ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-23 14:34:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix references to README docs

Browse Source
This commit is contained in:
hexcoder-
2020-02-25 08:34:44 +01:00
parent 901360b902
commit 891b568678
24 changed files with 42 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
afl-cmin.bash
View File

@ -126,7 +126,7 @@ Minimization settings:
-C - keep crashing inputs, reject everything else
-e - solve for edge coverage only, ignore hit counts
For additional tips, please consult docs/README.
For additional tips, please consult docs/README.md.
Environment variables used:
AFL_KEEP_TRACES: leave the temporary <out_dir>\.traces directory

18
docs/Changelog.md
View File

@ -1,7 +1,7 @@
# Changelog
This is the list of all noteworthy changes made in every public release of
the tool. See README for the general instruction manual.
the tool. See README.md for the general instruction manual.
## Staying informed
@ -45,7 +45,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
- now does not need to be recompiled between trace-pc and pass
instrumentation. compile normally and set AFL_LLVM_USE_TRACE_PC :)
- LLVM 11 is supported
- CmpLog instrumentation using SanCov (see llvm_mode/README.cmplog)
- CmpLog instrumentation using SanCov (see llvm_mode/README.cmplog.md)
- afl-gcc, afl-clang-fast, afl-gcc-fast:
- experimental support for undefined behaviour sanitizer UBSAN
(set AFL_USE_UBSAN=1)
@ -189,7 +189,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
- fix llvm_mode AFL_TRACE_PC with modern llvm
- fix a crash in qemu_mode which also exists in stock afl
- added libcompcov, a laf-intel implementation for qemu! :)
see qemu_mode/libcompcov/README.libcompcov
see qemu_mode/libcompcov/README.libcompcov.md
- afl-fuzz now displays the selected core in the status screen (blue {#})
- updated afl-fuzz and afl-system-config for new scaling governor location
in modern kernels
@ -198,8 +198,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
- if llvm_mode was compiled, afl-clang/afl-clang++ will point to these
instead of afl-gcc
- added instrim, a much faster llvm_mode instrumentation at the cost of
path discovery. See llvm_mode/README.instrim (https://github.com/csienslab/instrim)
- added MOpt (github.com/puppet-meteor/MOpt-AFL) mode, see docs/README.MOpt
path discovery. See llvm_mode/README.instrim.md (https://github.com/csienslab/instrim)
- added MOpt (github.com/puppet-meteor/MOpt-AFL) mode, see docs/README.MOpt.md
- added code to make it more portable to other platforms than Intel Linux
- added never zero counters for afl-gcc and optionally (because of an
optimization issue in llvm < 9) for llvm_mode (AFL_LLVM_NEVER_ZERO=1)
@ -229,11 +229,11 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
LLVM and Qemu modes are now faster.
Important changes:
afl-fuzz: -e EXTENSION commandline option
llvm_mode: LAF-intel performance (needs activation, see llvm/README.laf-intel)
a few new environment variables for afl-fuzz, llvm and qemu, see docs/env_variables.txt
llvm_mode: LAF-intel performance (needs activation, see llvm/README.laf-intel.md)
a few new environment variables for afl-fuzz, llvm and qemu, see docs/env_variables.md
- Added the power schedules of AFLfast by Marcel Boehme, but set the default
to the AFL schedule, not to the FAST schedule. So nothing changes unless
you use the new -p option :-) - see docs/power_schedules.txt
you use the new -p option :-) - see docs/power_schedules.md
- added afl-system-config script to set all system performance options for fuzzing
- llvm_mode works with llvm 3.9 up to including 8 !
- qemu_mode got upgraded from 2.1 to 3.1 - incorporated from
@ -476,7 +476,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
- Added libtokencap, a simple feature to intercept strcmp / memcmp and
generate dictionary entries that can help extend coverage.
- Moved libdislocator to its own dir, added README.
- Moved libdislocator to its own dir, added README.md.
- The demo in examples/instrumented_cmp is no more.

2
docs/QuickStartGuide.md
View File

@ -27,7 +27,7 @@ how to hit the ground running:
4) Get a small but valid input file that makes sense to the program. When
fuzzing verbose syntax (SQL, HTTP, etc), create a dictionary as described in
dictionaries/README.dictionaries, too.
dictionaries/README.md, too.
5) If the program reads from stdin, run 'afl-fuzz' like so:

2
docs/env_variables.md
View File

@ -2,7 +2,7 @@
This document discusses the environment variables used by American Fuzzy Lop++
to expose various exotic functions that may be (rarely) useful for power
users or for some types of custom fuzzing setups. See README for the general
users or for some types of custom fuzzing setups. See README.md for the general
instruction manual.
## 1) Settings for afl-gcc, afl-clang, and afl-as - and gcc_plugin afl-gcc-fast

