ATF-devel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Fuzzing

On 06/14/2011 04:08 AM, Jukka Ruohonen wrote:
> I don't think something like this requires a profound design document.
> A lot has been however written about fuzzing in the literature. Basically
> you just feed random garbage as input to applications, system calls, library
> routines, etc. A great deal of security bugs is (still today) found by this
> way.

In my view of ATF, I really wouldn't expect that a fuzzer lie in it...

On the contrary, I would just expect that the framework allow me to
select the fuzzer that I like and only help me to plug it easily on my
test suites and feed them with random data if I want to.

Remember the "Small is beautiful" mojo... ATF wants to be a test
framework and only a test framework (no more).

Thus, everything generating inputs to feed the tests may be considered
as external (fuzzers included), in my humble opinion.

Emmanuel Fleury

You can present the material, but you can't make me care.
  -- Calvin & Hobbes (Bill Waterson)

Home | Main Index | Thread Index | Old Index