On Wed, Nov 18, 2015 at 03:35:21PM +0100, Jacek Wielemborek wrote: > "cwtriage" seems to suggest that after that time I gathered two more > unique crashes, but I'm not willing to share them - I would prefer > actual Gnash developers to perform the fuzzing because they would know > how to create test cases that would maximize the coverage. (ideally this > should be done on a regular basis) I'll be happy to help you with usage > hints on afl-fuzz, I already know this tool quite well.
We did occasional fuzzying of the core parsers, with zzuf, but we have no automated fuzzing as part of our testsuite. Do you want to help with that ? The flvparser you hit should not be reachable from normal usage of the gnash standalone or plugin (correct me if I'm wrong). --strk; () Free GIS & Flash consultant/developer /\ http://strk.keybit.net/services.html _______________________________________________ Gnash-dev mailing list Gnash-dev@gnu.org https://lists.gnu.org/mailman/listinfo/gnash-dev
