Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 22 Jun 2015 01:24:17 +0300
From: Alexander Cherepanov <>
Subject: Re: Fuzzing Report on hashes

On 2015-06-18 03:49, Kai Zhao wrote:
>> Why the speed is so low? Due to the choice of hashes to start with or
>> there are other reasons? Which hashes did you start with?
>> There is no --format option in this command line. I don't see much sense
>> in fuzzing without fixing a format but I'm not sure how much it can slow
>> things down. Fuzzing distinct formats separately gives you an opportunity
>> to parallelize the process easily.
> Slow is because I fuzz the all 220 formats(no OpenCL and no CUDA) at
> the same time, namely there are 220 formats in the input_cases folder.
> And that's why no --format option in this command line.
> Should I fuzz each formats separately ? There are so many formats.

An easy option is to try to start with one bogus hash, say, just one 
zero digit.

If it gives you 20x speed-up then yes, to should fuzz each format 
separately. You can try to fuzz them in parallel. I'm not sure how afl 
will behave in this case but it's possible that it will work just fine. 
Another way is to run formats one after another stopping afl after a 

>> Anyway I don't think we should fuzz with asan unless we get a hint that
>> it's worth it. One of nice things about afl is that it generates a good corpus
>> of samples. Hence, generate a corpus without asan, then run it with asan
>> and/or under valgrind.
>> And we should save the generated corpus.
> Fuzz with asan is slow but we have found many bugs with asan.
> What's the corpus? Are they the files in "out/crashes/" ?

No, our/queue/ .

Alexander Cherepanov

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.