Skip to content

Releases: draperlaboratory/VaderModularFuzzer

v4.1.0

17 Sep 17:29
@ebraunstein ebraunstein
v4.1.0
4a8b07b
Compare
Choose a tag to compare
v4.1.0 Latest
Latest

New Features:

  • New output modules will log all storage metadata to the console (LoggerMetadataOutput) or to a more easily machine readable CSV file (CSVMetadataOutput)
    • This feature includes a refactoring of StatsOutput that moves the computation of storage-based output statistics to a new ComputeStats module. ComputStats writes each of these metrics to storage metadata.
    • Note: the StatsOutput now relies on ComputeStats, so existing configuration files may need to be updated
  • New data types in StorageModule
    • unsigned integer
      • VMF Core Modules have been updated to use unsigned values when appropriate.
      • Note: Existing modules may need to be updated, if they rely on integer data that is output from Core Modules
    • temporary buffer
      • This provides for better memory utilization by VMF, because large buffers that are only needed during the current fuzzing loop can be cleared
      • The AFL_TRACE_BITS and CMPLOG_MAP_BITS data fields are now of type temporary buffer
  • VMF Controller modules will now keep all seed test cases in storage
    • This is a behavioral change from VMF 4.0.0 and below. Use the controller.keepAllSeeds parameter to configure VMF with the old behavior.
  • A new helper class, ModuleTestHelper, can be used to easily unit test modules
    • See GAInputGenTest and AFLForkserverExecutorTest for example usage
  • VmfRand now supports a configurable fixed seed, to enable control randomness for regression testing

Updates and Bug Fixes:

  • Our example configuration files have been refactored for better ease of reuse
  • Batched loading of large corpus updates for distributed fuzzing, for improved performance
    • Command handling for distributed fuzzing is now accomplished via a new helper class, CDMSCommandAndCorpusHandler
  • Module templates are now available as a starting point for new module developers (see vmf/src/samples)
  • A new ControllerModulePattern class can be used as a starting point for module developers writing controller modules
    • All VMF Core Modules controllers have been updated to use this base class
  • Map-size autodetection fix to allow this feature to work with SUTs that capture SIGINT
  • Minor bug fixes:
    • AFLFavoredFeedback had incorrect data registration with storage, which has now been corrected
    • Corrected memory errors in unit tests

Note: CDMS has not changed since VMF 3.2, so no upgrade is required for VMF 4.1.0
Release binaries SHA256:

  • CDMS.war: 052b61544d9d2c084f2ff3632d2564eb3358cbff95e7aa441c2c9ddf47a00650
  • emptycdms.db: 38788934bef348e0ce77c7a03145c1e969c4092b3505b1f7e98e5c3f8e099813
Assets 4
Loading

v4.0.0

18 Jun 16:46
@ebraunstein ebraunstein
v4.0.0
553708b
Compare
Choose a tag to compare
v4.0.0

VMF Version 4.0.0
New Features:

  • API Changes to VMF Modules (see docs/migration-4.0.0.md for additional details):
    • ExecutorModule now has access to storage, and should write execution results to storage
    • FeedbackModule no longer directly depends on a specific ExecutorModule
    • InputGenerator now creates the new StorageEntry and passes it to the mutator submodule
    • FormatterModule has been removed
    • New helper methods to retrieve a submodule by name (getXXXSubmoduleByName)
  • API Changes to StorageModule (see docs/migration-4.0.0.md for additional details):
    • Tagging separated from saving
    • Support for temporary/local storage entries
    • New convenience methods to allocation and initialize a buffer in one step
    • Capability to specify a default value for a storage entry field
    • Minor renaming/relocation of functions
  • RedPawn: An input-to-state (I2S) analysis tool comparable to RedQueen (https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_04A-2_Aschermann_paper.pdf)
  • Config Changes:
    • New configuration option to support a named set of submodules (see vmfClassSet in docs/configuration.md)
    • Storage and controller module configuration options are now references by className/id (to be consistent with other modules)
  • New VmfRand utility function

Updates and Bug Fixes:

