http->https

Author: vanhauser-thc

GNUmakefile

@@ -10,7 +10,7 @@
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at:
 #
-#   http://www.apache.org/licenses/LICENSE-2.0
+#   https://www.apache.org/licenses/LICENSE-2.0
 #
 
 # For Heiko:

GNUmakefile.gcc_plugin

@@ -17,7 +17,7 @@
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at:
 #
-#   http://www.apache.org/licenses/LICENSE-2.0
+#   https://www.apache.org/licenses/LICENSE-2.0
 #
 #TEST_MMAP=1
 PREFIX      ?= /usr/local

GNUmakefile.llvm

@@ -12,7 +12,7 @@
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at:
 #
-#   http://www.apache.org/licenses/LICENSE-2.0
+#   https://www.apache.org/licenses/LICENSE-2.0
 #
 
 # For Heiko:

TODO.md

@@ -2,7 +2,6 @@
 
 ## TODO
 
- - AFL_USE_TSAN to docs/env_variables.md after work over
  - screen update during input2stage
  - better autodetection of shifting runtime timeout values
  - Update afl->pending_not_fuzzed for MOpt

afl-cmin.bash

@@ -11,7 +11,7 @@
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at:
 #
-#   http://www.apache.org/licenses/LICENSE-2.0
+#   https://www.apache.org/licenses/LICENSE-2.0
 #
 # This tool tries to find the smallest subset of files in the input directory
 # that still trigger the full range of instrumentation data points seen in

afl-plot

@@ -12,7 +12,7 @@
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at:
 #
-#   http://www.apache.org/licenses/LICENSE-2.0
+#   https://www.apache.org/licenses/LICENSE-2.0
 #
 
 get_abs_path() {

afl-whatsup

@@ -12,7 +12,7 @@
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at:
 #
-#   http://www.apache.org/licenses/LICENSE-2.0
+#   https://www.apache.org/licenses/LICENSE-2.0
 #
 # This tool summarizes the status of any locally-running synchronized
 # instances of afl-fuzz.

docs/Changelog.md

@@ -2760,7 +2760,7 @@ sending a mail to <[email protected]>.
   - Updated the documentation and added notes_for_asan.txt. Based on feedback
     from Hanno Boeck, Ben Laurie, and others.
 
-  - Moved the project to http://lcamtuf.coredump.cx/afl/.
+  - Moved the project to https://lcamtuf.coredump.cx/afl/.
 
