subject:"\[tor\-bugs\] #26265 \[Core Tor\/Tor\]\: A proposal and demo for a fuzzing system that works with Rust through C code"

Re: [tor-bugs] #26265 [Core Tor/Tor]: A proposal and demo for a fuzzing system that works with Rust through C code

2018-08-18 Thread Tor Bug Tracker & Wiki

#26265: A proposal and demo for a fuzzing system that works with Rust through C
code
-+-
 Reporter:  debily   |  Owner:  (none)
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Low  |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Trivial  | Resolution:
 Keywords:  fuzzing, Rust, afl,  |  Actual Points:
  035-removed-20180711   |
Parent ID:  #24265   | Points:
 Reviewer:  nickm|Sponsor:
-+-
Changes (by teor):

 * parent:  #25386 => #24265


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26265 [Core Tor/Tor]: A proposal and demo for a fuzzing system that works with Rust through C code

2018-06-11 Thread Tor Bug Tracker & Wiki

#26265: A proposal and demo for a fuzzing system that works with Rust through C
code
--+
 Reporter:  debily|  Owner:  (none)
 Type:  enhancement   | Status:  needs_revision
 Priority:  Low   |  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Trivial   | Resolution:
 Keywords:  fuzzing Rust afl  |  Actual Points:
Parent ID:  #25386| Points:
 Reviewer:  nickm |Sponsor:
--+
Changes (by nickm):

 * status:  needs_review => needs_revision


Comment:

 Setting as needs_revision per isis's comment above.  This is a decent
 example of Rust fuzzing, but what we need is a feature to run the C and
 the rust in parallel, and compare their outputs.  In many cases, the
 outputs will be strings, lists of strings, booleans, or some similar data
 structure, so the comparison shouldn't be too hard.  For us to get the
 benefit of trace-aware fuzzing, we really need both of the implementations
 to run in the same process.

 Additionally, it would be much more useful if this fuzzing could be done
 through the infrastructure currently in `src/test/fuzz` directory: That
 way, we could run this fuzzing not only with AFL, but also with llvm's
 libfuzzer, with google's OSS-Fuzz, and whatever else we wind up having in
 the future.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26265 [Core Tor/Tor]: A proposal and demo for a fuzzing system that works with Rust through C code

2018-06-03 Thread Tor Bug Tracker & Wiki

#26265: A proposal and demo for a fuzzing system that works with Rust through C
code
--+
 Reporter:  debily|  Owner:  (none)
 Type:  enhancement   | Status:  needs_review
 Priority:  Low   |  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Trivial   | Resolution:
 Keywords:  fuzzing Rust afl  |  Actual Points:
Parent ID:  #25386| Points:
 Reviewer:|Sponsor:
--+

Comment (by debily):

 Replying to [comment:4 isis]:
 > This probably won't fix #25386, but it is a pretty good start on #24265.
 What we really need eventually is a way for the ''same'' random fuzzer
 input to be sent to both a C function and a Rust function, both of which
 are supposed to behave identically (e.g. the parsers in
 `src/or/protover.c` and `src/rust/protover/protover.rs`).

 Well I could do a json dump of structures and compare them, though one can
 never be sure of correctness of used json libraries.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26265 [Core Tor/Tor]: A proposal and demo for a fuzzing system that works with Rust through C code

2018-06-02 Thread Tor Bug Tracker & Wiki

#26265: A proposal and demo for a fuzzing system that works with Rust through C
code
--+
 Reporter:  debily|  Owner:  (none)
 Type:  enhancement   | Status:  needs_review
 Priority:  Low   |  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Trivial   | Resolution:
 Keywords:  fuzzing Rust afl  |  Actual Points:
Parent ID:  #25386| Points:
 Reviewer:|Sponsor:
--+
Changes (by isis):

 * cc: isis (added)


Comment:

 This probably won't fix #25386, but it is a pretty good start on #24265.
 What we really need eventually is a way for the ''same'' random fuzzer
 input to be sent to both a C function and a Rust function, both of which
 are supposed to behave identically (e.g. the parsers in
 `src/or/protover.c` and `src/rust/protover/protover.rs`).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26265 [Core Tor/Tor]: A proposal and demo for a fuzzing system that works with Rust through C code

2018-06-02 Thread Tor Bug Tracker & Wiki

#26265: A proposal and demo for a fuzzing system that works with Rust through C
code
--+
 Reporter:  debily|  Owner:  (none)
 Type:  enhancement   | Status:  needs_review
 Priority:  Low   |  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Trivial   | Resolution:
 Keywords:  fuzzing Rust afl  |  Actual Points:
Parent ID:  #25386| Points:
 Reviewer:|Sponsor:
--+
Changes (by chelseakomlo):

 * cc: chelseakomlo (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26265 [Core Tor/Tor]: A proposal and demo for a fuzzing system that works with Rust through C code (was: A demo for a fuzzing system that works for Rust through C code)

2018-06-02 Thread Tor Bug Tracker & Wiki

#26265: A proposal and demo for a fuzzing system that works with Rust through C
code
--+
 Reporter:  debily|  Owner:  (none)
 Type:  enhancement   | Status:  needs_review
 Priority:  Low   |  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Trivial   | Resolution:
 Keywords:  fuzzing Rust afl  |  Actual Points:
Parent ID:  #25386| Points:
 Reviewer:|Sponsor:
--+

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26265 [Core Tor/Tor]: A proposal and demo for a fuzzing system that works with Rust through C code

Re: [tor-bugs] #26265 [Core Tor/Tor]: A proposal and demo for a fuzzing system that works with Rust through C code

Re: [tor-bugs] #26265 [Core Tor/Tor]: A proposal and demo for a fuzzing system that works with Rust through C code

Re: [tor-bugs] #26265 [Core Tor/Tor]: A proposal and demo for a fuzzing system that works with Rust through C code

Re: [tor-bugs] #26265 [Core Tor/Tor]: A proposal and demo for a fuzzing system that works with Rust through C code

Re: [tor-bugs] #26265 [Core Tor/Tor]: A proposal and demo for a fuzzing system that works with Rust through C code (was: A demo for a fuzzing system that works for Rust through C code)

6 matches

Site Navigation

Mail list logo

Footer information