Displaying 20 results from an estimated 4000 matches similar to: "Fuzzing bitcode reader"
2017 Feb 01
2
Fuzzing bitcode reader
2017-02-01 17:45 GMT+01:00 Mehdi Amini <mehdi.amini at apple.com>:
>
>> On Feb 1, 2017, at 8:34 AM, Michael Kruse via llvm-dev <llvm-dev at lists.llvm.org> wrote:
>>
>> Hi all,
>>
>> The blog entry [1] suggest that one of the buildbots constantly fuzzes
>> clang and clang-format. However, the actual bot [2] only tests the
>> fuzzer itself
2017 Feb 01
2
Fuzzing bitcode reader
On Wed, Feb 1, 2017 at 8:45 AM, Mehdi Amini <mehdi.amini at apple.com> wrote:
>
> > On Feb 1, 2017, at 8:34 AM, Michael Kruse via llvm-dev <
> llvm-dev at lists.llvm.org> wrote:
> >
> > Hi all,
> >
> > The blog entry [1] suggest that one of the buildbots constantly fuzzes
> > clang and clang-format. However, the actual bot [2] only tests the
2017 Feb 01
3
Fuzzing bitcode reader
On Wed, Feb 1, 2017 at 9:19 AM, Michael Kruse <llvmdev at meinersbur.de> wrote:
> 2017-02-01 18:07 GMT+01:00 Kostya Serebryany <kcc at google.com>:
> > Yes, I used to run clang-fuzzer and clang-format-fuzzer on this bot, but
> not
> > any more.
> > The reason is simple -- the bot was always red (well, orange) and the
> bugs
> > were never fixed.
>
2015 Aug 30
4
Fuzzing complex programs
I have a project I want to do based on Libfuzzer. Is there a separate
list for it or should I bring up any ideas for it here?
What I have in mind is to fuzz Postgres. Trying to fuzz the SQL
interpreter in general
is not very productive because traditional fuzzers try to execute the
entire program repeatedly and it has a fairly high startup and
shutdown cost. Also the instrumentation-guided
2017 Feb 10
2
Adding a decoder fuzz target
Thanks for your comments, Ralph and Jean-Marc.
Please find attached the amended patch:
- decodes a sequence of input packets rather than just one (I'm planning on
using the Opus test vectors as the seed corpus)
- decides on decoder setup and FEC independently of the packet data
- uses Opus functions to parse ToC
Cheers,
Felicia
On Sun, Jan 29, 2017 at 9:48 PM Jean-Marc Valin <jmvalin at
2019 Nov 02
2
[PATCH nbdkit 0/2] Implement fuzzing using Clang's libFuzzer.
libFuzzer is Clang's fuzzer, and alternative to using AFL:
https://llvm.org/docs/LibFuzzer.html
I implemented an alternative method of fuzzing for libnbd earlier
today and it's pretty simple:
https://github.com/libguestfs/libnbd/commit/c19a6fbae9a21a7d4693418706c59e81ed256875
However it's considerably more difficult to use libFuzzer with
non-library code -- in this case nbdkit.
2015 Aug 30
2
Fuzzing complex programs
On Sun, Aug 30, 2015 at 9:11 AM, Brian Cain via llvm-dev <
llvm-dev at lists.llvm.org> wrote:
>
>
> On Sun, Aug 30, 2015 at 9:30 AM, Greg Stark via llvm-dev <
> llvm-dev at lists.llvm.org> wrote:
>
>> I have a project I want to do based on Libfuzzer. Is there a separate
>> list for it or should I bring up any ideas for it here?
>>
>> No separate
2015 Sep 05
3
Some feedback on Libfuzzer
HI think I have a fairly nicely integrated Libfuzzer based fuzzer in
Postgres now. I can run things like:
SELECT fuzz(100000,'select regexp_matches(''foo/bar/baz'',$1,''g'')')
Which makes it convenient to fuzz arbitrary public functions available
in SQL. (I haven't figured out what interface to make for fuzzing
internal functions which take char
2017 Aug 24
2
llvm-mc-[dis]assemble-fuzzer status?
>
>
> I'd like llvm-isel-fuzzer to be added once its committed
consider it done (once it's there)
> (which should
> be as soon as LLVM fuzzers work in release builds again). One potential
> issue is that llvm-isel-fuzzer is more of a collection of fuzzers, and
> it needs some arguments to run (ie, to choose the backend).
>
I have the same problem with
2017 Aug 29
2
how to auto-report LLVM bugs found by fuzzing?
