Date: Sun, 5 Jul 2015 10:37:09 +0300 From: Solar Designer <solar@...nwall.com> To: john-dev@...ts.openwall.com Subject: Re: more robustness Hi Kai, On Sun, Jul 05, 2015 at 09:45:33AM +0800, Kai Zhao wrote: > > https://github.com/loverszhaokai/JohnTheRipper/tree/fuzz_option [...] > What do you think with this '--fuzz' ? Does it meat your idea ? So I just did: git clone https://github.com/loverszhaokai/JohnTheRipper -b fuzz_option fuzz_option git diff 970f01a068caf544e5f7843d23520e5d24934d75 which I think shows your entire work on this. This partially meets my idea. I'd have the fuzzing work from the test vectors, not an external file - although supporting this as an option would be fine. It isn't immediately clear to me from your code whether the external file is required or optional. The syntax here implies it's optional: + puts("--fuzz[=DICTFILE] fuzz formats' perpare(), valid() and split()"); BTW, you have a typo here: s/perpare/prepare/ And I'd test further format methods as well, perhaps those the loader would use. So don't proceed to crypt_all(), but do test everything leading up to it. Please don't add your new code to bench.[ch] and formats.[ch] - instead, please create new source files fuzz.[ch], with proper copyright and license statements. fuzz_option.pl is misattributed to me, just like some other revisions of that Perl script that you posted in here. While it is important to give credit where it's due, it's also important to avoid misattributing your changes to other people. We'll need to add proper copyright statements and a license statement to this file. Is the only remaining use for the Perl script to split the workload across multiple processes? If so, why does it accept a format name as an argument? I think the splitting only works by format, thus only when fuzzing multiple formats at once. The way it currently is, it makes no sense to me. > As Frank said, I think I also should add option '--dump' to reproduce > the bugs. --dump=[1,100] means dump from the 1 fuzzed case to the > 100 fuzzed case to file. --fuzz will save the fuzzed case ID to file, and > when bugs are found, we can get the last ID. Then, use > --dump=[ID-10, ID] to save the latest fuzzed cases to reproduce. If an option like this needs to be introduced, please call it "--fuzz-dump" rather than simply "--dump". Thanks, Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.