oss-sec mailing list archives

Re: Fuzzing project brainstorming

From: Sven Kieske <s.kieske () mittwald de>
Date: Thu, 20 Nov 2014 17:19:14 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 20/11/14 16:50, Hanno Böck wrote:

There lays deeper a question that I asked myself already: What's
an "okay" way of reporting these things? Basically what I usually
did is just sending crash samples to upstream devs and add some
valgrind/asan output. One could argue that I'm offloading the real
work to the upstream devs, however I feel they know their code
better than I do (and often I'm just not qualified to create the
fix). Until now I feel most upstreams were okay with that.


Maybe it would be worth it to contact the "hydra" devs about this
as they provided also reproducing test-cases for the crashes, when
reporting to debian?

sadly hydra is not open source.

- -- 
Mit freundlichen Grüßen / Regards

Sven Kieske

Systemadministrator
Mittwald CM Service GmbH & Co. KG
Königsberger Straße 6
32339 Espelkamp
T: +49-5772-293-100
F: +49-5772-293-333
https://www.mittwald.de
Geschäftsführer: Robert Meyer
St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen
Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad
Oeynhausen
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBAgAGBQJUbhSCAAoJEC5d3lL7/I9ze6AP/0d+zGjckKfIrldv8czlMgvZ
bqA6lCrtlz+2GIqXWSIgQVU8miyEB/rPUJTPQQ+upiR9f1Rx3Tym0/w0iKiuhKDm
Xh3GJqcrmlYut6HEPz4Mg81HfD6Qr2Yrvzot/GXepDvxBI13HFbu7YGpi4era3bR
qJDRjcTaBZnxPPHZpO+49Ih1G8616N1bTjJS4EIU7XlHJIOQygJQtwWx7AVe1CCo
ZEBR4jG65C5ulvrBNKc9GT+8SOy6F8JSOg7SevXr7SJBnvDRVtkqNDFTq84M1XCL
xGgZTKNdQ9GJIexlVCAoGwpHtMTZ3+dToxolxLlL2ixlyb7vV8UgYtSe1EvdbfMq
xvL6Il27lfdYIwQZrK+1C56EugeopXi2b/GLalU71PGXeIIHUws7djpHAjkOj59F
yNT8svwkajnSRzkoMwkATu3+eHkvSNhZTZKRYz6RgkovyMS8AOraqDmJCLqfni3l
tEzrBUAlmtghAKUWzPpDsoeZ7I96z2zYgdJamSGMdYf81vbDUU202BejpF1gKMTx
XM2nS2MS8PNaF7y2w7Nc9FYlo+vM2VaT9hoGbTTo2NjIdrpkyHwmpoI7oZ/n1/kN
QF+cjkAu3+lUuMYw2vKvXSUmiuGIpXpwfKti6y7CwyMaYTeuHHgyCU2YVbIqgVNe
c1g4fDtUHktAsAHIR56c
=Joj1
-----END PGP SIGNATURE-----

Current thread:

Fuzzing project brainstorming Hanno Böck (Nov 20)
- Re: Fuzzing project brainstorming Kurt Seifried (Nov 20)
  - Re: Fuzzing project brainstorming Hanno Böck (Nov 20)
    - Re: Fuzzing project brainstorming Sven Kieske (Nov 20)
    - Re: Fuzzing project brainstorming Amos Jeffries (Nov 20)
    - Re: Fuzzing project brainstorming Gynvael Coldwind (Nov 20)
    - Re: Fuzzing project brainstorming Michal Zalewski (Nov 20)
    - Re: Fuzzing project brainstorming Alexander Cherepanov (Nov 20)
    - Re: Fuzzing project brainstorming Gynvael Coldwind (Nov 20)
    - Re: Fuzzing project brainstorming Hanno Böck (Nov 20)
- Re: Fuzzing project brainstorming M.T. Roebuck (Nov 20)
  - Re: Re: Fuzzing project brainstorming Hanno Böck (Nov 20)
    - Re: Re: Fuzzing project brainstorming Daniel Kahn Gillmor (Nov 20)
    - Re: Fuzzing project brainstorming M.T. Roebuck (Nov 21)

(Thread continues...)