@robertswiecki robertswiecki released this Aug 23, 2018 · 6 commits to master since this release

Assets 2
  • Native support for NetBSD
  • ASCII only fuzzing
  • Updated corpora for ISC Bind
  • Printing final stats upon exit
  • Refreshed support for Intel PT
  • Support for __sanitizer_cov_trace_div
  • Updated fuzzing examples for OpenSSL

@robertswiecki robertswiecki released this May 15, 2018 · 74 commits to master since this release

Assets 2

This release should only used for integration with OSS-Fuzz.
It's guaranteed to work with Linux/Ubuntu/x86-64/ptrace only.

PS: It's a rolling release.

@robertswiecki robertswiecki released this Apr 19, 2018 · 83 commits to master since this release

Assets 2
  • Fixed Dockerfile
  • Fixed a few format problems with file reporting
  • Updated display formatting
  • Made it work under WSL (Windows Subsystem for Linux)

@robertswiecki robertswiecki released this Feb 22, 2018 · 128 commits to master since this release

Assets 2
  • Persistent fuzzing now works with MacOS-X
  • Fixed some examples/ to make it work with MacOS-X
  • Should compile cleanly with newer MacOS-X versions

@robertswiecki robertswiecki released this Feb 7, 2018 · 143 commits to master since this release

Assets 2
  • Socketfuzzer by @dobin
  • TCP fuzzer (HonggFuzzer NetDriver) in libhfnetdriver
  • Display: changed layout a bit
  • Fix some compilation isuses for MacOS-X
  • Make it compile with OpenBSD
  • Better examples/ dir: Apache HTTP, ISC Bind
  • Added persistent and netdriver signatures
  • Added missing symbols for newer -fsanitize-coverage (const)
  • Changed internal structures (global vs run)
  • Android: Make it compile with newer SDKs

@robertswiecki robertswiecki released this Dec 9, 2017 · 485 commits to master since this release

Assets 2
  • Software instrumentation - support for cmp_const __sanitizer_cov_trace_const funcs
  • Refreshed (mostly) OpenSSL corpora
  • Mangling: additional function for ASCII numbers
  • Support for RLIMIT_DATA limiting
  • Better UI scrolling
  • Simplified Intel PT decoder
  • Removed defer{} / fblocks from libhfuzz
  • Google-style intendation with clang-format
  • Faster locks over global corpora of files

@robertswiecki robertswiecki released this Nov 1, 2017 · 587 commits to master since this release

Assets 2
  • Software-based coverage feedback (-z) is now enabled by default, can be disabled with (-x)
  • Better sigprocmask manipulation before executing a process
  • Updated fuzzing corpora for ssl packages
  • Updated Apache HTTPD compilation script/patch, corpora, config and string instrumentation
  • Updated ISC Bind config and fuzzing corpora
  • Fixes for the Android build (thanks to Zach Riggle and Anestis Bechtsoudis)
  • Indentation fixes, now clang-format is used

@robertswiecki robertswiecki released this Jun 23, 2017 · 744 commits to master since this release

Assets 2
  • Simplified and improved hfuzz_cc compiler
  • More string instrumentation in libhfuzz
  • Android: works with Android-NDK 15 and newer only
  • Dockerfile
  • Refreshed docs
  • Linux: Faster BTS/PT due to less PMU state resets
  • Linux: tests and by-pass for the Linux' fork-when-multithreaded problem
  • libFuzzer/AFL style dictionaries
  • Runnable under docker/oss-fuzz

@robertswiecki robertswiecki released this May 23, 2017 · 899 commits to master since this release

Assets 2
  • ONE DOT ZERO
  • Multiple stability improvements for most of the supported architectures
  • More examples in examples/ (e.g. Linux kernel IP for BTS/PT)
  • Documentation updates
  • Added honggfuzz compiler wrapper in hfuzz_cc/
  • Reworked buffer mangling logic

@robertswiecki robertswiecki released this Feb 14, 2017 · 1119 commits to master since this release

Assets 2
  • Smaller and bigger reworks:
    • Android Makefile
    • New sanitizers.c
    • Display console with scrolling logs
    • Improved libhfuzz - esp. the trace_cmp handling
    • Improved mangle.c
  • Multiple examples of persistent fuzzing: libpng, jpeg, libxml, apache, openssl