On 2/24/07, Nikolas Zimmermann <[EMAIL PROTECTED]> wrote:
> 2) Additional testing
>    * Fuzz-test for custom parsers - the biggest security risk is
> buffer overruns in some of the custom parsers, so we'd like to
> develop a fuzz-testing tool for attributes that trigger these, and
> fix resulting crashes.
Definately. There have been too many crashes around involving the svg
path parsing code etc. Any idea how to develop such a fuzz-testing tool?
Simple perl/ruby/<whatever> script producing static test files?

You might try http://sam.zoy.org/zzuf/ - I never tried it but from the
description it seems to fit the bill perfectly.

-- kjk
_______________________________________________
webkit-dev mailing list
webkit-dev@lists.webkit.org
http://lists.webkit.org/mailman/listinfo/webkit-dev

Reply via email to