The fuzzer extracts 4 (large) integers, A, B, C, D from a buffer generated by the fuzzing engine. Then arithmic operations are performed on these numbers eg:
A = B + C A = B - C A = B / C Etc. These operations are executed in tandem across two bignum libraries, for example OpenSSL and libgmp. If the results don't match, an error is raised and the system sends an e-mail. Beyond the differential aspect (compare output of calculations), it also detects undefined behavior (eg. signed integer overflow) and memory errors (buffer overflow etc). Per your wish I will notify this list as soon as a legitimate bug has been found. Guido On Wed, Jul 11, 2018, 17:24 Torbjörn Granlund <t...@gmplib.org> wrote: > Guido Vranken <guidovran...@gmail.com> writes: > > I built a bignum differential fuzzer [1] that has been running on > Google's oss-fuzz service [2] for a while. It performs the same > mathematical operations (addition, subtraction, multiplication, > modular exponentation, etc) across multiple bignum libraries ( > currently OpenSSL, Go, Rust, C++ Boost, libgmp), compares their > results and crashes if they don't match. This effort has so far > found a couple of (minor) bugs in OpenSSL and Go. > > What is the "fuzz" in the case of arithmetic? > > I understand the test concept of fuzzing as feeding someting (like a > parser) with slightly incorrect input, with the inserted errors being > (pseudo) randomly selected. > > Or is fuzzing perhaps a novel term for testing? > > As soon as a mismatch is found, oss-fuzz will send a notification > e-mail to the developers of the various bignum libraries so the bug > can be examined and resolved. > > At which e-mail address(es) do the > developers of libgmp wish to receive these notifications? > > Do any perceived errors automatically generate mail? > > I do not want a perpetually running test program to send me email. Some > other GMP developer might want such mail. > > But if you find some suspected error in GMP, please investigate it > manually and report it to the gmp-bugs mailing list. > > External testing of GMP is a very good thing. The GMP test suite is > great, but it is written by the very same developers who wrote GMP; we > might have missed some aspect. > > -- > Torbjörn > Please encrypt, key id 0xC8601622 > _______________________________________________ gmp-devel mailing list gmp-devel@gmplib.org https://gmplib.org/mailman/listinfo/gmp-devel