Date: Thu, 18 Dec 2014 15:21:53 -0500 From: Allan Jude <allanjude@freebsd.org> To: freebsd-current@freebsd.org Subject: Re: Call for testing: elftoolchain tools Message-ID: <54933761.7040209@freebsd.org> In-Reply-To: <CAPyFy2D01sEJkLwxNtbnVpa=fLHzg1d_LFPzACnaEUc4Gq7zuA@mail.gmail.com> References: <5493066F.7080100@FreeBSD.org> <CAPyFy2D01sEJkLwxNtbnVpa=fLHzg1d_LFPzACnaEUc4Gq7zuA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --2vWQEeqOoQF011GvsevMg4hrVPHH75L5U Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 2014-12-18 15:02, Ed Maste wrote: > On 18 December 2014 at 11:53, Pedro Giffuni <pfg@freebsd.org> wrote: >> test the tools with a fuzzer like security/afl >=20 > Yes, a very good idea, especially for strings(1) given the way it is > often used. I've already found a strings crash with afl. > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.o= rg" >=20 I cam across this not that long ago: http://lcamtuf.blogspot.ca/2014/10/psa-dont-run-strings-on-untrusted-file= s.html Our strings didn't crash with his proof of concept, but there may be other similar bugs --=20 Allan Jude --2vWQEeqOoQF011GvsevMg4hrVPHH75L5U Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBAgAGBQJUkzdkAAoJEJrBFpNRJZKfYosQAIJghKwTxrZcOVyczVZgEq3X fioLJSqk/Xtd14IIIsOH47BDIroh/ZgwMIHon/agllxSe0s4UPxdKhuoA9e6siOc L5QirZvyfJ1Sx23UQ4kpcbE0du0JToi+NTBpzzisz+y8N698cJhCPRLJbJClPWtg wc4ht7CTXh180AaEuwwsd0rdgqdElYsur74fXalZG3Q42ZRe6/OExRG1MnBsxJCt G30DG+qsTNLkFTBoJ5OjwMLZo4vJiW0w8cBw+VLAfD+fR2aQKnn42UtyCxtYk1AW tGfwprYgAR0HtLO89eZRrrK2JIBAKZDJlZU7HYJtCx4HzbWX0UJ3UCUpStBHDBpi EBRJbMmTRvvUstfsuzg3c7cl1DKm43rlMbZ1Ccm0zbmsRIu0TGIUfPPc48cSfrl3 M39YoJlQu0rHR1WftPz/uk4hBA0kkCcP/pyKCCXsfDdJc8vSzyvCRBKJiw9qUApF ueh32SviRtw9t2yZGVnKPAK/H3zeOqdm5Fm9xPnccTO0BGnbz1FjG9maAOJi4f7X ma+GznMleYNS9DQFQfA6mVXNLvP0vUmbFS4jIsHIFq84sBAvw8GpozJnhE2dLznC 6Smmo5t/l1NDCSAewtV2XKLXGoD0EjgEQsFmCGHOOsX5VpFWBu8KoCkVUdzeUnpm 0IfLPnMmDo8sWjEtWP8r =GJek -----END PGP SIGNATURE----- --2vWQEeqOoQF011GvsevMg4hrVPHH75L5U--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54933761.7040209>