Search Linux Wireless

Re: [RFC PATCH] iw: add clang-based fuzzer for scan IEs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2/13/20 9:19 PM, Johannes Berg wrote:
FWIW, I applied most of your patches, though some I squashed since you
just introduced the bugs in a previous non-applied patch ... :)
;)
Regarding the fuzzing ... how long did you run this?
The first bugs were found nearly instantly, the last ones after several minutes (<= 20).
I adjusted this to afl-clang-fast (afl++, not the original) and it's not
finding much easily...

I guess making it realloc each element into a separate buffer so that
it's checking out-of-bounds for each element separately will help
somewhat, let's see...

johannes





[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Wireless Regulations]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux