From 424438edfce9fd2be8b72f6d6242d6a44858a719 Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Wed, 28 Oct 2020 10:35:07 +0100 Subject: stop using deprecated MAINTAINER instruction, use LABEL instead --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 64b04ba6..b4e45087 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ # FROM ubuntu:20.04 AS aflplusplus -MAINTAINER afl++ team +LABEL "maintainer"="afl++ team " LABEL "about"="AFLplusplus docker image" ARG DEBIAN_FRONTEND=noninteractive -- cgit 1.4.1 From 29a9d3aa491fd03fa1cfa1328e49693225352848 Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Wed, 28 Oct 2020 10:36:34 +0100 Subject: add gnuplot for afl-plot --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index b4e45087..be77181c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -22,7 +22,8 @@ RUN apt-get update && apt-get upgrade -y && \ libglib2.0-dev \ wget vim jupp nano bash-completion \ apt-utils apt-transport-https ca-certificates gnupg dialog \ - libpixman-1-dev + libpixman-1-dev \ + gnuplot-nox RUN echo deb http://apt.llvm.org/focal/ llvm-toolchain-focal-11 main >> /etc/apt/sources.list && \ wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - -- cgit 1.4.1 From 987ddb72b1f5fb4a55259ddeb6ad67ba0061c73d Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Wed, 28 Oct 2020 10:38:43 +0100 Subject: use fewer layers and remove apt cache also use full-upgrade to ensure all conflicts are resolved --- Dockerfile | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/Dockerfile b/Dockerfile index be77181c..f305554d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,7 +11,7 @@ LABEL "about"="AFLplusplus docker image" ARG DEBIAN_FRONTEND=noninteractive -RUN apt-get update && apt-get upgrade -y && \ +RUN apt-get update && \ apt-get -y install --no-install-suggests --no-install-recommends \ automake \ bison flex \ @@ -23,24 +23,24 @@ RUN apt-get update && apt-get upgrade -y && \ wget vim jupp nano bash-completion \ apt-utils apt-transport-https ca-certificates gnupg dialog \ libpixman-1-dev \ - gnuplot-nox + gnuplot-nox \ + && rm -rf /var/lib/apt/lists/* RUN echo deb http://apt.llvm.org/focal/ llvm-toolchain-focal-11 main >> /etc/apt/sources.list && \ wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - RUN echo deb http://ppa.launchpad.net/ubuntu-toolchain-r/test/ubuntu focal main >> /etc/apt/sources.list && \ apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 1E9377A2BA9EF27F - -RUN apt-get update && apt-get upgrade -y -RUN apt-get install -y gcc-10 g++-10 gcc-10-plugin-dev gcc-10-multilib \ - libc++-10-dev gdb lcov - -RUN apt-get install -y clang-11 clang-tools-11 libc++1-11 libc++-11-dev \ +RUN apt-get update && apt-get full-upgrade -y && \ + apt-get -y install --no-install-suggests --no-install-recommends \ + gcc-10 g++-10 gcc-10-plugin-dev gcc-10-multilib libc++-10-dev gdb lcov \ + clang-11 clang-tools-11 libc++1-11 libc++-11-dev \ libc++abi1-11 libc++abi-11-dev libclang1-11 libclang-11-dev \ libclang-common-11-dev libclang-cpp11 libclang-cpp11-dev liblld-11 \ liblld-11-dev liblldb-11 liblldb-11-dev libllvm11 libomp-11-dev \ - libomp5-11 lld-11 lldb-11 llvm-11 llvm-11-dev llvm-11-runtime llvm-11-tools + libomp5-11 lld-11 lldb-11 llvm-11 llvm-11-dev llvm-11-runtime llvm-11-tools \ + && rm -rf /var/lib/apt/lists/* RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 0 RUN update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-10 0 -- cgit 1.4.1 From 8cdf04ec909d96b64ab786c0b859a0d9ea7c7624 Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Wed, 28 Oct 2020 10:39:45 +0100 Subject: quote the source lines --- Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index f305554d..6e932fdc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -26,10 +26,10 @@ RUN apt-get update && \ gnuplot-nox \ && rm -rf /var/lib/apt/lists/* -RUN echo deb http://apt.llvm.org/focal/ llvm-toolchain-focal-11 main >> /etc/apt/sources.list && \ - wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - - -RUN echo deb http://ppa.launchpad.net/ubuntu-toolchain-r/test/ubuntu focal main >> /etc/apt/sources.list && \ +RUN echo "deb http://apt.llvm.org/focal/ llvm-toolchain-focal-11 main" >> /etc/apt/sources.list && \ + wget -qO - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - + +RUN echo "deb http://ppa.launchpad.net/ubuntu-toolchain-r/test/ubuntu focal main" >> /etc/apt/sources.list && \ apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 1E9377A2BA9EF27F RUN apt-get update && apt-get full-upgrade -y && \ -- cgit 1.4.1 From 0d0e220b4badbcfaaab67de5a1b82bbc0326515e Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Wed, 28 Oct 2020 10:39:58 +0100 Subject: word-o --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 6e932fdc..788969b4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ # This Dockerfile for AFLplusplus uses Ubuntu 20.04 focal and # installs LLVM 11 from llvm.org for afl-clang-lto support :-) # It also installs gcc/g++ 10 from the Ubuntu development platform -# has focal has gcc-10 but not g++-10 ... +# since