Fuzzing

To: atf-devel%NetBSD.org@localhost
Subject: Fuzzing
From: Jukka Ruohonen <jruohonen%iki.fi@localhost>
Date: Sat, 4 Jun 2011 10:13:14 +0300

Hi.

The so-called "fuzzing" has long been a standard practice in the domain of
security research. While pooka@ recently added some basic routines and some
skepticism has been expressed previously [1], would there be interest from
the ATF developer(s) to add a basic "atf-fuzz(3) API" and a "fuzzer binary"? 
When looking at some existing applications (e.g. [2]), writing such a
"fuzzer binary" does not seem that difficult.

My main interest would be to test common applications in /bin, /usr/bin,
/sbin, and /usr/sbin. That is, with a fuzzer, basic "black box" test coverage
can be quickly and effortlessly gained.

- Jukka.

[1] Though, IMO, unwarranted:

    http://mail-index.netbsd.org/tech-kern/2010/03/20/msg007791.html

[2] See http://code.google.com/p/bunny-the-fuzzer/wiki/BunnyDoc

Follow-Ups:
- Re: Fuzzing
  - From: Julio Merino

Prev by Date: Re: failure in NetBSD while running as root
Next by Date: Re: Fuzzing
Previous by Thread: failure in NetBSD while running as root
Next by Thread: Re: Fuzzing
Indexes:

Home | Main Index | Thread Index | Old Index