Re: Fuzzing Wireshark with oss-fuzz

[Peter Wu <peter () lekensteyn nl>]

On Tue, Dec 20, 2016 at 09:36:33PM -0800, Guy Harris wrote:
> On Dec 20, 2016, at 8:31 PM, Moshe <me () moshekaplan com> wrote:
>
> > I've been working on adding Wireshark to Google's oss-fuzz project
>
> What do you mean by "Wireshark"?
>
> There are at least two parts of Wireshark that deal with externally-supplied data and can be fuzz-tested:
>
>       1) the libwiretap library, which reads capture files, and has to deal with potentially-malformed file formats;
>
>       2) the libwireshark library, which is handed blobs of raw packet data and packet metadata including (but not 
> limited to) the link-layer header type of the packet data - that data usually comes from a capture file read by 
> libwiretap, but it doesn't *have* to.

> From the efforts that I have seen, Moshe seems to be targeting the
dissectors functions. Since these may appear over the network, it is
probably one of the more interesting parts to tackle first.
-- 
Kind regards,
Peter Wu
https://lekensteyn.nl
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe