Fuzzing patch

Wouter Wijngaards wouter at nlnetlabs.nl
Mon Jan 7 15:07:50 UTC 2019


Hi Jacob,

On 1/4/19 2:15 AM, Jacob Hoffman-Andrews via Unbound-users wrote:
> I wrote a patch (attached) for a standalone program that takes a packet
> on stdin and passes it to parse_packet, for the purpose of fuzzing.
> Please let me know if I have approximately the right approach.

Thank you for the patch, I put it in the contrib/ directory in the
source tree.  Where people can apply it to compile the unbound-fuzzme
program for fuzzing.  But it is not included in the main codeline, since
most distros do not need to ship it to normal users.

I am fine with you testing the code and appreciate the reports that come
out of that.

Best regards, Wouter

> 
> I've been running this with afl-fuzz (http://lcamtuf.coredump.cx/afl/)
> for a few days on a single CPU; so far no crashes.
> 
> With permission of the maintainers I'd like to submit this to OSS-Fuzz
> (https://github.com/google/oss-fuzz), which provides free, continuous
> fuzzing for open source projects. What do you think?
> 
> Thanks,
> Jacob

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20190107/7ff40d43/attachment.bin>


More information about the Unbound-users mailing list