 ### Version 0.46b:
 

docs/INSTALL.md

@@ -150,4 +150,4 @@ sysctl kern.sysv.shmseg=48
 sysctl kern.sysv.shmall=98304
 ```
 
-See [http://www.spy-hill.com/help/apple/SharedMemory.html](http://www.spy-hill.com/help/apple/SharedMemory.html) for documentation for these settings and how to make them permanent.
+See [https://www.spy-hill.com/help/apple/SharedMemory.html](https://www.spy-hill.com/help/apple/SharedMemory.html) for documentation for these settings and how to make them permanent.

docs/best_practices.md

@@ -108,7 +108,7 @@ Four steps are required to do this and it also requires quite some knowledge of
 
      Follow this document on how to do this: [instrumentation/README.instrument_list.md](../instrumentation/README.instrument_list.md).
      If `PCGUARD` is used, then you need to follow this guide (needs llvm 12+!):
-     [http://clang.llvm.org/docs/SanitizerCoverage.html#partially-disabling-instrumentation](http://clang.llvm.org/docs/SanitizerCoverage.html#partially-disabling-instrumentation)
+     [https://clang.llvm.org/docs/SanitizerCoverage.html#partially-disabling-instrumentation](https://clang.llvm.org/docs/SanitizerCoverage.html#partially-disabling-instrumentation)
 
      Only exclude those functions from instrumentation that provide no value for coverage - that is if it does not process any fuzz data directly or indirectly (e.g. hash maps, thread management etc.).
      If however a function directly or indirectly handles fuzz data, then you should not put the function in a deny instrumentation list and rather live with the instability it comes with.

docs/interpreting_output.md

@@ -56,7 +56,7 @@ Any existing output directory can be also used to resume aborted jobs; try:
 
 If you have gnuplot installed, you can also generate some pretty graphs for any
 active fuzzing task using afl-plot. For an example of how this looks like,
-see [http://lcamtuf.coredump.cx/afl/plot/](http://lcamtuf.coredump.cx/afl/plot/).
+see [https://lcamtuf.coredump.cx/afl/plot/](https://lcamtuf.coredump.cx/afl/plot/).
 
 You can also manually build and install afl-plot-ui, which is a helper utility
 for showing the graphs generated by afl-plot in a graphical window using GTK.

docs/known_limitations.md

@@ -31,6 +31,6 @@ Here are some of the most important caveats for AFL:
     [https://www.fastly.com/blog/how-to-fuzz-server-american-fuzzy-lop](https://www.fastly.com/blog/how-to-fuzz-server-american-fuzzy-lop)
 
   - Occasionally, sentient machines rise against their creators. If this
-    happens to you, please consult [http://lcamtuf.coredump.cx/prep/](http://lcamtuf.coredump.cx/prep/).
+    happens to you, please consult [https://lcamtuf.coredump.cx/prep/](https://lcamtuf.coredump.cx/prep/).
 
 Beyond this, see [INSTALL.md](INSTALL.md) for platform-specific tips.

docs/sister_projects.md

@@ -15,7 +15,7 @@ instruction manual.
 Allows fuzz-testing of Python programs. Uses custom instrumentation and its
 own forkserver.
 
-http://jwilk.net/software/python-afl
+https://jwilk.net/software/python-afl
 
 ### Go-fuzz (Dmitry Vyukov)
 
@@ -34,7 +34,7 @@ https://github.com/kmcallister/afl.rs
 Adds AFL-compatible instrumentation to OCaml programs.
 
 https://github.com/ocamllabs/opam-repo-dev/pull/23
-http://canopy.mirage.io/Posts/Fuzzing
+https://canopy.mirage.io/Posts/Fuzzing
 
 ### AFL for GCJ Java and other GCC frontends (-)
 
@@ -54,7 +54,7 @@ some programs to be fuzzed without the fork / execve overhead. (Similar
 functionality is now available as the "persistent" feature described in
 [the llvm_mode readme](../instrumentation/README.llvm.md))
 
-http://llvm.org/docs/LibFuzzer.html
+https://llvm.org/docs/LibFuzzer.html
 
 ## TriforceAFL (Tim Newsham and Jesse Hertz)
 
@@ -189,7 +189,7 @@ https://github.com/bshastry/afl-sancov
 
 Makes it easy to estimate memory usage limits when fuzzing with ASAN or MSAN.
 
-http://jwilk.net/software/recidivm
+https://jwilk.net/software/recidivm
 
 ### aflize (Jacek Wielemborek)
 
@@ -274,7 +274,7 @@ https://goo.gl/j9EgFf
 
 A simple SQL shell designed specifically for fuzzing the underlying library.
 
-http://www.sqlite.org/src/artifact/9e7e273da2030371
+https://www.sqlite.org/src/artifact/9e7e273da2030371
 
 ### Support for Python mutation modules (Christian Holler)
 
@@ -292,7 +292,7 @@ A similar guided approach as applied to fuzzing syscalls:
 
 https://github.com/google/syzkaller/wiki/Found-Bugs
 https://github.com/dvyukov/linux/commit/33787098ffaaa83b8a7ccf519913ac5fd6125931
-http://events.linuxfoundation.org/sites/events/files/slides/AFL%20filesystem%20fuzzing%2C%20Vault%202016_0.pdf
+https://events.linuxfoundation.org/sites/events/files/slides/AFL%20filesystem%20fuzzing%2C%20Vault%202016_0.pdf
 
 
 ### Kernel Snapshot Fuzzing using Unicornafl (Security in Telecommunications)

docs/technical_details.md

@@ -161,8 +161,8 @@ features of the underlying data format, as shown in this image:
 Several practical examples of the results of this algorithm are discussed
 here:
 
-  http://lcamtuf.blogspot.com/2014/11/pulling-jpegs-out-of-thin-air.html
-  http://lcamtuf.blogspot.com/2014/11/afl-fuzz-nobody-expects-cdata-sections.html
+  https://lcamtuf.blogspot.com/2014/11/pulling-jpegs-out-of-thin-air.html
+  https://lcamtuf.blogspot.com/2014/11/afl-fuzz-nobody-expects-cdata-sections.html
 
 The synthetic corpus produced by this process is essentially a compact
 collection of "hmm, this does something new!" input files, and can be used to
@@ -323,7 +323,7 @@ value of various fuzzing strategies and optimize their parameters so that they
 work equally well across a wide range of file types. The strategies used by
 afl-fuzz are generally format-agnostic and are discussed in more detail here:
 
-  http://lcamtuf.blogspot.com/2014/08/binary-fuzzing-strategies-what-works.html
