oss-sec mailing list archives
Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz
From: Seth Arnold <seth.arnold () canonical com>
Date: Mon, 24 Jun 2019 17:53:41 -0700
On Mon, Jun 24, 2019 at 07:15:20PM -0400, Alex Gaynor wrote:
sounds very hard to me, at least without requiring more user involvement than ASAN requires right now. This seems like a very cool area for academic research though!
Have you tried the gdb exploitable plugin yet? https://github.com/jfoote/exploitable Some of the tools written around AFL have included support for running exploitable directly on the fuzzer results and helping to prioritize, roughly, in what order the specimens should be worked on: https://gitlab.com/rc0r/afl-utils with a direct link to a pretty screenshot: https://gitlab.com/rc0r/afl-utils/raw/master/.scrots/afl_collect_sample.png I assume like most such tools, this is another case of being a good start but not nearly as reliable as a knowledgeable human. It's also probably completely useless for issues that aren't memory-safety issues. But it's something that exists today and may be helpful. Thanks
Attachment:
signature.asc
Description:
Current thread:
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz, (continued)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Jakub Wilk (Jun 23)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Marcus Meissner (Jun 17)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Dmitry Vyukov (Jun 24)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Bob Friesenhahn (Jun 24)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Stuart D. Gathman (Jun 24)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Bob Friesenhahn (Jun 24)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Matthew Fernandez (Jun 25)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz David A. Wheeler (Jun 24)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Simon McVittie (Jun 24)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Alex Gaynor (Jun 24)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Seth Arnold (Jun 24)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Bob Friesenhahn (Jun 25)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Alex Gaynor (Jun 25)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Alexander Potapenko (Jun 25)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Matthew Fernandez (Jun 25)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Jeff Law (Jun 25)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Pascal Cuoq (Jun 25)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Jeff Law (Jun 25)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Dmitry Vyukov (Jun 24)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Bob Friesenhahn (Jun 25)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Jeffrey Walton (Jun 25)
- Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz Florian Weimer (Jun 25)