gnash-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnash-dev] Has gnash been fuzzed?

From: Jacek Wielemborek
Subject: Re: [Gnash-dev] Has gnash been fuzzed?
Date: Fri, 20 Nov 2015 10:00:36 +0100 
W dniu 20.11.2015 o 09:57, Sandro Santilli pisze:
> On Fri, Nov 20, 2015 at 09:52:24AM +0100, Jacek Wielemborek wrote:
> 
>> The thing is that the fuzzing process takes hours to complete, so I'm
>> not sure if it's something that should be part of standard test case.
> 
> It could be something which is NOT run by "make check" but by
> something like "make fuzz".
> 
>> Also, there's the external dependency of AFL and the need to use afl-gcc
>> compiler wrapper, which is why I abstracted it all to a Docker image.
> 
> We have a very capable ./configure script for that, which could
> RECOMMEND installing the dependencies in order to be able to run
> the whole testsuite (you should have seen those recommendations
> if building yourself, for things like Ming or swfdec testsuite..)

I'm afraid that I don't have time to do that now, but I can provide
hints if anyone else wants to. You should:

1. recompile gnash with CC=afl-gcc
2. create a directory with the input file inside
3. run afl-fuzz -i input_directory -o desired_out_directory -m none --
gnash -r 2 -

In the meantime, I invite everyone to run my Docker container, find
crashes and analyze them. You're guaranteed to find something.

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]