Date: Wed, 22 Nov 2017 17:42:53 +0100 From: Guido Vranken <guidovranken@...il.com> To: oss-security@...ts.openwall.com Subject: Re: Go programming language invalid modular exponentiation result (Exp() in math/big pkg) Peter, It is available: https://github.com/guidovranken/bignum-fuzzer It has a modular set-up, meaning individual bignum libraries can easily be added, removed, enabled or disabled. I'll write some documentation soon, but you can probably figure out the module layout from looking at the existing ones. Compiling your code must result in a static archive that can be linked to the other objects. If that really is not possible, you must come up with some sort of inter-process communication. Feel free to create a PR for your own module and I'll add it. Thanks Guido On Wed, Nov 22, 2017 at 9:13 AM, Peter Bex <peter@...e-magic.net> wrote: > On Wed, Nov 22, 2017 at 12:30:08AM +0100, Guido Vranken wrote: >> Dear list, >> >> I've written a bignum fuzzer that compares the results of mathematical >> operations (addtion, subtraction, multiplication, ...) across multiple >> bignum libraries. > > Hi there, > > Is this fuzzer freely available? I'd love to try it out on the bignum > support I added to the CHICKEN Scheme implementation for its upcoming > new major release (probably somewhere mid-2018). Being able to release > it with a bit higher confidence in its correctness would be nice, as this > is almost all brand new code. > > Cheers, > Peter Bex (CHICKEN core maintainer)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