diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/Changelog.md | 18 | ||||
| -rw-r--r-- | docs/custom_mutators.md | 2 | ||||
| -rw-r--r-- | docs/parallel_fuzzing.md | 14 | ||||
| -rw-r--r-- | docs/screenshot.png | bin | 0 -> 117199 bytes |
4 files changed, 30 insertions, 4 deletions
diff --git a/docs/Changelog.md b/docs/Changelog.md index afb9dea6..38787def 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -9,6 +9,24 @@ Want to stay in the loop on major new features? Join our mailing list by sending a mail to <afl-users+subscribe@googlegroups.com>. +### Version ++2.66d (devel) + - afl-fuzz: + - added -F option to allow -M main fuzzers to sync to foreign fuzzers, + e.g. honggfuzz or libfuzzer + - eliminated CPU affinity race condition for -S/-M runs + - llvm_mode: + - now supports llvm 12! + - fixes for laf-intel float splitting (thanks to mark-griffin for + reporting) + - LTO: autodictionary mode is a default + - LTO: instrim instrumentation disabled, only classic support used + as it is always better + - added honggfuzz mangle as a custom mutator in custom_mutators/honggfuzz :) + - added afl-frida gum solution to examples/afl_frida (mostly imported + from https://github.com/meme/hotwax/) + - small fixes to afl-plot, afl-whatsup and man page creation + + ### Version ++2.66c (release) - renamed the main branch on Github to "stable" - renamed master/slave to main/secondary diff --git a/docs/custom_mutators.md b/docs/custom_mutators.md index 464acbee..a22c809b 100644 --- a/docs/custom_mutators.md +++ b/docs/custom_mutators.md @@ -36,7 +36,7 @@ size_t afl_custom_fuzz(void *data, uint8_t *buf, size_t buf_size, u8 **out_buf, size_t afl_custom_post_process(void *data, uint8_t *buf, size_t buf_size, uint8_t **out_buf); int32_t afl_custom_init_trim(void *data, uint8_t *buf, size_t buf_size); size_t afl_custom_trim(void *data, uint8_t **out_buf); -int32_t afl_custom_post_trim(void *data, int success) { +int32_t afl_custom_post_trim(void *data, int success); size_t afl_custom_havoc_mutation(void *data, u8 *buf, size_t buf_size, u8 **out_buf, size_t max_size); uint8_t afl_custom_havoc_mutation_probability(void *data); uint8_t afl_custom_queue_get(void *data, const uint8_t *filename); diff --git a/docs/parallel_fuzzing.md b/docs/parallel_fuzzing.md index 271f8369..2ab1466c 100644 --- a/docs/parallel_fuzzing.md +++ b/docs/parallel_fuzzing.md @@ -99,7 +99,15 @@ example may be: This is not a concern if you use @@ without -f and let afl-fuzz come up with the file name. -## 3) Multi-system parallelization +## 3) Syncing with non-afl fuzzers or independant instances + +A -M main node can be told with the `-F other_fuzzer_queue_directory` option +to sync results from other fuzzers, e.g. libfuzzer or honggfuzz. + +Only the specified directory will by synced into afl, not subdirectories. +The specified directories do not need to exist yet at the start of afl. + +## 4) Multi-system parallelization The basic operating principle for multi-system parallelization is similar to the mechanism explained in section 2. The key difference is that you need to @@ -176,7 +184,7 @@ It is *not* advisable to skip the synchronization script and run the fuzzers directly on a network filesystem; unexpected latency and unkillable processes in I/O wait state can mess things up. -## 4) Remote monitoring and data collection +## 5) Remote monitoring and data collection You can use screen, nohup, tmux, or something equivalent to run remote instances of afl-fuzz. If you redirect the program's output to a file, it will @@ -200,7 +208,7 @@ Keep in mind that crashing inputs are *not* automatically propagated to the main instance, so you may still want to monitor for crashes fleet-wide from within your synchronization or health checking scripts (see afl-whatsup). -## 5) Asymmetric setups +## 6) Asymmetric setups It is perhaps worth noting that all of the following is permitted: diff --git a/docs/screenshot.png b/docs/screenshot.png new file mode 100644 index 00000000..7b4dd7e4 --- /dev/null +++ b/docs/screenshot.png Binary files differ |
