I'm starting to look at fuzz testing the mathematical modelling library I work
on, which reads complicated data files that are produced by end-users, and
could plausibly be used to stage buffer overflow attacks. The basics obviously
come first: use -fstack-protector, take care with string manipulation functions
and so on.
But while looking at fuzzing systems such as AFL
(http://lcamtuf.coredump.cx/afl/) it struck me that the Valgrind execution
environment could be used to write a fuzzer that could discover changes in flow
of control in response to variations in input files, and thus provide a better
feedback mechanism than "Load a file, see if the test program crashes".
Has anyone looked into this in the past?
thanks,
--
John Dallman
-----------------
Siemens Industry Software Limited is a limited company registered in England
and Wales.
Registered number: 3476850.
Registered office: Faraday House, Sir William Siemens Square, Frimley, Surrey,
GU16 8QD.
------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140
_______________________________________________
Valgrind-users mailing list
Valgrind-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/valgrind-users
