Overview Repositories Revisions Requests Users Attributes Meta

American fuzzy lop is a security-oriented fuzzer

Edit Package afl
http://lcamtuf.coredump.cx/afl/

American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary. This substantially improves the functional coverage for the fuzzed code. The compact synthesized corpora produced by the tool are also useful for seeding other, more labor- or resource-intensive testing regimes down the road.

Compared to other instrumented fuzzers, afl-fuzz is designed to be practical: it has modest performance overhead, uses a variety of highly effective fuzzing strategies and effort minimization tricks, requires essentially no configuration, and seamlessly handles complex, real-world use cases - say, common image parsing or file compression libraries.

  • Developed at devel:tools
  • Sources inherited from project openSUSE:Factory
  • 1 derived packages
  • Download package
  • osc -A https://api.opensuse.org checkout openSUSE:Factory:zSystems/afl && cd $_
  • Create Badge
Refresh
Refresh
Source Files
Filename Size Changed
4.00c.tar.gz 0002805041 2.68 MB
afl-3.0c-fix-paths.patch 0000000972 972 Bytes
afl-rpmlintrc 0000000725 725 Bytes
afl.changes 0000099900 97.6 KB
afl.spec 0000003877 3.79 KB
Revision 67 (latest revision is 82)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 950197 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 67) 
- updated to 4.00c
  - complete documentation restructuring, made possible by Google Season
    of Docs :) thank you Jana!
  - we renamed several UI and fuzzer_stat entries to be more precise,
    e.g. "unique crashes" -> "saved crashes", "total paths" ->
    "corpus count", "current path" -> "current item".
    This might need changing custom scripting!
  - Nyx mode (full system emulation with snapshot capability) has been
    added - thanks to @schumilo and @eqv!
  - unicorn_mode:
    -   Moved to unicorn2! by Ziqiao Kong (@lazymio)
    -   Faster, more accurate emulation (newer QEMU base), risc-v support
    -   removed indirections in rust callbacks
  - new binary-only fuzzing mode: coresight_mode for aarch64 CPUs :)
    thanks to RICSecLab submitting!
  - if instrumented libaries are dlopen()'ed after the forkserver you
    will now see a crash. Before you would have colliding coverage.
    We changed this to force fixing a broken setup rather then allowing
    ineffective fuzzing.
  - See docs/best_practices.md how to fix such setups.
  - afl-fuzz:
    -   cmplog binaries will need to be recompiled for this version
        (it is better!)
    -   fix a regression introduced in 3.10 that resulted in less
        coverage being detected. thanks to Collin May for reporting!
    -   ensure all spawned targets are killed on exit
    -   added AFL_IGNORE_PROBLEMS, plus checks to identify and abort on
        incorrect LTO usage setups and enhanced the READMEs for better
        information on how to deal with instrumenting libraries
    -   fix -n dumb mode (nobody should use this mode though) (forwarded request 950196 from msmeissn)
Comments 0
openSUSE Build Service is sponsored by
Places