|
Message-ID: <20190625005341.GA26741@hunt>
Date: Mon, 24 Jun 2019 17:53:41 -0700
From: Seth Arnold <seth.arnold@...onical.com>
To: oss-security@...ts.openwall.com
Subject: Re: Thousands of vulnerabilities, almost no CVEs:
OSS-Fuzz
On Mon, Jun 24, 2019 at 07:15:20PM -0400, Alex Gaynor wrote:
> sounds very hard to me, at least without requiring more user involvement
> than ASAN requires right now. This seems like a very cool area for academic
> research though!
Have you tried the gdb exploitable plugin yet?
https://github.com/jfoote/exploitable
Some of the tools written around AFL have included support for running
exploitable directly on the fuzzer results and helping to prioritize,
roughly, in what order the specimens should be worked on:
https://gitlab.com/rc0r/afl-utils
with a direct link to a pretty screenshot:
https://gitlab.com/rc0r/afl-utils/raw/master/.scrots/afl_collect_sample.png
I assume like most such tools, this is another case of being a good start
but not nearly as reliable as a knowledgeable human. It's also probably
completely useless for issues that aren't memory-safety issues. But it's
something that exists today and may be helpful.
Thanks
Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.