Stay up to date on releases
Create your free account today to subscribe to this repository for notifications about new releases, and build software alongside 40 million developers on GitHub.
Sign up for free See pricing for teams and enterprises
vanhauser-thc
released this
Second release of afl++ which besides the new features from the previous version has the following important changes:
- imported the few minor changes from the 2.53b release
- unicorn_mode got added - thanks to domenukk for the patch!
- fix llvm_mode AFL_TRACE_PC with modern llvm
- fix a crash in qemu_mode which also exists in stock afl
- added libcompcov, a laf-intel implementation for qemu! :) see qemu_mode/libcompcov/README.libcompcov
- updated afl-fuzz and afl-system-config for new scaling governor location in modern kernels
- all queue, hang and crash files now have their discovery time in their name
- if llvm_mode was compiled, afl-clang/afl-clang++ will point to these instead of afl-gcc
- added instrim, a much faster llvm_mode instrumentation at the cost of path discovery. See llvm_mode/README.instrim (https://github.com/csienslab/instrim)
- added MOpt (github.com/puppet-meteor/MOpt-AFL) mode, see docs/README.MOpt
- added code to make it more portable to other platforms than Intel Linux
- added never zero counters for afl-gcc and optionally (because of an optimization issue in llvm < 9) for llvm_mode (AFL_LLVM_NEVER_ZERO=1)
- added a new doc about binary only fuzzing: docs/binaryonly_fuzzing.txt
- more cpu power for afl-system-config
- added forkserver patch to afl-tmin, makes it much faster (originally from github.com/nccgroup/TriforceAFL)
- added whitelist support for llvm_mode via AFL_LLVM_WHITELIST to allow only to instrument what is actually interesting. Gives more speed and less map pollution (originally by choller@mozilla)
- added Python Module mutator support, python2.7-dev is autodetected. see docs/python_mutators.txt (originally by choller@mozilla)
- added AFL_CAL_FAST for slow applications and AFL_DEBUG_CHILD_OUTPUT for debugging
- added -V time and -E execs option to better comparison runs, runs afl-fuzz for a specific time/executions.
- added a -s seed switch to allow afl run with a fixed initial seed that is not updated. This is good for performance and path discovery tests as the random numbers are deterministic then