gnash-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnash-dev] Has gnash been fuzzed?

From: Sandro Santilli
Subject: Re: [Gnash-dev] Has gnash been fuzzed?
Date: Wed, 18 Nov 2015 22:30:59 +0100
User-agent: Mutt/1.5.21 (2010-09-15) 
On Wed, Nov 18, 2015 at 03:35:21PM +0100, Jacek Wielemborek wrote:

> "cwtriage" seems to suggest that after that time I gathered two more
> unique crashes, but I'm not willing to share them - I would prefer
> actual Gnash developers to perform the fuzzing because they would know
> how to create test cases that would maximize the coverage. (ideally this
> should be done on a regular basis) I'll be happy to help you with usage
> hints on afl-fuzz, I already know this tool quite well.

We did occasional fuzzying of the core parsers, with zzuf,
but we have no automated fuzzing as part of our testsuite.
Do you want to help with that ?

The flvparser you hit should not be reachable from normal
usage of the gnash standalone or plugin (correct me if I'm wrong).

--strk;

  ()   Free GIS & Flash consultant/developer
  /\   http://strk.keybit.net/services.html
reply via email to
[Prev in Thread] Current Thread [Next in Thread]