Clusterfuzz Versions Save

Scalable fuzzing infrastructure.

v1.9.0

4 years ago
  • Python 3 migration is complete.
  • Added Peach mutation strategy for engine fuzzers.
  • Added support for Google Cloud IAP authentication.
  • Added stop gaps to prevent corpus explosion (e.g. corpus element must be less than 5 MB).
  • Use ANTLR grammar for tokenization during testcase minimization (html, js).
  • Store statistics on corpus cross-pollination during corpus pruning.
  • Removed dependency on Google App Engine SDK.
  • Removed unused Go code.
  • Various bug fixes.

Please download this release by checking out the release tag in a git checkout:

git checkout tags/v1.9.0

NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

v1.8.0

4 years ago
  • Added an uploader permission type to allow certain users to upload to any job/fuzzer.
  • More Python 3 conversion changes.
  • Bumped up libFuzzer rss limit to 2.5GB.
  • Various bug fixes.

Please download this release by checking out the release tag in a git checkout:

git checkout tags/v1.8.0

NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

v1.7.1

4 years ago
  • Various bug fixes.

Please download this release by checking out the release tag in a git checkout:

git checkout tags/v1.7.1

NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

v1.7.0

4 years ago
  • Better crash type reporting on various UBSan issues.
  • Initial support for Honggfuzz.
  • Additional fixes in preparation for migration to Python 3.
  • Migrated off deprecated App Engine Memcache to Cloud MemoryStore for Redis.
  • Added libFuzzer fuzzing support for Android (using HWASan).
  • Automatically correct certain common mistakes in dictionaries.
  • Various bug fixes.

Please download this release by checking out the release tag in a git checkout:

git checkout tags/v1.7.0

NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

v1.6.1

4 years ago
  • Various bug fixes.

Please download this release by checking out the release tag in a git checkout:

git checkout tags/v1.6.1

NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

v1.6.0

4 years ago
  • Added platform support for Fuchsia OS.
  • Migrated libFuzzer to the new pluggable engine pipeline.
  • Stack parsing improvments.
  • Various bug fixes.

Please download this release by checking out the release tag in a git checkout:

git checkout tags/v1.6.0

NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

v1.5.1

4 years ago
  • Fixed XSS in login page.

Please download this release by checking out the release tag in a git checkout:

git checkout tags/v1.5.1

NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

v1.5.0

4 years ago
  • Added Golang stack parsing.
  • Added Sanitizer options minimization.
  • Added HELP_FORMAT for custom crash reproduction instructions. See documentation here.
  • Added feature to show reproducible variants for a crash on other jobs (Reproducer column in Testcase analysis on other jobs section).
  • Refactored engine fuzzer code for easy pluggability.
  • Reproduce tool improvements - performance fixes, added android support.
  • UI improvements - search filter in dropdowns.
  • Various bug fixes.

Please download this release by checking out the release tag in a git checkout:

git checkout tags/v1.5.0

NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

v1.4.0

4 years ago
  • Various bug fixes.
  • Implemented issue tracker policy and finishing the refactoring for supporting different issue trackers.
  • Disabled external mutators (Radamsa and ML RNN) for fuzz targets built with libprotobuf-mutator library.
  • Added support for auxiliary fuzzing builds (e.g. DFSan instrumented builds for libFuzzer).
  • Refactored build_manager and fuzz_task.
  • Optimized performance of the most frequently used pages (Testcases and Testcase Details).
  • Added explicit schema for the BigQuery import calls (used to load the fuzzer stats data into BigQuery).
  • Added experimental implementation of the Multi-Armed Bandit algorithm for fuzzing strategy selection.
  • Implemented variant task that runs testcases on different jobs in order to provide more information about the bugs.
  • Implemented the new version of the reproduce tool, which currently works on Linux.

Please download this release by checking out the release tag in a git checkout:

git checkout tags/v1.4.0

NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.

v1.3.0

5 years ago
  • Various bug fixes.
  • Fixed security severity listbox not working.
  • More Python 2->3 conversions using futurize.
  • Delete button on jobs page.
  • New interface for issue management, as part of refactor to support more issue trackers.
  • Android code refactoring.

Please download this release by checking out the release tag in a git checkout:

git checkout tags/v1.3.0

NOTE: Archived versions of ClusterFuzz below do not work with many butler.py commands.