Hi Renáta, Thanks for undertaking this effort.
Is it possible for your fuzzer to run under guard malloc or ASAN(AddressSanitizer) and catch security problems? We could also improve our annotation in the codebase to use ASSERT_WITH_SECURITY_IMPLICATION if that helps. - R. Niwa On Tue, Jun 25, 2013 at 1:56 AM, Renáta Hodován <hodo...@inf.u-szeged.hu>wrote: > Hi folks, > > as many of you know already I'm working on an universal web fuzzer, which > is able to generate random test cases for both svg, html, css and js, and > test them against any browser. With this method we can catch crashes, > assertions, memory corruptions and all the funny things. > > A few words about it: Fuzzinator learns from existing test cases and based > on this information it generates new tests that are syntactically correct. > Beside this randomized step I also put some language specific knowledge > into the tests too. Further details about the theoretical background will > be shared in a blogpost soon. > > However the results are available in public already and they are collected > under a metabug in bugzilla: > https://bugs.webkit.org/show_bug.cgi?id=116980. So should any of you feel > like browsing or fixing them, don't hesitate to start with it ;) > > Cheers, > Reni > > > > > _______________________________________________ > webkit-dev mailing list > webkit-dev@lists.webkit.org > https://lists.webkit.org/mailman/listinfo/webkit-dev > >
_______________________________________________ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev
