This is the mail archive of the
elfutils-devel@sourceware.org
mailing list for the elfutils project.
Re: Fuzzing elfutils
- From: Mark Wielaard <mjw at redhat dot com>
- To: elfutils-devel at lists dot fedorahosted dot org
- Date: Mon, 08 Dec 2014 09:52:45 +0100
- Subject: Re: Fuzzing elfutils
On Mon, 2014-12-08 at 06:06 +0300, Alexander Cherepanov wrote:
> On 2014-12-05 11:58, Mark Wielaard wrote:
> > Yes, that is true. I have been using afl. And it is good to throw some
> > other fuzzers at it. The reason you are so successful is because till
> > now we concentrated on readelf and libelf. Clearly the other tools need
> > fuzzing too. And we do know debuginfo (-w), libdw, has some known
> > issues. One of which I just fixed in response to your testcases (see the
> > patch posted, I haven't pushed it yet, to see if there are any
> > comments).
>
> Ok, I've switched to mjw/pending branch. I hope it's the right branch to
> have all your latest fixes?
Yes. All patches on there have also been posted to the mailinglist for
discussion before applying to master. Note that the branch often gets
rebased once patches are merged (or rewritten) in master. So don't be
surprised if you get conflicts just git pulling. Best to delete your
local branch and fetch a new one periodically.
> > I hope to get to the other main libdw debug issue (leb128
> > parsing) soon. After that hopefully you will have a bit more of a
> > challenge :)
>
> Well, I've uploaded some more crashes for the current (i.e. mjw/pending)
> readelf. Some of them could be duplicates of the previous unfixed ones.
Thanks. I'll try to reproduce them soon. But without a general leb128
length check fix using eu-readelf -w might be somewhat unreliable (and
this also might impact -e/--exceptions).
Cheers,
Mark