From b8abf27b86e74a4ab6889322ef232a00f1f018c4 Mon Sep 17 00:00:00 2001 From: hexcoder Date: Fri, 25 Oct 2019 09:36:17 +0200 Subject: Update README.md remove Linux-only :-), list supported OSes --- libtokencap/README.md | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/libtokencap/README.md b/libtokencap/README.md index baf69da1..8aae38bf 100644 --- a/libtokencap/README.md +++ b/libtokencap/README.md @@ -2,7 +2,7 @@ (See ../docs/README for the general instruction manual.) -This Linux-only companion library allows you to instrument `strcmp()`, `memcmp()`, +This companion library allows you to instrument `strcmp()`, `memcmp()`, and related functions to automatically extract syntax tokens passed to any of these libcalls. The resulting list of tokens may be then given as a starting dictionary to afl-fuzz (the -x option) to improve coverage on subsequent @@ -55,9 +55,10 @@ If you don't get any results, the target library is probably not using strcmp() and memcmp() to parse input; or you haven't compiled it with -fno-builtin; or the whole thing isn't dynamically linked, and LD_PRELOAD is having no effect. -PS. The library is Linux-only because there is probably no particularly portable -and non-invasive way to distinguish between read-only and read-write memory -mappings. The `__tokencap_load_mappings()` function is the only thing that would -need to be changed for other OSes. Porting to platforms with /proc//maps -(e.g., FreeBSD) should be trivial. +Portability hints: There is probably no particularly portable and non-invasive +way to distinguish between read-only and read-write memory mappings. +The `__tokencap_load_mappings()` function is the only thing that would +need to be changed for other OSes. + +Current supported OSes are: Linux, Darwin, FreeBSD (thanks to @devnexen) -- cgit 1.4.1 From 7e9b6fe0aa820c8bce258eaa24d230ce96347d38 Mon Sep 17 00:00:00 2001 From: hexcoder Date: Fri, 25 Oct 2019 10:44:34 +0200 Subject: Update sister_projects.txt status updates for python mutators and whitelist selective instrumentation feature. --- docs/sister_projects.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/sister_projects.txt b/docs/sister_projects.txt index a2eb2a22..25e5560c 100644 --- a/docs/sister_projects.txt +++ b/docs/sister_projects.txt @@ -319,11 +319,13 @@ Fuzzer shell for SQLite (Richard Hipp) Support for Python mutation modules (Christian Holler) ------------------------------------------------------ +now integrated in AFL++, originally from here https://github.com/choller/afl/blob/master/docs/mozilla/python_modules.txt Support for selective instrumentation (Christian Holler) -------------------------------------------------------- +now integrated in AFL++, originally from here https://github.com/choller/afl/blob/master/docs/mozilla/partial_instrumentation.txt Kernel fuzzing (Dmitry Vyukov) -- cgit 1.4.1 From 644efa290582e76a9fb1dc42a7cfc782d628d3fe Mon Sep 17 00:00:00 2001 From: Andrea Fioraldi Date: Fri, 25 Oct 2019 14:02:30 +0200 Subject: remove redundand setenv of SHM_ENV_VAR --- src/afl-sharedmem.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/afl-sharedmem.c b/src/afl-sharedmem.c index d94100a3..e11221a4 100644 --- a/src/afl-sharedmem.c +++ b/src/afl-sharedmem.c @@ -153,8 +153,6 @@ void setup_shm(unsigned char dumb_mode) { shm_str = alloc_printf("%d", shm_id); - setenv(SHM_ENV_VAR, shm_str, 1); - /* If somebody is asking us to fuzz instrumented binaries in dumb mode, we don't want them to detect instrumentation, since we won't be sending fork server commands. This should be replaced with better auto-detection -- cgit 1.4.1