Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 1 Jul 2015 08:14:13 +0200
From: Frank Dittrich <frank.dittrich@...lbox.org>
To: john-dev@...ts.openwall.com
Subject: Re: more robustness

On 07/01/2015 04:04 AM, Kai Zhao wrote:
> Frank Dittrich wrote:
>> Is there an easy way to reproduce this problem for a bleeding-jumbo
>> version without the --fuzz option?
> 
> Sorry I did not consider the reproduce. I think I should do something
> for others to reproduce the bugs.

I'm not sure whether it is required, and I'm not your mentor.
But it would be good if the problem could be reproduced without
--fuzz.You could try to afl-fuzz the formats which had bugs, but with
ASan builds that may be difficult.

> Currently, when I found bugs, I will output all the mutated hashes of the
> format and try to reproduce. It's a bad way.

I don't even know how to produce all these hashes.

Frank

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