+  https://lcamtuf.blogspot.com/2014/08/binary-fuzzing-strategies-what-works.html
 
 It is somewhat notable that especially early on, most of the work done by
 `afl-fuzz` is actually highly deterministic, and progresses to random stacked
@@ -376,7 +376,7 @@ valid grammar for the tested parser.
 A discussion of how these features are implemented within afl-fuzz can be found
 here:
 
-  http://lcamtuf.blogspot.com/2015/01/afl-fuzz-making-up-grammar-with.html
+  https://lcamtuf.blogspot.com/2015/01/afl-fuzz-making-up-grammar-with.html
 
 In essence, when basic, typically easily-obtained syntax tokens are combined
 together in a purely random manner, the instrumentation and the evolutionary
@@ -429,7 +429,7 @@ thrown away.
 
 A detailed discussion of the value of this approach can be found here:
 
-  http://lcamtuf.blogspot.com/2014/11/afl-fuzz-crash-exploration-mode.html
+  https://lcamtuf.blogspot.com/2014/11/afl-fuzz-crash-exploration-mode.html
 
 The method uses instrumentation feedback to explore the state of the crashing
 program to get past the ambiguous faulting condition and then isolate the
@@ -447,7 +447,7 @@ goes through `execve()`, linking, and libc initialization only once, and is then
 cloned from a stopped process image by leveraging copy-on-write. The
 implementation is described in more detail here:
 
-  http://lcamtuf.blogspot.com/2014/10/fuzzing-binaries-without-execve.html
+  https://lcamtuf.blogspot.com/2014/10/fuzzing-binaries-without-execve.html
 
 The fork server is an integral aspect of the injected instrumentation and
 simply stops at the first instrumented function to await commands from

frida_mode/Scripting.md

@@ -302,7 +302,7 @@ Consider the [following](test/js/test2.c) test code...
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
  */
 
 #include <fcntl.h>

include/afl-as.h

@@ -16,7 +16,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
    This file houses the assembly-level instrumentation injected into fuzzed
    programs. The instrumentation stores XORed pairs of data: identifiers of the
@@ -396,7 +396,7 @@ static const u8 *main_payload_32 =
   "\n";
 
 /* The OpenBSD hack is due to lahf and sahf not being recognized by some
-   versions of binutils: http://marc.info/?l=openbsd-cvs&m=141636589924400
+   versions of binutils: https://marc.info/?l=openbsd-cvs&m=141636589924400
 
    The Apple code is a bit different when calling libc functions because
    they are doing relocations differently from everybody else. We also need

include/afl-fuzz.h

@@ -16,7 +16,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
    This is the real deal: the program takes an instrumented binary and
    attempts a variety of basic fuzzing tricks, paying close attention to

include/afl-prealloc.h

@@ -16,7 +16,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
  */
 

include/alloc-inl.h

@@ -16,7 +16,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
    This allocator is not designed to resist malicious attackers (the canaries
    are small and predictable), but provides a robust and portable way to detect

include/cmplog.h

@@ -18,7 +18,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
    Shared code to handle the shared memory. This is used by the fuzzer
    as well the other components like afl-tmin, afl-showmap, etc...

include/common.h

@@ -16,7 +16,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
    Gather some functions common to multiple executables
 

include/config.h

@@ -16,7 +16,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
  */
 

include/debug.h

@@ -16,7 +16,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
  */
 

include/forkserver.h

@@ -18,7 +18,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
    Shared code that implements a forkserver. This is used by the fuzzer
    as well the other components like afl-tmin.

include/hash.h

@@ -21,7 +21,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
  */
 

include/list.h

@@ -16,7 +16,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
    This allocator is not designed to resist malicious attackers (the canaries
    are small and predictable), but provides a robust and portable way to detect

include/sharedmem.h

@@ -18,7 +18,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
    Shared code to handle the shared memory. This is used by the fuzzer
    as well the other components like afl-tmin, afl-showmap, etc...

include/snapshot-inl.h

@@ -18,7 +18,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
  */
 

include/types.h

@@ -16,7 +16,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
  */
 

instrumentation/README.llvm.md

@@ -75,7 +75,7 @@ load modules (you'll see "Service unavailable" when loading afl-llvm-pass.so).
 
 To solve all your problems, you can grab pre-built binaries for your OS from:
 
-  http://llvm.org/releases/download.html
+  https://llvm.org/releases/download.html
 
 ...and then put the bin/ directory from the tarball at the beginning of your
 $PATH when compiling the feature and building packages later on. You don't need

instrumentation/afl-compiler-rt.o.c

@@ -9,7 +9,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
 
 */

instrumentation/afl-gcc-pass.so.cc

@@ -30,7 +30,7 @@
    GNU General Public License for more details.
 
    You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
  */
 

instrumentation/afl-llvm-dict2file.so.cc

@@ -10,7 +10,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
    This library is plugged into LLVM when invoking clang through afl-clang-lto.
 

instrumentation/afl-llvm-lto-instrumentation.so.cc

@@ -10,7 +10,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at:
 
-     http://www.apache.org/licenses/LICENSE-2.0
+     https://www.apache.org/licenses/LICENSE-2.0
 
    This library is plugged into LLVM when invoking clang through afl-clang-lto.