American fuzzy lop is a security-oriented fuzzer
American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary. This substantially improves the functional coverage for the fuzzed code. The compact synthesized corpora produced by the tool are also useful for seeding other, more labor- or resource-intensive testing regimes down the road.
Compared to other instrumented fuzzers, afl-fuzz is designed to be practical: it has modest performance overhead, uses a variety of highly effective fuzzing strategies and effort minimization tricks, requires essentially no configuration, and seamlessly handles complex, real-world use cases - say, common image parsing or file compression libraries.
- Developed at devel:tools
- Sources inherited from project openSUSE:Factory
-
1
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Leap:15.1:Staging:FactoryCandidates/afl && cd $_ - Create Badge
Source Files
| Filename | Size | Changed |
|---|---|---|
| 3.10c.tar.gz | 0002059632 1.96 MB | |
| afl-3.0c-fix-paths.patch | 0000000960 960 Bytes | |
| afl-rpmlintrc | 0000000725 725 Bytes | |
| afl.changes | 0000082088 80.2 KB | |
| afl.spec | 0000003164 3.09 KB |
Revision 56 (latest revision is 82)
Richard Brown (RBrownSUSE)
accepted
request 875949
from
Marcus Meissner (msmeissn)
(revision 56)
- update to 3.10c
- Mac OS ARM64 support
- Android support fixed and updated by Joey Jiaojg - thanks!
- New selective instrumentation option with __AFL_COVERAGE_* commands
to be placed in the source code.
Check out instrumentation/README.instrument_list.md
- afl-fuzz
- Making AFL_MAP_SIZE (mostly) obsolete - afl-fuzz now learns on
start the target map size
- upgraded cmplog/redqueen: solving for floating point, solving
transformations (e.g. toupper, tolower, to/from hex, xor,
arithmetics, etc.). This is costly hence new command line option
`-l` that sets the intensity (values 1 to 3). Recommended is 2.
- added `AFL_CMPLOG_ONLY_NEW` to not use cmplog on initial seeds
from `-i` or resumes (these have most likely already been done)
- fix crash for very, very fast targets+systems (thanks to mhlakhani
for reporting)
- on restarts (`-i`)/autoresume (AFL_AUTORESUME) the stats are now
reloaded and used, thanks to Vimal Joseph for this patch!
- changed the meaning of '+' of the '-t' option, it now means to
auto-calculate the timeout with the value given being the max
timeout. The original meaning of skipping timeouts instead of
abort is now inherent to the -t option.
- if deterministic mode is active (`-D`, or `-M` without `-d`) then
we sync after every queue entry as this can take very long time
otherwise
- added minimum SYNC_TIME to include/config.h (30 minutes default)
- better detection if a target needs a large shared map
- fix for `-Z`
- fixed a few crashes
Comments 0