diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/Changelog.md | 14 | ||||
| -rw-r--r-- | docs/INSTALL.md | 5 | ||||
| -rw-r--r-- | docs/env_variables.md | 18 |
3 files changed, 30 insertions, 7 deletions
diff --git a/docs/Changelog.md b/docs/Changelog.md index a420dcc2..f4ae0e43 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -11,7 +11,17 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. ### Version ++4.01a (dev) - fix */build_...sh scripts to work outside of git - new custom_mutator: libafl with token fuzzing :) - (still needs README) + - afl-fuzz: + - new commandline options -g/G to set min/max length of generated + fuzz inputs + - reintroduced AFL_PERSISTENT and AFL_DEFER_FORKSRV to allow + persistent mode and manual forkserver support if these are not + in the target binary (e.g. are in a shared library) + - add AFL_EARY_FORKSERVER to install the forkserver as earliest as + possible in the target (for afl-gcc-fast/afl-clang-fast/ + afl-clang-lto) + - frida_mode: + - update to new frida release, handles now c++ throw/catch ### Version ++4.00c (release) @@ -59,7 +69,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. - fix bug where targets are not killed on timeouts - moved hidden afl-showmap -A option to -H to be used for coresight_mode - - Prevent accidentaly killing non-afl/fuzz services when aborting + - Prevent accidentally killing non-afl/fuzz services when aborting afl-showmap and other tools. - afl-cc: - detect overflow reads on initial input buffer for asan diff --git a/docs/INSTALL.md b/docs/INSTALL.md index e2bc8420..b0090e77 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -3,8 +3,9 @@ ## Linux on x86 An easy way to install AFL++ with everything compiled is available via docker: -You can use the [Dockerfile](../Dockerfile) (which has gcc-10 and clang-11 - -hence afl-clang-lto is available!) or just pull directly from the Docker Hub: +You can use the [Dockerfile](../Dockerfile) (which has gcc-10 and clang-12 - +hence afl-clang-lto is available) or just pull directly from the Docker Hub +(for x86_64 and arm64): ```shell docker pull aflplusplus/aflplusplus diff --git a/docs/env_variables.md b/docs/env_variables.md index 2a8fbcb7..4626a9b6 100644 --- a/docs/env_variables.md +++ b/docs/env_variables.md @@ -400,6 +400,10 @@ checks or alter some of the more exotic semantics of the tool: This makes the "own finds" counter in the UI more accurate. Beyond counter aesthetics, not much else should change. + - Setting `AFL_INPUT_LEN_MIN` and `AFL_INPUT_LEN_MAX` are an alternative to + the afl-fuzz -g/-G command line option to control the minimum/maximum + of fuzzing input generated. + - `AFL_KILL_SIGNAL`: Set the signal ID to be delivered to child processes on timeout. Unless you implement your own targets or instrumentation, you likely don't have to set it. By default, on timeout and on exit, `SIGKILL` @@ -528,9 +532,17 @@ checks or alter some of the more exotic semantics of the tool: - Setting `AFL_TRY_AFFINITY` tries to attempt binding to a specific CPU core on Linux systems, but will not terminate if that fails. - - Outdated environment variables that are not supported anymore: - - `AFL_DEFER_FORKSRV` - - `AFL_PERSISTENT` + - The following environment variables are only needed if you implemented + your own forkserver or persistent mode, or if __AFL_LOOP or __AFL_INIT + are in a shared library and not the main binary: + - `AFL_DEFER_FORKSRV` enforces a deferred forkserver even if none was + detected in the target binary + - `AFL_PERSISTENT` enforces persistent mode even if none was detected + in the target binary + + - If you need an early forkserver in your target because of early + constructors in your target you can set `AFL_EARLY_FORKSERVER`. + Note that this is not a compile time option but a runtime option :-) ## 5) Settings for afl-qemu-trace |