| OLD | NEW |
|---|
| 1 Here's a quick overview of the stuff you can find in this directory: | 1 Here's a quick overview of the stuff you can find in this directory: |
| 2 | 2 |
| 3 - argv_fuzzing - a simple wrapper to allow cmdline to be fuzzed | 3 - argv_fuzzing - a simple wrapper to allow cmdline to be fuzzed |
| 4 (e.g., to test setuid programs). | 4 (e.g., to test setuid programs). |
| 5 | 5 |
| 6 - asan_cgroups - a contributed script to simplify fuzzing ASAN | 6 - asan_cgroups - a contributed script to simplify fuzzing ASAN |
| 7 binaries with robust memory limits on Linux. | 7 binaries with robust memory limits on Linux. |
| 8 | 8 |
| 9 - bash_shellshock - a simple hack used to find a bunch of | 9 - bash_shellshock - a simple hack used to find a bunch of |
| 10 post-Shellshock bugs in bash. | 10 post-Shellshock bugs in bash. |
| 11 | 11 |
| 12 - canvas_harness - a test harness used to find browser bugs with a | 12 - canvas_harness - a test harness used to find browser bugs with a |
| 13 corpus generated using simple image parsing | 13 corpus generated using simple image parsing |
| 14 binaries & afl-fuzz. | 14 binaries & afl-fuzz. |
| 15 | 15 |
| 16 - clang_asm_normalize - a script that makes it easy to instrument | 16 - clang_asm_normalize - a script that makes it easy to instrument |
| 17 hand-written assembly, provided that you have clang. | 17 hand-written assembly, provided that you have clang. |
| 18 | 18 |
| 19 - crash_triage - a very rudimentary example of how to annotate crashes | 19 - crash_triage - a very rudimentary example of how to annotate crashes |
| 20 with additional gdb metadata. | 20 with additional gdb metadata. |
| 21 | 21 |
| 22 - distributed_fuzzing - a sample script for synchronizing fuzzer instances | 22 - distributed_fuzzing - a sample script for synchronizing fuzzer instances |
| 23 across multiple machines (see parallel_fuzzing.txt). | 23 across multiple machines (see parallel_fuzzing.txt). |
| 24 | 24 |
| 25 - instrumented_cmp - an experiment showing how a custom memcmp() or | |
| 26 strcmp() can be used to work around one of the | |
| 27 limitations of afl-fuzz. | |
| 28 | |
| 29 - libpng_no_checksum - a sample patch for removing CRC checks in libpng. | 25 - libpng_no_checksum - a sample patch for removing CRC checks in libpng. |
| 30 | 26 |
| 31 - persistent_demo - an example of how to use the LLVM persistent process | 27 - persistent_demo - an example of how to use the LLVM persistent process |
| 32 mode to speed up certain fuzzing jobs. | 28 mode to speed up certain fuzzing jobs. |
| 33 | 29 |
| 34 - post_library - an example of how to build postprocessors for AFL. | 30 - post_library - an example of how to build postprocessors for AFL. |
| 35 | 31 |
| 36 Note that the minimize_corpus.sh tool has graduated from the experimental/ | 32 Note that the minimize_corpus.sh tool has graduated from the experimental/ |
| 37 directory and is now available as ../afl-cmin. The LLVM mode has likewise | 33 directory and is now available as ../afl-cmin. The LLVM mode has likewise |
| 38 graduated to ../llvm_mode/*. | 34 graduated to ../llvm_mode/*. |
| 39 | 35 |
| 40 Most of the tools in this directory are meant chiefly as examples that need to | 36 Most of the tools in this directory are meant chiefly as examples that need to |
| 41 be tweaked for your specific needs. They come with some basic documentation, | 37 be tweaked for your specific needs. They come with some basic documentation, |
| 42 but are not necessarily production-grade. | 38 but are not necessarily production-grade. |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2238013002:
Roll src/third_party/afl/src/ 2.14b..2.30b (16 versions). (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master