|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] Month of Kernel Bugs and fsfuzzer release (0.6)
From: Jared DeMott (demottja
msu.edu)
Date: Tue Oct 24 2006 - 14:45:25 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> One of the issues is that some filesystems perform CRC calculation and
> other tricks (hint: mtd code). Thus, the time before you're actually
> able to find a bug, increases (as most probably the generated output
> won't pass the CRC validation).
>
Ah, yes, this is a general fuzzing issue I've been thinking about. I've
done a bit of research trying to figure out with what heuristics to
fuzz. And than it hit me: even more important than finding a "good"
long string, for example, is how to get it properly delivered. The
"test harness" + "knowledge of where the test ends up" is almost more
important than the "test" if you will.
>
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]