1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
2019-02-23 - Version 1.8
- Native support for NetBSD
- Multiple smaller changes wrt threading - e.g. introducing the signal thread
- Removed the support for -p (pid fuzzing), honggfuzz net driver, or persistent fuzzing mode should be used instead
- Reimplementation of memory comparison routines, now verified with glibc's test-suite
- Improved hfuzz-cc/clang/gcc - e.g. for the MacOSX platform, also using -fno-sanitize=fuzzer if -fsanitize=fuzzer is specified, + some samba code wrappers
- Examples: new corpora for some of those, new patch for ISC Bind (9.13.5)
2018-08-23 - Version 1.7
- Native support for NetBSD
- ASCII only fuzzing
- Updated corpora for ISC Bind
- Printing final stats upon exit
- Refreshed support for Intel PT
- Support for __sanitizer_cov_trace_div
- Updated fuzzing examples for OpenSSL
2018-04-19 - Version 1.6 (rev aeaad48)
- Fixed Dockerfile
- Fixed a few format problems with file reporting
- Updated display formatting
- Make it work under WSL (Windows Subsystem for Linux)
2018-02-22 - Version 1.5 (rev 3b1b70b)
- Persistent fuzzing now works with MacOS-X
- Fixed some examples/ to make it work with MacOS-X
- Should compile cleanly with newer MacOS-X versions
2018-02-07 - Version 1.4 (rev 28c7d9e)
- Socketfuzzer by @dobin
- TCP fuzzer (HonggFuzzer NetDriver) in libhfnetdriver
- Display: changed layout a bit
- Fix some compilation isuses for MacOS-X
- Make it compile with OpenBSD
- Better examples/ dir: Apache HTTP, ISC Bind
- Added persistent and netdriver signatures
- Added missing symbols for newer -fsanitize-coverage (const)
- Changed internal structures (global vs run)
- Android: Make it compile with newer SDKs
2017-12-09 - Version 1.3 (rev dd9f149)
- Software instrumentation - support for cmp_const __sanitizer_cov_trace_const funcs
- Refreshed (mostly) OpenSSL corpora
- Mangling: additional function for ASCII numbers
- Support for RLIMIT_DATA limiting
- Better UI scrolling
- Simplified Intel PT decoder
- Removed defer{} / fblocks from libhfuzz
- Google-style intendation with clang-format
- Faster locks over global corpora of files
2017-11-01 - Version 1.2 (rev 8e04633)
- Software-based coverage feedback (-z) is now enabled by default, can be disabled with (-x)
- Better sigprocmask manipulation before executing a process
- Updated fuzzing corpora for ssl packages
- Updated Apache HTTPD compilation script/patch, corpora, config and string instrumentation
- Updated ISC Bind config and fuzzing corpora
- Fixes for the Android build (thanks to Zach Riggle and Anestis Bechtsoudis)
- Indentation fixes, now clang-format is used
2017-06-23 - Version 1.1 (rev ee3a530)
- Simplified and improved hfuzz_cc compiler
- More string instrumentation in libhfuzz
- Android: works with Android-NDK 15 and newer only
- Dockerfile
- Refreshed docs
- Linux: Faster BTS/PT due to less PMU state resets
- Linux: tests and by-pass for the Linux' fork-when-multithreaded problem
- libFuzzer/AFL style dictionaries
- Runnable under docker/oss-fuzz
2017-05-23 - Version 1.0 (rev 4332ae9)
- Multiple stability improvements for most of the supported architectures
- More examples in examples/ (e.g. Linux kernel IP for BTS/PT)
- Documentation updates
- Added honggfuzz compiler wrapper in hfuzz_cc/
- Reworked buffer mangling logic
2016-02-14 - Version 0.9 (rev b0d1118)
- Clang >= 4.0 -fsanitize-coverage=trace-pc-guard,indirect-calls,trace-cmp support
- Multiple examples in examples/
- --pprocess_cmd for input post-processing
2016-09-01 - Version 0.8 (rev 6b9efac)
- Clang >= 4.0 -fsanitize-coverage=trace-pc,indirect-calls,trace-cmp support
- GCC/Clang -finstrument-functions support
- Persistent fuzzing mode (-P) for Linux and POSIX
- Mutiple smaller fixes (display, stability)
2016-03-15 - Version 0.7 (rev 6d01e82)
- Asan code-coverage (SANCOV) available for all platforms (incl. Windows)
- Support for Intel PT under Linux v4.0 and newer (and Broadwell/Skylake/newer Intel CPUs)
- Should work under: Linux, FreeBSD, Mac OS X, Windows/Cygwin, possibly other POSIX-compliant systems
2015-08-14 - Version 0.6 (rev aa61adb)
- Improvements to feedback-driven fuzzing. Using bloom-style filter to record branches (much faster).
- Using multiple hardware-assisted feedback signals at once.
- Multiple small things: usage notes, logging
2015-02-26 - Version 0.5 (revision 284)
- Feedback-driven fuzzing on Linux (using Intel's BTS with Linux perf infrastructure for branch counting) (-Dp option)
- Compiles cleanly and works under FreeBSD 10.1
- Uses libbfd/libunwind (under Linux) to disassemble offending instructions
- Many smaller fixes
2015-02-01 - Version 0.4 (revision 72)
- Switch from udis86 to capstone (Capstone is available in many Linux distros as opposed to udis86)
- OSX 10.10 support
- Many smaller fixes (esp. for MacOS)
2011-07-02 - Version 0.3 (revision 37)
- Honggfuzz now allows attaching to an external process (-p) (Linux only)
- -f no longer required when -c (external command) is specified
- Smaller fixes (typos)
2011-06-02 - Version 0.2 (revision 26)
- MacOS fixes (parsing DiagnosticReports) - solves http://code.google.com/p/honggfuzz/issues/detail?id=2
- getopt() returns 'int' and not 'char' (could hang the process in a forever-loop)
- Formatting changes
- Updated comments/usage
2010-12-13 - Initial release 0.1 (revision 13)
|
