From af245dbaca13ef33da686d5fc261fda8341597fc Mon Sep 17 00:00:00 2001 From: Nguyễn Gia Phong Date: Tue, 4 Mar 2025 11:33:11 +0900 Subject: Remove (broken) AFLRun --- README.md | 1 - REUSE.toml | 7 ++++++- loftix/fuzzing.scm | 26 -------------------------- patches/afl++-disable-inst-checks.patch | 13 +++++++++++++ patches/afl++-keep-all-crashes.patch | 29 +++++++++++++++++++++++++++++ patches/aflrun-disable-inst-checks.patch | 13 ------------- patches/aflrun-keep-all-crashes.patch | 29 ----------------------------- 7 files changed, 48 insertions(+), 70 deletions(-) create mode 100644 patches/afl++-disable-inst-checks.patch create mode 100644 patches/afl++-keep-all-crashes.patch delete mode 100644 patches/aflrun-disable-inst-checks.patch delete mode 100644 patches/aflrun-keep-all-crashes.patch diff --git a/README.md b/README.md index f6ec15e..7ec37fc 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,6 @@ Then run `guix pull`. ### Fuzzing -- [AFLRun]: multi-target directed [AFL++] with path diversity - [afl-dyninst]: Dyninst integration for AFL++ ### Patching diff --git a/REUSE.toml b/REUSE.toml index 0174744..db4a528 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -187,7 +187,12 @@ SPDX-FileCopyrightText = '2019 陈鹏' SPDX-License-Identifier = 'CC0-1.0' [[annotations]] -path = 'patches/*.patch' +path = 'patches/afl++-*.patch' +SPDX-FileCopyrightText = '2024 Nguyễn Gia Phong' +SPDX-License-Identifier = 'GPL-3.0-or-later' + +[[annotations]] +path = 'patches/e9patch-*.patch' SPDX-FileCopyrightText = '2024 Nguyễn Gia Phong' SPDX-License-Identifier = 'GPL-3.0-or-later' diff --git a/loftix/fuzzing.scm b/loftix/fuzzing.scm index c06d118..e67a910 100644 --- a/loftix/fuzzing.scm +++ b/loftix/fuzzing.scm @@ -17,32 +17,6 @@ #:use-module ((guix licenses) #:prefix license:) #:use-module (guix packages)) -(define-public aflrun - (let ((commit "65d51e3b6dd44957c99fa57c1fb9fa4a040451a0") - (revision "0")) - (package - (inherit aflplusplus) - (name "aflrun") - (version (git-version "2024.12.03" revision commit)) - (source - (origin - (method url-fetch) - (uri (string-append - "https://trong.loang.net/~cnx/afl++/snapshot/afl++-" - commit ".tar.gz")) - (sha256 - (base32 - "1q1smpk6l25cipszj917kvw1shfi5zznxsq4dcwlallym1s1gxqy")) - (patches (search-patches - "patches/aflrun-keep-all-crashes.patch" - "patches/aflrun-disable-inst-checks.patch")))) - (native-inputs (list gcc-14)) - (synopsis "Multi-target directed AFL++ with path diversity") - (description "AFLRun is a fork of AFL++ -for unbiased multiple-target fuxxing with path diversity.") - (home-page "https://trong.loang.net/~cnx/afl++/log?h=run") - (license license:asl2.0)))) - (define-public afl-dyninst (package (name "afl-dyninst") diff --git a/patches/afl++-disable-inst-checks.patch b/patches/afl++-disable-inst-checks.patch new file mode 100644 index 0000000..68ea511 --- /dev/null +++ b/patches/afl++-disable-inst-checks.patch @@ -0,0 +1,13 @@ +diff --git a/GNUmakefile b/GNUmakefile +index 9a2a7ad3d307..9c3b6a1b1f96 100644 +--- a/GNUmakefile ++++ b/GNUmakefile +@@ -325,7 +325,7 @@ ifdef TEST_MMAP + endif + + .PHONY: all +-all: test_x86 test_shm test_python ready $(PROGS) afl-as llvm gcc_plugin test_build all_done ++all: test_x86 test_shm test_python ready $(PROGS) afl-as llvm gcc_plugin + -$(MAKE) -C utils/aflpp_driver + @echo + @echo diff --git a/patches/afl++-keep-all-crashes.patch b/patches/afl++-keep-all-crashes.patch new file mode 100644 index 0000000..e3ce8f6 --- /dev/null +++ b/patches/afl++-keep-all-crashes.patch @@ -0,0 +1,29 @@ +diff --git a/src/afl-fuzz-bitmap.c b/src/afl-fuzz-bitmap.c +index f05bb7db59d5..de275e374ff1 100644 +--- a/src/afl-fuzz-bitmap.c ++++ b/src/afl-fuzz-bitmap.c +@@ -556,7 +556,6 @@ save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault, u8 inc) { + if (likely(!new_bits && !new_paths)) { + + if (unlikely(afl->crash_mode)) { ++afl->total_crashes; } +- return 0; + + } + +@@ -837,16 +836,12 @@ save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault, u8 inc) { + + ++afl->total_crashes; + +- if (afl->saved_crashes >= KEEP_UNIQUE_CRASH) { return keeping; } +- + if (likely(!afl->non_instrumented_mode)) { + + if (!classified) { classify_counts(&afl->fsrv); } + + simplify_trace(afl, afl->fsrv.trace_bits); + +- if (!has_new_bits(afl, afl->virgin_crash)) { return keeping; } +- + } + + if (unlikely(!afl->saved_crashes) && diff --git a/patches/aflrun-disable-inst-checks.patch b/patches/aflrun-disable-inst-checks.patch deleted file mode 100644 index 68ea511..0000000 --- a/patches/aflrun-disable-inst-checks.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/GNUmakefile b/GNUmakefile -index 9a2a7ad3d307..9c3b6a1b1f96 100644 ---- a/GNUmakefile -+++ b/GNUmakefile -@@ -325,7 +325,7 @@ ifdef TEST_MMAP - endif - - .PHONY: all --all: test_x86 test_shm test_python ready $(PROGS) afl-as llvm gcc_plugin test_build all_done -+all: test_x86 test_shm test_python ready $(PROGS) afl-as llvm gcc_plugin - -$(MAKE) -C utils/aflpp_driver - @echo - @echo diff --git a/patches/aflrun-keep-all-crashes.patch b/patches/aflrun-keep-all-crashes.patch deleted file mode 100644 index e3ce8f6..0000000 --- a/patches/aflrun-keep-all-crashes.patch +++ /dev/null @@ -1,29 +0,0 @@ -diff --git a/src/afl-fuzz-bitmap.c b/src/afl-fuzz-bitmap.c -index f05bb7db59d5..de275e374ff1 100644 ---- a/src/afl-fuzz-bitmap.c -+++ b/src/afl-fuzz-bitmap.c -@@ -556,7 +556,6 @@ save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault, u8 inc) { - if (likely(!new_bits && !new_paths)) { - - if (unlikely(afl->crash_mode)) { ++afl->total_crashes; } -- return 0; - - } - -@@ -837,16 +836,12 @@ save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault, u8 inc) { - - ++afl->total_crashes; - -- if (afl->saved_crashes >= KEEP_UNIQUE_CRASH) { return keeping; } -- - if (likely(!afl->non_instrumented_mode)) { - - if (!classified) { classify_counts(&afl->fsrv); } - - simplify_trace(afl, afl->fsrv.trace_bits); - -- if (!has_new_bits(afl, afl->virgin_crash)) { return keeping; } -- - } - - if (unlikely(!afl->saved_crashes) && -- cgit 1.4.1