focal has gcc-10 but not g++-10 ... # FROM ubuntu:20.04 AS aflplusplus -- cgit 1.4.1 From 0f140578120c2cb439539e227f1b6adf42f70f65 Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Wed, 28 Oct 2020 11:00:50 +0100 Subject: this package was getting uninstalled anyway --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 788969b4..511b679c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -34,7 +34,7 @@ RUN echo "deb http://ppa.launchpad.net/ubuntu-toolchain-r/test/ubuntu focal main RUN apt-get update && apt-get full-upgrade -y && \ apt-get -y install --no-install-suggests --no-install-recommends \ - gcc-10 g++-10 gcc-10-plugin-dev gcc-10-multilib libc++-10-dev gdb lcov \ + gcc-10 g++-10 gcc-10-plugin-dev gcc-10-multilib gdb lcov \ clang-11 clang-tools-11 libc++1-11 libc++-11-dev \ libc++abi1-11 libc++abi-11-dev libclang1-11 libclang-11-dev \ libclang-common-11-dev libclang-cpp11 libclang-cpp11-dev liblld-11 \ -- cgit 1.4.1 From 90e04d49094c413eeb55483c62434e11ee0cd888 Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Wed, 28 Oct 2020 11:02:44 +0100 Subject: cache is already removed here --- Dockerfile | 2 -- 1 file changed, 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 511b679c..36f45121 100644 --- a/Dockerfile +++ b/Dockerfile @@ -45,8 +45,6 @@ RUN apt-get update && apt-get full-upgrade -y && \ RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 0 RUN update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-10 0 -RUN rm -rf /var/cache/apt/archives/* - ENV LLVM_CONFIG=llvm-config-11 ENV AFL_SKIP_CPUFREQ=1 -- cgit 1.4.1 From d4bf0c7db7943c20f32636798e223e649d758934 Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Wed, 28 Oct 2020 11:27:11 +0100 Subject: add suggestion for using a ramdisk in docker --- README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.md b/README.md index f09d9163..bbe16bc0 100644 --- a/README.md +++ b/README.md @@ -1009,6 +1009,14 @@ tasks, fuzzing may put a strain on your hardware and on the OS. In particular: $ iostat -d 3 -x -k [...optional disk ID...] ``` + Using the `AFL_TMPDIR` environment variable and a RAM-disk you can have the + heavy writing done in RAM to prevent the aforementioned wear and tear. For + example the following line will run a Docker container with all this preset: + + ```shell + # docker run -ti --mount type=tmpfs,destination=/ramdisk -e AFL_TMPDIR=/ramdisk aflplusplus/aflplusplus + ``` + ## Known limitations & areas for improvement Here are some of the most important caveats for AFL: -- cgit 1.4.1 From 55dd04132fa89002ca15fe38aa519be754e33539 Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Wed, 28 Oct 2020 11:30:21 +0100 Subject: add afl-dyninst shared libraries --- Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Dockerfile b/Dockerfile index 36f45121..b881c7c8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -61,3 +61,6 @@ RUN export REAL_CXX=g++-10 && export CC=gcc-10 && \ RUN echo 'alias joe="jupp --wordwrap"' >> ~/.bashrc RUN echo 'export PS1="[afl++]$PS1"' >> ~/.bashrc ENV IS_DOCKER="1" + +COPY --from=aflplusplus/afl-dyninst /usr/local/lib/libdyninstAPI_RT.so /usr/local/lib/libdyninstAPI_RT.so +COPY --from=aflplusplus/afl-dyninst /afl-dyninst/libAflDyninst.so /usr/local/lib/libAflDyninst.so -- cgit 1.4.1 From a09a6459edd9008d026ba292d4396506d609aa1f Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Wed, 28 Oct 2020 11:36:06 +0100 Subject: add name, forgot that last time --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index bbe16bc0..194e4628 100644 --- a/README.md +++ b/README.md @@ -1104,7 +1104,7 @@ without feedback, bug reports, or patches from: Andrea Biondo Vincent Le Garrec Khaled Yakdan Kuang-che Wu Josephine Calliotte Konrad Welc - David Carlier + David Carlier Ruben ten Hove ``` Thank you! -- cgit 1.4.1 From 0b9b4adbd3955102902823d8f07f4d155d954b8b Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Wed, 28 Oct 2020 14:03:01 +0100 Subject: show supplied -t option so we know it's used --- src/afl-fuzz-stats.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c index bec90519..b4b2f747 100644 --- a/src/afl-fuzz-stats.c +++ b/src/afl-fuzz-stats.c @@ -1152,6 +1152,10 @@ void show_init_stats(afl_state_t *afl) { ACTF("Applying timeout settings from resumed session (%u ms).", afl->fsrv.exec_tmout); + } else { + + OKF("-t option specified. We'll use an exec timeout of %s ms.", fsrv->exec_tmout); + } /* In non-instrumented mode, re-running every timing out test case with a -- cgit 1.4.1 From 587f66f1b341e9ad42655bc74843a2ed1d93ee09 Mon Sep 17 00:00:00 2001 From: Ruben ten Hove Date: Wed, 28 Oct 2020 15:42:07 +0100 Subject: whoops.. --- src/afl-fuzz-stats.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c index b4b2f747..6841eb88 100644 --- a/src/afl-fuzz-stats.c +++ b/src/afl-fuzz-stats.c @@ -1154,7 +1154,7 @@ void show_init_stats(afl_state_t *afl) { } else { - OKF("-t option specified. We'll use an exec timeout of %s ms.", fsrv->exec_tmout); + OKF("-t option specified. We'll use an exec timeout of %s ms.", afl->fsrv.exec_tmout); } -- cgit 1.4.1