[Libreoffice] RFC: Idea for fuzz-testing filters
Huzaifa Sidhpurwala
huzaifas at redhat.com
Wed Oct 5 23:31:02 PDT 2011
On 10/05/2011 06:41 PM, Caolán McNamara wrote:
> caolanm->huzaifas: any advice ?
Nice to see the work you have been doing here!
To share some opinion about the my work which lead me to the discovery
of CVE-2011-2713.
1. There is no right or wrong approach here. A good approach would be
the one which covers all the possible code paths or maximum possible
ones in this case.
2. Ideally Peachfuzz or any other intelligent fuzzers (ones available
freely or custom ones) would be the best way to find flaws. But i will
have to agree with you, the specs are too big in this case and the time
taken to translate them into a fuzzer format is formidable.
3. I was pointed at [1] by Caolan. How do you run these files through
libreoffice after generating these test cases?. zzuf could actually
create the test cases, run libreoffice, destroy them and cycle through
this process as many times as you want. Saving on hard disk space? :)
--
Huzaifa Sidhpurwala / Red Hat Security Response Team
More information about the LibreOffice
mailing list