2
docs/life_pro_tips.md
View File

@ -62,7 +62,7 @@ Specify `AFL_HARDEN=1` in the environment to enable hardening flags.
## Bumping into problems with non-reproducible crashes?
It happens, but usually
isn't hard to diagnose. See section #7 in README for tips.
isn't hard to diagnose. See section #7 in README.md for tips.
## Fuzzing is not just about memory corruption issues in the codebase.
Add some

2
docs/notes_for_asan.md
View File

@ -1,7 +1,7 @@
# Notes for using ASAN with afl-fuzz
This file discusses some of the caveats for fuzzing under ASAN, and suggests
a handful of alternatives. See README for the general instruction manual.
a handful of alternatives. See README.md for the general instruction manual.
## 1) Short version

2
docs/parallel_fuzzing.md
View File

@ -1,7 +1,7 @@
# Tips for parallel fuzzing
This document talks about synchronizing afl-fuzz jobs on a single machine
or across a fleet of systems. See README for the general instruction manual.
or across a fleet of systems. See README.md for the general instruction manual.
## 1) Introduction

2
docs/perf_tips.md
View File

@ -1,7 +1,7 @@
## Tips for performance optimization
This file provides tips for troubleshooting slow or wasteful fuzzing jobs.
See README for the general instruction manual.
See README.md for the general instruction manual.
## 1. Keep your test cases small

4
docs/sister_projects.md
View File

@ -1,7 +1,7 @@
# Sister projects
This doc lists some of the projects that are inspired by, derived from,
designed for, or meant to integrate with AFL. See README for the general
designed for, or meant to integrate with AFL. See README.md for the general
instruction manual.
!!!
@ -252,7 +252,7 @@ https://code.google.com/p/address-sanitizer/wiki/AsanCoverage#Coverage_counters
### AFL JS (Han Choongwoo)
One-off optimizations to speed up the fuzzing of JavaScriptCore (now likely
superseded by LLVM deferred forkserver init - see llvm_mode/README.llvm).
superseded by LLVM deferred forkserver init - see llvm_mode/README.md).
https://github.com/tunz/afl-fuzz-js

2
docs/status_screen.md
View File

@ -1,7 +1,7 @@
# Understanding the status screen
This document provides an overview of the status screen - plus tips for
troubleshooting any warnings and red text shown in the UI. See README for
troubleshooting any warnings and red text shown in the UI. See README.md for
the general instruction manual.
## A note about colors

2
docs/technical_details.md
View File

@ -1,7 +1,7 @@
# Technical "whitepaper" for afl-fuzz
This document provides a quick overview of the guts of American Fuzzy Lop.
See README for the general instruction manual; and for a discussion of
See README.md for the general instruction manual; and for a discussion of
motivations and design goals behind AFL, see historical_notes.md.
## 0. Design statement

2
gcc_plugin/afl-gcc-rt.o.c
View File

@ -214,7 +214,7 @@ static void __afl_start_forkserver(void) {
}
/* A simplified persistent mode handler, used as explained in README.llvm. */
/* A simplified persistent mode handler, used as explained in README.md. */
int __afl_persistent_loop(unsigned int max_cnt) {

2
libdislocator/README.md
View File

@ -1,6 +1,6 @@
# libdislocator, an abusive allocator
(See ../docs/README for the general instruction manual.)
(See ../docs/README.md for the general instruction manual.)
This is a companion library that can be used as a drop-in replacement for the
libc allocator in the fuzzed binaries. It improves the odds of bumping into

2
libtokencap/README.md
View File

@ -1,6 +1,6 @@
# strcmp() / memcmp() token capture library
(See ../docs/README for the general instruction manual.)
(See ../docs/README.md for the general instruction manual.)
This companion library allows you to instrument `strcmp()`, `memcmp()`,
and related functions to automatically extract syntax tokens passed to any of

2
llvm_mode/README.md
View File

@ -2,7 +2,7 @@
(See [../README](../README.md) for the general instruction manual.)
(See [../gcc_plugin/README.gcc](../gcc_plugin/README.gcc.md) for the GCC-based instrumentation.)
(See [../gcc_plugin/README](../gcc_plugin/README.md) for the GCC-based instrumentation.)
## 1) Introduction

4
llvm_mode/afl-llvm-rt.o.c
View File

@ -260,7 +260,7 @@ static void __afl_start_forkserver(void) {
}
/* A simplified persistent mode handler, used as explained in README.llvm. */
/* A simplified persistent mode handler, used as explained in llvm_mode/README.md. */
int __afl_persistent_loop(unsigned int max_cnt) {
@ -346,7 +346,7 @@ __attribute__((constructor(CONST_PRIO))) void __afl_auto_init(void) {
/* The following stuff deals with supporting -fsanitize-coverage=trace-pc-guard.
It remains non-operational in the traditional, plugin-backed LLVM mode.
For more info about 'trace-pc-guard', see README.llvm.
For more info about 'trace-pc-guard', see llvm_mode/README.md.
The first function (__sanitizer_cov_trace_pc_guard) is called back on every
edge (as opposed to every basic block). */