On Tue, Aug 29, 2017 at 4:13 PM, Justin Bogner <mail at justinbogner.com>
wrote:
> Kostya Serebryany <kcc at google.com> writes:
> > Hi,
> >
> > We have several llvm fuzz targets running on OSS-Fuzz, a continuous
> > automated fuzzing service:
> > https://github.com/google/oss-fuzz
> >
2020 Mar 18
6
Re: Fuzzing Questions
On Wed, Mar 18, 2020 at 01:46:14PM -0400, habib dan aouta wrote:
> Hello Richard,
>
> Hope you are doing well. My name is Habib and I am current student
> at the University of North Carolina at Charlotte(U.S). I am
> currently following your Libnbd client fuzzing tutorial from the
> Wordpress articles
2017 Aug 30
2
how to auto-report LLVM bugs found by fuzzing?
Bugs found by oss-fuzz in llvm are now public:
https://bugs.chromium.org/p/oss-fuzz/issues/list?q=proj-llvm
(and the new ones will be public too).
I've also added llvm-bugs at lists.llvm.org to the list of e-mail recipients:
https://github.com/google/oss-fuzz/blob/master/projects/llvm/project.yaml
On Tue, Aug 29, 2017 at 4:27 PM, Justin Bogner <mail at justinbogner.com>
wrote:
>
2017 Aug 29
3
how to auto-report LLVM bugs found by fuzzing?
Hi,
We have several llvm fuzz targets running on OSS-Fuzz, a continuous
automated fuzzing service:
https://github.com/google/oss-fuzz
https://www.usenix.org/sites/default/files/conference/protected-files/usenixsecurity17_slides_serebryany.pdf
It has reported a few bugs in cxa_demangler, clang, and dwarfdump already,
and we expect to add more fuzz targets to it soon (llvm-isel-fuzzer,
2015 Sep 03
2
Fuzzing complex programs
On Thu, Sep 3, 2015 at 6:25 PM, Kostya Serebryany <kcc at google.com> wrote:
> Not sure I understood this correctly.
> Example?
I've made a Postgres module which is dynamically loaded by Postgres as
a shared library from which I can call the fuzzer on the SQL function
of my choice. Postgres has enough meta information about the functions
that I think the eventual interface might
2019 Nov 12
2
Using Libfuzzer on a library - linking the library to the fuzz target
I am working of using libfuzzer and asan to test out a third-party library.
As demonstrated in the tutorial, I wrote a fuzz target to fuzz a specific
function in the library. The fuzz target is then linked to the library and
compiles clean and I do see some tests generated by the fuzzer. However, I
have some questions regarding the "right" way to go about doing this. I
have doubts that
2019 Nov 12
2
Using Libfuzzer on a library - linking the library to the fuzz target
Hi Mitch,
Thank you for the response.
1. You don't need to build the library with `-fsanitize-coverage=...`,
using `-fsanitize=fuzzer-no-link,address` should be sufficient. -
Acknowledged
2. (although you can actually build object files/shared libraries with
-fsanitize=fuzzer, and the libFuzzer main won't be linked, if this makes
your build process easier). - with just the *fuzzer
2019 Nov 04
3
[PATCH nbdkit v2 0/2] Implement fuzzing using Clang's libFuzzer.
v1 was here:
https://www.redhat.com/archives/libguestfs/2019-November/msg00003.html
This version depends on:
https://www.redhat.com/archives/libguestfs/2019-November/msg00004.html
and this series:
https://www.redhat.com/archives/libguestfs/2019-November/msg00009.html
The delta has been reduced slightly because of changes made possible
by cleaning up and fixing the quit path in nbdkit. It's
2023 Jan 09
1
Does samba provide a fuzzing mode that uses deterministic NTLMSSP_Challenge?
Hi,
Recently I want to fuzz samba systematically (instead of functional fuzzing like OSS-Fuzz/samba). However, the fuzzer acts like smbclient and needs to establish a connection with the samba server via NTLM authentication. The NTLMSSP_Challenge sent by the server is not deterministic, which can render the fuzzing based on previously captured traffic futile. Does samba provide a fuzzing mode
2015 Jul 10
2
[LLVMdev] DataFlowSanitizer only for Linux
Kostya,
I took a quick stab at patching libFuzzer for Apple, but so far I'm
thinking something else is incorrect. Patch is attached but when I went to
reproduce the examples, the toy example went fine, but with PCRE and
Heartbleed I noticed the coverage statistics were pretty poor, and didn't
find anything. Admittedly I moved onto Heartbleed pretty quickly so PCRE
probably isn't the
2015 Sep 03
2
Fuzzing complex programs
I'm fairly sure your compiler (or rather linker) errors are coming from the
fact that you are not linking to the C++ runtime library. Use `clang++
-std=c++11 *.o`, and I'm reasonably sure it will do what you want.
--
Mats
On 3 September 2015 at 12:26, Greg Stark via llvm-dev <
llvm-dev at lists.llvm.org> wrote:
> On Sun, Aug 30, 2015 at 3:30 PM, Greg Stark <stark at