Honggfuzz Versions Save

Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

1.8

5 years ago
  • Multiple smaller changes wrt threading - e.g. introducing the signal thread
  • Removed the support for -p (pid fuzzing), honggfuzz net driver, or persistent fuzzing mode should be used instead
  • Reimplementation of memory comparison routines, now verified with glibc's test-suite
  • Improved hfuzz-cc/clang/gcc - e.g. for the MacOSX platform, also using -fno-sanitize=fuzzer if -fsanitize=fuzzer is specified, + some samba code wrappers
  • Examples: new corpora for some of those, new patch for ISC Bind (9.13.5)

1.7

5 years ago
  • Native support for NetBSD
  • ASCII only fuzzing
  • Updated corpora for ISC Bind
  • Printing final stats upon exit
  • Refreshed support for Intel PT
  • Support for __sanitizer_cov_trace_div
  • Updated fuzzing examples for OpenSSL

1.6

6 years ago
  • Fixed Dockerfile
  • Fixed a few format problems with file reporting
  • Updated display formatting
  • Made it work under WSL (Windows Subsystem for Linux)

1.5

6 years ago
  • Persistent fuzzing now works with MacOS-X
  • Fixed some examples/ to make it work with MacOS-X
  • Should compile cleanly with newer MacOS-X versions

1.4

6 years ago
  • Socketfuzzer by @dobin
  • TCP fuzzer (HonggFuzzer NetDriver) in libhfnetdriver
  • Display: changed layout a bit
  • Fix some compilation isuses for MacOS-X
  • Make it compile with OpenBSD
  • Better examples/ dir: Apache HTTP, ISC Bind
  • Added persistent and netdriver signatures
  • Added missing symbols for newer -fsanitize-coverage (const)
  • Changed internal structures (global vs run)
  • Android: Make it compile with newer SDKs

1.3

6 years ago
  • Software instrumentation - support for cmp_const __sanitizer_cov_trace_const funcs
  • Refreshed (mostly) OpenSSL corpora
  • Mangling: additional function for ASCII numbers
  • Support for RLIMIT_DATA limiting
  • Better UI scrolling
  • Simplified Intel PT decoder
  • Removed defer{} / fblocks from libhfuzz
  • Google-style intendation with clang-format
  • Faster locks over global corpora of files

1.2

6 years ago
  • Software-based coverage feedback (-z) is now enabled by default, can be disabled with (-x)
  • Better sigprocmask manipulation before executing a process
  • Updated fuzzing corpora for ssl packages
  • Updated Apache HTTPD compilation script/patch, corpora, config and string instrumentation
  • Updated ISC Bind config and fuzzing corpora
  • Fixes for the Android build (thanks to Zach Riggle and Anestis Bechtsoudis)
  • Indentation fixes, now clang-format is used

1.1

6 years ago
  • Simplified and improved hfuzz_cc compiler
  • More string instrumentation in libhfuzz
  • Android: works with Android-NDK 15 and newer only
  • Dockerfile
  • Refreshed docs
  • Linux: Faster BTS/PT due to less PMU state resets
  • Linux: tests and by-pass for the Linux' fork-when-multithreaded problem
  • libFuzzer/AFL style dictionaries
  • Runnable under docker/oss-fuzz

1.0

7 years ago
  • ONE DOT ZERO
  • Multiple stability improvements for most of the supported architectures
  • More examples in examples/ (e.g. Linux kernel IP for BTS/PT)
  • Documentation updates
  • Added honggfuzz compiler wrapper in hfuzz_cc/
  • Reworked buffer mangling logic

0.9

7 years ago
  • Smaller and bigger reworks:
    • Android Makefile
    • New sanitizers.c
    • Display console with scrolling logs
    • Improved libhfuzz - esp. the trace_cmp handling
    • Improved mangle.c
  • Multiple examples of persistent fuzzing: libpng, jpeg, libxml, apache, openssl