Re: [lwip-devel] Reporting crashes found by running a fuzzing campaign

[address@hidden]

Am 04.12.2019 um 15:03 schrieb Hiromasa Ito:
> Hi, Simon.
>
> Thank you for your reply! :)
>
> > As bug reports, like above.
>
> OK. I will report all crashes I found as bug reports.
>
> > The crashed inputs are certainly needed!
> >
> > The test driver would be interesting. You might have noticed we have and AFL
> > setup in test/fuzz and input files in test/fuzz/inputs. I'd be happy to
> > incorporate changes if appropriate.
>
> OK. I think I should upload the whole fuzzing environment
> (crashed inputs, my test driver, initial seeds, and lwIP I tested) for 
> reproducibility.
> Please give me some time to prepare for publication.

A patch to test/fuzz and the inputs that directly crash would be best to
keep it simple enough for me to reproduce the issue.

Time on lwIP is scarce at the moment, so try to keep me from losing
track ;-)

Regards,
Simon

> Best regards,
> Hiromasa
>
> On 2019/12/04 17:48, Simon Goldschmidt wrote:
> > "Hiromasa Ito" <address@hidden> wrote:
> > > I have written a new test driver and ran a fuzzing campaign on lwIP with 
> > > American Fuzzy Lop (AFL).
> > > As a result, I have found nine crashes caused by assertion failures, and they 
> > > seem to be bugs.
> > > I have already reported two of them, but still have seven crashes not reported.
> > >
> > > https://savannah.nongnu.org/bugs/?51447
> > > https://savannah.nongnu.org/bugs/?55706
> > >
> > > There for, I have two questions for developers.
> > >
> > > First, how should I report these unreported crashes?
> >
> > As bug reports, like above.
> >
> > > Should I report them individually, like the ones above?
> >
> > That depends if they are real separate issues (report individually) or crashes
> > in the same area (combine in one bug).
> >
> > > If needed, I can upload the test driver, crashed inputs, and the source codes 
> > > of lwIP I used.
> >
> > The crashed inputs are certainly needed!
> >
> > The test driver would be interesting. You might have noticed we have and AFL
> > setup in test/fuzz and input files in test/fuzz/inputs. I'd be happy to
> > incorporate changes if appropriate.
> >
> > > Second, can I write about these crashes in my academic paper?
> > > I'm a master's student in computer science in Japan.
> > > If any bugs cause these crashes, I'd like to write about them in my paper.
> > > If it is inconvenient, please let me know.
> >
> > Yes, I don't see a problem writing about that.
> >
> > Regards,
> > Simon
> >
> > > Best regards,
> > > Hiromasa
> > >
> > > _______________________________________________
> > > lwip-devel mailing list
> > > address@hidden
> > > https://lists.nongnu.org/mailman/listinfo/lwip-devel
> >
> > _______________________________________________
> > lwip-devel mailing list
> > address@hidden
> > https://lists.nongnu.org/mailman/listinfo/lwip-devel
>
> --
> vhertz
>
> _______________________________________________
> lwip-devel mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/lwip-devel