  • Additional Linux OS Support:
    • CentOS 8 and 9
    • Kali
    • Oracle Linux 8 and 9
    • RedHat 8 and 9
    • Ubuntu 20 and 22 (Supported in earlier release of VMF as well)
  • DirectoryBasedSeedGenerator now sorts test cases in input directory alphabetically
  • Improved error handling in AFLForkserverExecutor, auto-detection of AFL++ map size
  • Build Changes
    • make vmf-clean target is now included (rebuilds VMF without rebuilding third party dependencies)
    • coremodules renamed to modules
    • VMF framework dependencies are now statically linked, and the required source code is included with VMF
    • VMF no longer directly depends on AFL++ source code
  • Radamsa module removed
  • Minor renaming and restructuring of source code

Note: CDMS has not changed since VMF 3.2, so no upgrade is required for VMF 4.0.0
Release binaries SHA256:

  • CDMS.war: 052b61544d9d2c084f2ff3632d2564eb3358cbff95e7aa441c2c9ddf47a00650
  • emptycdms.db: 38788934bef348e0ce77c7a03145c1e969c4092b3505b1f7e98e5c3f8e099813
Assets 4
Loading

v3.2.0

14 Feb 20:24
@ebraunstein ebraunstein
v3.2.0
c7cbd6f
Compare
Choose a tag to compare
v3.2.0

VMF Version 3.2.0
New Features:

  • Test cases are passed to and from the CDMS server as a zip file (this increases server performance)

Updates and Bug Fixes:

  • Upgraded to C++17
  • Added support for compiling VMF with Clang++
  • Additional configuration option for tuning CDMS for large installations
  • Clearer error messages if the path to the SUT is invalid and for YAML configuration file errors

Release binaries SHA256:

  • CDMS.war: 052b61544d9d2c084f2ff3632d2564eb3358cbff95e7aa441c2c9ddf47a00650
  • emptycdms.db: 38788934bef348e0ce77c7a03145c1e969c4092b3505b1f7e98e5c3f8e099813
Assets 4
Loading

v3.1.0

17 Oct 18:43
@ebraunstein ebraunstein
v3.1.0
ec43271
Compare
Choose a tag to compare
v3.1.0

VMF Version 3.1.0
New Features Include:

  • Gramatron input generator and mutators
  • Support for building and running on Ubuntu 22.04 LTS

Updates and bugfixes:

  • Added Controller options for distributed corpus update configuration
  • Corrected bug in reading configuration options for Output modules
  • Updated CDMS dependencies
  • Fitness values should never be negative
  • Add plog external INTERFACE target in CMake script
  • Corrected gitignore to no longer exclude src code under "output" modules
  • Clearer error handling if there are zero seed test cases

Release binaries SHA256:

  • CDMS.war: d8003e3b0dfb0d6664659b18cf0b93be4219b7ab624cb3fbfe8d4b14d2f2df88
  • emptycdms.db: 4c14a173a67ea725884aa9051a6316e9bf08043fe1fa91eeb80c59683ac1cda5
  • vmf_v3.1.0_Ubuntu18.tar.gz: 02d50b6536d2ad7290c78407a57f1793b5e042b755770d8614585160007b25de
  • vmf_v3.1.0_Ubuntu20.tar.gz: 76f3550f3634a85a69aef470fb9e9fca1f5f45b4702f5460cdfd236de458f43b
  • vmf_v3.1.0_Ubuntu22.tar.gz: 6cdf3a152ac4df7f5fa9eb4a7ddc0556bbf478fa04160ad58ef8a9cb591aba7e
Assets 7
Loading

v3.0.0

30 Jul 19:39
@jweader jweader
v3.0.0
c4bef2b
Compare
Choose a tag to compare
v3.0.0

First public release of VMF and CDMS

Release binaries SHA256

  • CDMS.war: 5140e0a659114d1c1d9c75e38dc25411413bbbd2abe302d2f1bed88e46faa939
  • vmf_v3.0.0_Ubuntu18.tar.gz: 46cbabac351e8869623804147cde4a5978d38934c9a179f428df900ad043f72a
  • vmf_v3.0.0_Ubuntu20.tar.gz: d8ad7abe842000137453406acce7f914fa187445dcdaf38af01563fead5aba08
Assets 5
Loading