-
-
Notifications
You must be signed in to change notification settings - Fork 8
/
ChangeLog
232 lines (166 loc) · 7.41 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
=========
ChangeLog
=========
-----------------------------------
Version 1.16b (based on afl 2.43b):
-----------------------------------
- Fixed an issue with Intel PT mode where target processes were not
terminated properly.
Reported by Jason Shirk
- Added a port of afl-analyze
Contributed by L4ys
- DynamoRIO version update - started building prebuilt binaries with
DynamoRIO 7.1
----------------------------------
Version 1.16 (based on afl 2.43b):
----------------------------------
- Intel PT support.
- Fix target_path in afl-showmap in drioless mode
Contributed by L4ys
----------------------------------
Version 1.15 (based on afl 2.43b):
----------------------------------
- Added -p flag which persists DynamoRIO cache across process restarts.
This might have a slight positive impact on performance in some scenarios,
such as where WinAFL persistece can't be used effectively, or
with very complex targets.
- Fix custom_net_fuzzer to avoid consuming system resources by
unclosed sockets.
Contributed by MostafaSoliman
----------------------------------
Version 1.14 (based on afl 2.43b):
----------------------------------
- Added support for third-party DLLs for custom test cases processing
This currently comes with (experimental) network fuzzing implementation
(both server- and client- side)
Contributed by Maksim Shudrak
- New "In App Persistence" mode that relaxes target_method restrictions
if the target process can be made to loop on its own
Contributed by Guy Inbar
- Implemented setup_post on Windows
Contributed by Quang Nguyễn
- Added separate timeout for process initialization and the first run
Contributed by Netanel Ben Simon
- Added color support to afl-showmap & afl-tmin
Contributed by Yoav Alon
- added winafl-plot.py a winafl replacement for afl-plot
Contributed by Yoav Alon
- added winafl-whatsup.py a winafl replacement for afl-whatsup
Contributed by Yoav Alon
- Fixed compilation issue on newer versions of DynamoRIO
Contributed by Yoav Alon
- Other minor fixes and improvements
Contributed by L4ys, Yoav Alon, Netanel Ben Simon and others
----------------------------------
Version 1.13 (based on afl 2.43b):
----------------------------------
- Added support for catching failfast-type issues
Contributed by Axel "0vercl0k" Souchet of MSRC Vulnerabilities and Mitigations Team
- Added support for catching Application Verifier errors
Contributed by yoava333
- Added support for processor affinity for afl-fuzz and target process
Contributed by yoava333
- Added support for ansi terminal on windows 10
Contributed by yoava333
- Make sure names of the output files generated by inafl-cmin.py are unique
Contributed by x9090
- Fixed a crash on zero sized input files
Contributed by yoava333
- Fixed a bug in load_extra that could cause errors or incorrect behavior when reading extras directory
- Fixed a race condition where afl-fuzz could attempt to fuzz the target process while it was getting killed
- fuzzer_pid now gets reported correctly in the fuzzer_stats file
----------------------------------
Version 1.12 (based on afl 2.43b):
----------------------------------
- Windows port of afl-tmin
Contributed by Axel "0vercl0k" Souchet of MSRC Vulnerabilities and Mitigations Team
----------------------------------
Version 1.11 (based on afl 2.43b):
----------------------------------
- Add support for setting a memory limit (-m flag)
Contributed by Axel "0vercl0k" Souchet of MSRC Vulnerabilities and Mitigations Team
----------------------------------
Version 1.10 (based on afl 2.43b):
----------------------------------
- Add static instrumentation mode
Contributed by Axel "0vercl0k" Souchet of MSRC Vulnerabilities and Mitigations Team
-----------------------------------
Version 1.09b (based on afl 2.43b):
-----------------------------------
- Fixed slave mode (broken by 1.09 update)
Contributed by Axel "0vercl0k" Souchet of MSRC Vulnerabilities and Mitigations Team
- Fixed missing last_crash_time (broken by 1.09 update)
Contributed by x9090
----------------------------------
Version 1.09 (based on afl 2.43b):
----------------------------------
- Bringing WinAFL up to speed with AFL 2.43b
Contributed by Axel "0vercl0k" Souchet of MSRC Vulnerabilities and Mitigations Team
- Fixed a memory leak in fuzz_one
Contributed by juanvazquez
----------------------------------
Version 1.08 (based on afl 1.96b):
----------------------------------
- It is now possible to collect coverage only from a thread that executed
target function using -thread_coverage flag
- When -target_method flag is used, symbols are now looked up from pdb files
in addition to exported symbols
- Added a missing call to classify_counts() from run_target()
----------------------------------
Version 1.07 (based on afl 1.96b):
----------------------------------
- Previous_offset is now stored in TLS.
Edge coverage for multithreaded targets should now be more usable.
----------------------------------
Version 1.06 (based on afl 1.96b):
----------------------------------
- Windows port of afl-cmin
Contributed by Axel "0vercl0k" Souchet of MSRC Vulnerabilities and Mitigations Team
- Use exe_name instead of the preferred name
Contributed by Axel "0vercl0k" Souchet of MSRC Vulnerabilities and Mitigations Team
- Add option to choose the calling convention
Contributed by shawndenbow
- Fix for building on VS2015
Contributed by b1ack0wl
----------------------------------
Version 1.05 (based on afl 1.96b):
----------------------------------
- Windows port of afl-showmap
Contributed by Axel "0vercl0k" Souchet of MSRC Vulnerabilities and Mitigations Team
- Expaded README a bit.
----------------------------------
Version 1.04 (based on afl 1.96b):
----------------------------------
Various fixes / improvements contributed by Axel "0vercl0k" Souchet:
- Mute stdout/stderr unless AFL_NO_SINKHOLE env variable is set.
- Allow several slaveless instances to be run on the same machine.
- Fix getopt to properly handle options without parameters.
- Automatically remove the child pid file.
- Case insensitive module name comparison.
- More debugging messages.
----------------------------------
Version 1.03 (based on afl 1.96b):
----------------------------------
- Fixed dictionary loading.
Reported by Hugo Meier.
----------------------------------
Version 1.02 (based on afl 1.96b):
----------------------------------
- Fixed incorrect quoting of target command line arguments.
- Debug mode now reports encountered exceptions.
----------------------------------
Version 1.01 (based on afl 1.96b):
----------------------------------
- Fixed a bug where previous offset wasn't updated in the edge coverage
instrumentation mode. This effectively caused edge coverage to behave
the same as basic block coverage.
Reported by Rodrigo Axel Monroy.
- Changed the default coverage mode to basic block in order for the default
configuration to work better with muti-threaded apps.
- Added -no_follow_children to DR runtime flags. This can fix problems if the
target process creates a child process.
- More data in now written to the debug log
----------------------------------
Version 1.00 (based on afl 1.96b):
----------------------------------
- Initial release.