On 03/07/2016 08:38 PM, Andy Chu wrote: >> I applied your segfault fix, but I think I'll wait for somebody to show >> something this part breaks? > > Yeah it doesn't seem like something anyone should rely on, so I think > it makes to do the simple fix first. > >> Thanks for the fix. Did your fuzzer find anything else? > > Not yet... The sed -f input was literally the first thing I tried and > that dropped out almost instantly. I just tried fuzzing the grep > expression and chmod mode but it didn't find anything. > > I have a patch to main.c to allow afl-fuzz to fuzz arbitrary params > (it works on a model of files, so sed -f was easy to fuzz, but other > things require instrumentation). If it can find a few more bugs that > may be worth it. > > BTW I didn't see the patch applied here? > https://github.com/landley/toybox/commits/master
Sorry, I have a cold that's screwed up this whole week. I have work on different machines I need to collate to upload. (Eh, I'll just re-apply it on my netbook. :) Rob _______________________________________________ Toybox mailing list [email protected] http://lists.landley.net/listinfo.cgi/toybox-landley.net
