diff options
| -rw-r--r-- | docs/Changelog.md | 10 | ||||
| -rwxr-xr-x | qemu_mode/build_qemu_support.sh | 1 | ||||
| -rw-r--r-- | src/afl-common.c | 13 | ||||
| -rw-r--r-- | src/afl-showmap.c | 4 |
4 files changed, 16 insertions, 12 deletions
diff --git a/docs/Changelog.md b/docs/Changelog.md index 3ad80b7b..9c563f7c 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -12,13 +12,13 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. ### Version ++2.63d (development): - llvm_mode LTO mode: - now requires llvm11 - but compiles all targets! :) - - autodictionary feature added, enable with AFL_LLVM_LTO_AUTODICTIONARY + - autodictionary feature added, enable with `AFL_LLVM_LTO_AUTODICTIONARY` - variable map size usage - afl-fuzz: - variable map size support added (only LTO mode can use this) - snapshot feature usage now visible in UI - - Now setting "-L -1" will enable MOpt in parallel to normal mutation. - Additionally this allows to run dictionaries, radamsa and cmplog. + - Now setting `-L -1` will enable MOpt in parallel to normal mutation. + Additionally, this allows to run dictionaries, radamsa and cmplog. - fix for cmplog/redqueen mode if stdin was used - fix for writing a better plot_data file - qemu_mode: fix for persistent mode @@ -30,6 +30,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. - if AFL_CC/AFL_CXX is set but empty afl compilers did fail, fixed (this bug is in vanilla afl too) - added NO_PYTHON flag to disable python support when building afl-fuzz + - Bugfix: in persistent mode, fuzzing could get stuck after initial crash (#319) + - Bugfix: alf-plot output (#320) - more refactoring @@ -318,7 +320,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. you use the new -p option :-) - see docs/power_schedules.md - added afl-system-config script to set all system performance options for fuzzing - llvm_mode works with llvm 3.9 up to including 8 ! - - qemu_mode got upgraded from 2.1 to 3.1 - incorporated from + - qemu_mode got upgraded from 2.1 to 3.1 - incorporated from https://github.com/andreafioraldi/afl and with community patches added diff --git a/qemu_mode/build_qemu_support.sh b/qemu_mode/build_qemu_support.sh index 3b5378a4..b34a149b 100755 --- a/qemu_mode/build_qemu_support.sh +++ b/qemu_mode/build_qemu_support.sh @@ -235,6 +235,7 @@ if [ "$ORIG_CPU_TARGET" = "" ]; then unset AFL_INST_RATIO export ASAN_OPTIONS=detect_leaks=0 + echo "[*] Comparing two afl-showmap -Q outputs..." echo 0 | ./afl-showmap -m none -Q -q -o .test-instr0 ./test-instr || exit 1 echo 1 | ./afl-showmap -m none -Q -q -o .test-instr1 ./test-instr || exit 1 diff --git a/src/afl-common.c b/src/afl-common.c index 3210ee97..45868271 100644 --- a/src/afl-common.c +++ b/src/afl-common.c @@ -222,10 +222,12 @@ char **get_qemu_argv(u8 *own_loc, u8 **target_path_p, int argc, char **argv) { } - } else + } else { ck_free(own_copy); + } + if (!access(BIN_PATH "/afl-qemu-trace", X_OK)) { if (cp) ck_free(cp); @@ -393,16 +395,19 @@ u8 *find_binary(u8 *fname) { memcpy(cur_elem, env_path, delim - env_path); delim++; - } else + } else { cur_elem = ck_strdup(env_path); + } + env_path = delim; - if (cur_elem[0]) + if (cur_elem[0]) { target_path = alloc_printf("%s/%s", cur_elem, fname); - else + } else { target_path = ck_strdup(fname); + } ck_free(cur_elem); diff --git a/src/afl-showmap.c b/src/afl-showmap.c index 0bcb71ed..f44b5453 100644 --- a/src/afl-showmap.c +++ b/src/afl-showmap.c @@ -488,11 +488,9 @@ static void usage(u8 *argv0) { "\n%s [ options ] -- /path/to/target_app [ ... ]\n\n" "Required parameters:\n" - " -o file - file to write the trace data to\n\n" "Execution control settings:\n" - " -t msec - timeout for each run (none)\n" " -m megs - memory limit for child process (%d MB)\n" " -Q - use binary-only instrumentation (QEMU mode)\n" @@ -500,9 +498,7 @@ static void usage(u8 *argv0) { " -W - use qemu-based instrumentation with Wine (Wine mode)\n" " (Not necessary, here for consistency with other afl-* " "tools)\n\n" - "Other settings:\n" - " -i dir - process all files in this directory, -o must be a " "directory\n" " and each bitmap will be written there individually.\n" |