Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 20 Mar 2015 17:06:18 -0700
From: Konstantin Serebryany <>
To: Konstantin Serebryany <>,
Subject: Re: buffer overflow in regcomp and a way to find more of those

On Fri, Mar 20, 2015 at 4:52 PM, Szabolcs Nagy <> wrote:
> * Konstantin Serebryany <> [2015-03-20 13:17:47 -0700]:
>> Following the discussion at the glibc mailing list
>> (
>> I've tried to fuzz musl regcomp and the first bug popped up quickly.
>> Please let me know if you would be interested in adding the fuzzer
>> (
>> to the musl testing process.
> (now with correct To: header)
> (1) the clean approach would be to have a way to build an
> instrumented libc and a separate set of test cases for
> various libc apis that the fuzzer could use.

Correct. Building libc.a is simple:
CC="clang -fsanitize=address -fsanitize-coverage=3 " ./configure && make -j
But then I don't know how to properly link libc.a to a test case.
How do you usually link tests with libc.a on x86_64 linux?

> (2) the other approach is to cut parts of the libc out
> (the parsers often don't depend on too much libc internals)
> and build them with whatever runtime the fuzzer needs

That's exactly what I did. Not optimal, I agree.

> the question is how hard it is to do (1) ?
> i assume asan is non-trivial to set up for that (or is it
> enough to replace malloc calls? and some startup logic?)

asan replaces malloc and a few more libc functions.
It works with various different libcs, so there is a good chance that
it will work here with no or minimal changes.

> at first it is ok if the fuzzer only catches crashing bugs
> so if that's easy to do i'd go for that.
> for (1) i can write the test cases and adjust the musl build
> system, but i dont know how much difficulty should i expect
> thanks

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.