Hi, I rewrote fuzzing tool (stress.sh and mangle.c) in Python. Changes: * Set memory limit to avoid crash of the fuzzer * Read extraction time to catch "timeout" error * Use directly hachoir-metadata library * Better mangle code * Catch Hachoir errors (and filter them) and not exceptions
I found and fixed many bugs. Example of fixed bugs: hachoir-core: * SeekableFieldSet: Fix fields creation * Float80: catch overflow to raise our own ValueError * String: value is now *ALWAYS* Unicode * fix createOrphanField(): use try/finally to restore old current_size hachoir-parser: * CAB: validate() check number of folder (reject > 30) * TIFF/EXIF: reject count>200 in an IFD * TTF: reject name count > 300 * GIF: raise ParserError and not just display a warning for invalid image marker * OLE2: check header consistency in validate() * OLE2: reject bb_shift > 14 (and not > 31) * OLE2: catch LookupError in getChain() * MPEG audio: synchronization use try/except HACHOIR_ERRORS (to be fault tolerant) * EXE resource: reject index > 300 items hachoir-metadata is not the same software :-) It has a new API (to read value) and code is now fault tolerant. I think that I will release 0.9 and 0.10 versions next week. Haypo
