Removal of AFL/remains depending on LLVM-6.0
Daniel Stender
stender at debian.org
Sat Aug 17 12:28:53 BST 2019
Hi people,
American Fuzzy Lop (AFL/security binary fuzzer) in the archive [1] was updates lately (2.53b) but
remains to be build against LLVM 6.0. Trying to build it with >= 7.0 yields in a Segfault on testing
afl-clang-fast [2].
I've been pointed to the fact that Google (the project moved to Github [3]) isn't further developing AFL
anymore [4], therefore I'm going to remove AFL from the archive.
On the side: I've filed a RFP for the fork AFL++ [5], which is actively developed (upstream developers say
it's even LLVM-9 ready) and could replace AFL for Debian (and possibly work for the reverse-dependencies
afl-cov and python-afl).
Volunteers for fixing AFL 2.53b in the archive (so that we can keep it at least until the RFP get fulfilled)
[and packaging AFL++] welcome. I've tried to incorporate fixes from the AFL++ guys [6], but it didn't
worked out here.
Best,
Daniel Stender
[1] https://tracker.debian.org/pkg/afl
[2] https://bugs.debian.org/912785 (afl: doesn't build with LLVM 7 (segfault))
[3] https://github.com/google/afl
[4] https://twitter.com/Dor3s/status/1154737061787660288
[5] https://bugs.debian.org/934964 (RFP: afl++ -- security related binary fuzzer (fork of American Fuzzy Lop))
[6] https://github.com/vanhauser-thc/afl-patches
--
4096R/DF5182C8
https://danielstender.com
More information about the Pkg-llvm-team
mailing list