gnash-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnash-dev] Has gnash been fuzzed?

From: Jacek Wielemborek
Subject: Re: [Gnash-dev] Has gnash been fuzzed?
Date: Wed, 18 Nov 2015 22:38:46 +0100 
W dniu 18.11.2015 o 22:37, Sandro Santilli pisze:
> On Wed, Nov 18, 2015 at 10:32:48PM +0100, Jacek Wielemborek wrote:
>> W dniu 18.11.2015 o 22:30, Sandro Santilli pisze:
>>> We did occasional fuzzying of the core parsers, with zzuf,
>>> but we have no automated fuzzing as part of our testsuite.
>>> Do you want to help with that ?
>>
>> Is zzuf a genetic fuzzer like afl-fuzz? I could definitely recommend
>> using AFL.
> 
> http://caca.zoy.org/wiki/zzuf

I took a quick peek at the website and couldn't find an answer.

> The Gnash testsuite is flexible enough to allow for hosting
> multiple testing families, so if you want to provide some
> code for a testsuite/afl-fuzz subdir, that'd be welcome.
> 
> Ideally it'd integrate with build scripts.
> 
>>> The flvparser you hit should not be reachable from normal
>>> usage of the gnash standalone or plugin (correct me if I'm wrong).
>>
>> I don't know the codebase, but do they share libraries/parser code?
> 
> It could be, if you find any libcore or libbase reference in
> the stack trace then yes.

Could you provide me with a Gnash-based program that reads from stdin or
command line and ideally doesn't require Xorg?

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]