Am 22.11.2019 um 19:11 schrieb Edward Welbourne:
> Il 21/11/19 13:13, Robert Loehning ha scritto:
>>> ** [https://doc.qt.io/qt-5/qregularexpression.html QRegularExpression]
>
> Giuseppe D'Angelo (22 November 2019 18:17) replied:
>> This should mostly be fuzzing libpcre itself...
>
> ... which
On 22/11/2019 18:17, Giuseppe D'Angelo via Development wrote:
Il 21/11/19 13:13, Robert Loehning ha scritto:
** [https://doc.qt.io/qt-5/qregularexpression.html QRegularExpression]
This should mostly be fuzzing libpcre itself...
Note that users should NEVER use / accept untrusted regular
On Fri, Nov 22, 2019 at 04:19:21PM +, Kai Koehne wrote:
Anyhow, QCommandLineParser processes command line arguments from the
outside. These command line arguments might come from other tools,
output ... so it should be really robust in handling these.
"from the outside" is not the
Il 21/11/19 13:13, Robert Loehning ha scritto:
>> ** [https://doc.qt.io/qt-5/qregularexpression.html QRegularExpression]
Giuseppe D'Angelo (22 November 2019 18:17) replied:
> This should mostly be fuzzing libpcre itself...
... which Google is probably already doing.
> Note that users should
Il 21/11/19 13:13, Robert Loehning ha scritto:
** [https://doc.qt.io/qt-5/qregularexpression.html QRegularExpression]
This should mostly be fuzzing libpcre itself...
Note that users should NEVER use / accept untrusted regular expressions.
While we shouldn't crash or exhaust memory, PCREs
> -Original Message-
> From: Development On Behalf Of
> Oswald Buddenhagen
> Sent: Thursday, November 21, 2019 2:41 PM
> To: development@qt-project.org
> Subject: Re: [Development] QtCS2019 Notes from "Fuzzing Qt" BoF session
>
> On Thu, Nov 21, 2019 at
On Thu, Nov 21, 2019 at 12:13:55PM +, Robert Loehning wrote:
=== Which code needs fuzz testing the most? ===
Agreed criteria: Code that operates on possibly untrusted data
Proposals from the audience:
* Classes
** [https://doc.qt.io/qt-5/qcommandlineparser.html QCommandLineParser]
**
Hi,
Here and below are the notes from this session:
https://wiki.qt.io/Qt_Contributors_Summit_2019_-Fuzzing_Qt
Cheers,
Robert
== Introduction ==
* Explained briefly what fuzzing is in general
* Showed how to fuzz Qt itselfSee readme file: