On 2/24/07, Nikolas Zimmermann <[EMAIL PROTECTED]> wrote:
> 2) Additional testing > * Fuzz-test for custom parsers - the biggest security risk is > buffer overruns in some of the custom parsers, so we'd like to > develop a fuzz-testing tool for attributes that trigger these, and > fix resulting crashes. Definately. There have been too many crashes around involving the svg path parsing code etc. Any idea how to develop such a fuzz-testing tool? Simple perl/ruby/<whatever> script producing static test files?
You might try http://sam.zoy.org/zzuf/ - I never tried it but from the description it seems to fit the bill perfectly. -- kjk _______________________________________________ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo/webkit-dev
