This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: vulnerabilities in libbfd (CVE-2014-beats-me)


> Yep, quite a few.  Melkor is nice in that it doesn't fuzz fully
> randomly, but when it tweaks a value, it also tweaks other dependent
> values, so simple sanity checking doesn't tend to catch those.

In general, it doesn't really cost much to run multiple fuzzers, so
it's probably good to try a bunch. Syntax-aware fuzzers have their
benefits (as you mention), but also drawbacks (they are constrained by
the assumptions made by whoever coded it up about the features the
fuzzed code actually supports, and the value of fuzzing various
fields). "Dumb" fuzzers are the opposite.

(Afl is actually somewhere in between - it uses compile-time
instrumentation to figure out what / how to fuzz - so it shares some
of the benefits and drawbacks of both).

/mz


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]