oss-sec mailing list archives
Re: Fuzzing project brainstorming
From: Hanno Böck <hanno () hboeck de>
Date: Thu, 20 Nov 2014 20:18:15 +0100
On Fri, 21 Nov 2014 05:30:36 +1300 Amos Jeffries <squid3 () treenet co nz> wrote:
Since they are coming from fuzzing a copy of the exact input which led to it is also valuable. There is nothing worse than having to guess at what might have led to a crash when the input could literally have been anything at all.
I see it pretty much as a given condition that you give the copy of the crashing input to the upstream devs. I can hardly think of a reason not to do so (the only thing that comes to mind are confidential or copyrighted files, I try to make sure I always start fuzzing with inputs that are freely licensed or created by myself to avoid that). -- Hanno Böck http://hboeck.de/ mail/jabber: hanno () hboeck de GPG: BBB51E42
Attachment:
signature.asc
Description:
Current thread:
- Fuzzing project brainstorming Hanno Böck (Nov 20)
- Re: Fuzzing project brainstorming Kurt Seifried (Nov 20)
- Re: Fuzzing project brainstorming Hanno Böck (Nov 20)
- Re: Fuzzing project brainstorming Sven Kieske (Nov 20)
- Re: Fuzzing project brainstorming Amos Jeffries (Nov 20)
- Re: Fuzzing project brainstorming Gynvael Coldwind (Nov 20)
- Re: Fuzzing project brainstorming Michal Zalewski (Nov 20)
- Re: Fuzzing project brainstorming Alexander Cherepanov (Nov 20)
- Re: Fuzzing project brainstorming Gynvael Coldwind (Nov 20)
- Re: Fuzzing project brainstorming Hanno Böck (Nov 20)
- Re: Fuzzing project brainstorming Hanno Böck (Nov 20)
- Re: Fuzzing project brainstorming Kurt Seifried (Nov 20)
- Re: Re: Fuzzing project brainstorming Hanno Böck (Nov 20)
- Re: Re: Fuzzing project brainstorming Daniel Kahn Gillmor (Nov 20)
- Re: Fuzzing project brainstorming M.T. Roebuck (Nov 21)