4
qemu_mode/README.md
View File

@ -1,6 +1,6 @@
# High-performance binary-only instrumentation for afl-fuzz
(See ../docs/README for the general instruction manual.)
(See ../docs/README.md for the general instruction manual.)
## 1) Introduction
@ -60,7 +60,7 @@ binary on x86_64) use QEMU_LD_PREFIX.
## 3) Bonus feature #1: deferred initialization
As for LLVM mode (refer to its README for mode details) QEMU mode supports
As for LLVM mode (refer to its README.md for mode details) QEMU mode supports
the deferred initialization.
This can be enabled setting the environment variable AFL_ENTRYPOINT which allows

2
qemu_mode/libcompcov/libcompcov.so.c
View File

@ -15,7 +15,7 @@
This Linux-only companion library allows you to instrument strcmp(),
memcmp(), and related functions to get compare coverage.
See README.compcov for more info.
See README.md for more info.
*/

2
qemu_mode/patches/afl-qemu-cpu-inl.h
View File

@ -407,7 +407,7 @@ void afl_forkserver(CPUState *cpu) {
}
/* A simplified persistent mode handler, used as explained in README.llvm. */
/* A simplified persistent mode handler, used as explained in llvm_mode/README.md. */
void afl_persistent_loop(void) {

2
src/afl-analyze.c
View File

@ -798,7 +798,7 @@ static void usage(u8* argv0) {
" -e - look for edge coverage only, ignore hit counts\n\n"
"For additional tips, please consult %s/README.\n\n",
"For additional tips, please consult %s/README.md.\n\n",
argv0, EXEC_TIMEOUT, MEM_LIMIT, doc_path);

4
src/afl-common.c
View File

@ -163,7 +163,7 @@ char** get_qemu_argv(u8* own_loc, char** argv, int argc) {
SAYF("\n" cLRD "[-] " cRST
"Oops, unable to find the 'afl-qemu-trace' binary. The binary must be "
"built\n"
" separately by following the instructions in qemu_mode/README.qemu. "
" separately by following the instructions in qemu_mode/README.md. "
"If you\n"
" already have the binary installed, you may need to specify "
"AFL_PATH in the\n"
@ -259,7 +259,7 @@ char** get_wine_argv(u8* own_loc, char** argv, int argc) {
SAYF("\n" cLRD "[-] " cRST
"Oops, unable to find the '%s' binary. The binary must be "
"built\n"
" separately by following the instructions in qemu_mode/README.qemu. "
" separately by following the instructions in qemu_mode/README.md. "
"If you\n"
" already have the binary installed, you may need to specify "
"AFL_PATH in the\n"

4
src/afl-fuzz-init.c
View File

@ -1980,11 +1980,11 @@ void check_binary(u8* fname) {
"while\n"
" mutating the input data. For more information, and for tips on "
"how to\n"
" instrument binaries, please see %s/README.\n\n"
" instrument binaries, please see %s/README.md.\n\n"
" When source code is not available, you may be able to leverage "
"QEMU\n"
" mode support. Consult the README for tips on how to enable this.\n"
" mode support. Consult the README.md for tips on how to enable this.\n"
" (It is also possible to use afl-fuzz as a traditional, \"dumb\" "
"fuzzer.\n"

6
src/afl-fuzz.c
View File

@ -112,7 +112,7 @@ static void usage(u8* argv0) {
"entering the\n"
" pacemaker mode (minutes of no new paths, 0 = "
"immediately).\n"
" a recommended value is 10-60. see docs/README.MOpt\n"
" a recommended value is 10-60. see docs/README.MOpt.md\n"
" -c program - enable CmpLog by specifying a binary compiled for "
"it.\n"
" if using QEMU, just use -c 0.\n\n"
@ -121,7 +121,7 @@ static void usage(u8* argv0) {
" -N - do not unlink the fuzzing input file\n"
" -d - quick & dirty mode (skips deterministic steps)\n"
" -n - fuzz without instrumentation (dumb mode)\n"
" -x dir - optional fuzzer dictionary (see README, its really "
" -x dir - optional fuzzer dictionary (see README.md, its really "
"good!)\n\n"
"Testing settings:\n"
@ -1087,7 +1087,7 @@ stop_fuzzing:
SAYF("\n" cYEL "[!] " cRST
"Stopped during the first cycle, results may be incomplete.\n"
" (For info on resuming, see %s/README)\n",
" (For info on resuming, see %s/README.md)\n",
doc_path);
}

2
src/afl-showmap.c
View File

@ -647,7 +647,7 @@ static void usage(u8* argv0) {
" -c - allow core dumps\n\n"
"This tool displays raw tuple data captured by AFL instrumentation.\n"
"For additional help, consult %s/README.\n\n" cRST,
"For additional help, consult %s/README.md.\n\n" cRST,
argv0, MEM_LIMIT, doc_path);