20 May
2024
20 May
'24
3:20 p.m.
Hi Arnold,
This is the first time I've heard of making life difficult for fuzzers
so I'm curious...
I'm assuming you agree the eventual core dump was a bug somewhere to be
fixed, and probably was. Stopping on the first error lessens the
‘attack surface’ for the fuzzer. Do you think there remains a bug which
would bite a user which the fuzzer might have found more easily before
the shrunken surface?
--
Cheers, Ralph.
in order to
maximize the amount of input that could be parsed before
giving up.
Gawk used to do this, until people started fuzzing it, causing
cascading errors and eventually core dumps. Now the first syntax
error is fatal.