on systems with low core counts. To avoid the alarming red color, you can set AFL_NO_CPU_RED. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.49b/docs/sister_projects.txt new/afl-2.51b/docs/sister_projects.txt --- old/afl-2.49b/docs/sister_projects.txt 2017-03-14 20:45:31.000000000 +0100 +++ new/afl-2.51b/docs/sister_projects.txt 2017-08-06 16:37:50.000000000 +0200 @@ -228,6 +228,14 @@ https://github.com/MarkusTeufelberger/afl-ddmin-mod +afl-kit (Kuang-che Wu) +---------------------- + + Replacements for afl-cmin and afl-tmin with additional features, such + as the ability to filter crashes based on stderr patterns. + + https://github.com/kcwu/afl-kit + ------------------------------- Narrow-purpose or experimental: ------------------------------- @@ -336,3 +344,11 @@ Facilitates the testing of CGI scripts. https://github.com/floyd-fuh/afl-cgi-wrapper + +Fuzzing difficulty estimation (Marcel Boehme) +--------------------------------------------- + + A fork of AFL that tries to quantify the likelihood of finding additional + paths or crashes at any point in a fuzzing job. + + https://github.com/mboehme/pythia diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/afl-2.49b/libtokencap/libtokencap.so.c new/afl-2.51b/libtokencap/libtokencap.so.c --- old/afl-2.49b/libtokencap/libtokencap.so.c 2017-07-10 22:52:22.000000000 +0200 +++ new/afl-2.51b/libtokencap/libtokencap.so.c 2017-08-20 06:33:44.000000000 +0200 @@ -102,7 +102,8 @@ u32 i; u32 pos = 0; - if (len < MIN_AUTO_EXTRA || len > MAX_AUTO_EXTRA) return; + if (len < MIN_AUTO_EXTRA || len > MAX_AUTO_EXTRA || !__tokencap_out_file) + return; for (i = 0; i < len; i++) {
