oss-sec mailing list archives
Re: Fuzzing project brainstorming
From: Alexander Cherepanov <cherepan () mccme ru>
Date: Fri, 21 Nov 2014 04:23:59 +0300
On 2014-11-20 19:54, Gynvael Coldwind wrote:
I would argue that "is also valuable" is underplaying it a little ;) IMO having the input (and information on how was it loaded in some cases)
Yes, sometimes a crash is only happens under valgrind or with specific ulimit etc.
If it came from a mutation-based fuzzer, the original (not-mutated) sample can be useful too.
You mean the closest non-crashing parent (in case there is a chain of samples as in AFL)?
And while we are at it, would you mind describing your experience in case of ffmpeg. Your blogpost -- http://gynvael.coldwind.pl/?id=524 -- gives only high level review of the work. The fuzzer and specific methods of fuzzing seems to be proprietary. That's fine. But perhaps you can describe other sides of the work: - how did you deduplicate crashes (full stacktrace, some frames only or some other way);
- how did you decide which issues are security-sensitive and which are not; - how did you requested CVEs (for which issues, which info was required); - (if you know) how security fixes were released by ffmpeg. This kind of questions.Given the sheer number of findings you probably did everything automatically?
-- Alexander Cherepanov
Current thread:
- Fuzzing project brainstorming Hanno Böck (Nov 20)
- Re: Fuzzing project brainstorming Kurt Seifried (Nov 20)
- Re: Fuzzing project brainstorming Hanno Böck (Nov 20)
- Re: Fuzzing project brainstorming Sven Kieske (Nov 20)
- Re: Fuzzing project brainstorming Amos Jeffries (Nov 20)
- Re: Fuzzing project brainstorming Gynvael Coldwind (Nov 20)
- Re: Fuzzing project brainstorming Michal Zalewski (Nov 20)
- Re: Fuzzing project brainstorming Alexander Cherepanov (Nov 20)
- Re: Fuzzing project brainstorming Gynvael Coldwind (Nov 20)
- Re: Fuzzing project brainstorming Hanno Böck (Nov 20)
- Re: Fuzzing project brainstorming Hanno Böck (Nov 20)
- Re: Fuzzing project brainstorming Kurt Seifried (Nov 20)
- Re: Re: Fuzzing project brainstorming Hanno Böck (Nov 20)
- Re: Re: Fuzzing project brainstorming Daniel Kahn Gillmor (Nov 20)
- Re: Fuzzing project brainstorming M.T. Roebuck (Nov 21)