[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #26265 [Core Tor/Tor]: A proposal and demo for a fuzzing system that works with Rust through C code

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #26265 [Core Tor/Tor]: A proposal and demo for a fuzzing system that works with Rust through C code
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 11 Jun 2018 19:02:21 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 11 Jun 2018 15:02:34 -0400
In-reply-to: <046.2704b994a682e2c8500e1ab8c238c13b@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.2704b994a682e2c8500e1ab8c238c13b@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#26265: A proposal and demo for a fuzzing system that works with Rust through C
code
------------------------------+------------------------------------
 Reporter:  debily            |          Owner:  (none)
     Type:  enhancement       |         Status:  needs_revision
 Priority:  Low               |      Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor      |        Version:
 Severity:  Trivial           |     Resolution:
 Keywords:  fuzzing Rust afl  |  Actual Points:
Parent ID:  #25386            |         Points:
 Reviewer:  nickm             |        Sponsor:
------------------------------+------------------------------------
Changes (by nickm):

 * status:  needs_review => needs_revision


Comment:

 Setting as needs_revision per isis's comment above.  This is a decent
 example of Rust fuzzing, but what we need is a feature to run the C and
 the rust in parallel, and compare their outputs.  In many cases, the
 outputs will be strings, lists of strings, booleans, or some similar data
 structure, so the comparison shouldn't be too hard.  For us to get the
 benefit of trace-aware fuzzing, we really need both of the implementations
 to run in the same process.

 Additionally, it would be much more useful if this fuzzing could be done
 through the infrastructure currently in `src/test/fuzz` directory: That
 way, we could run this fuzzing not only with AFL, but also with llvm's
 libfuzzer, with google's OSS-Fuzz, and whatever else we wind up having in
 the future.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26265#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #26265 [Core Tor/Tor]: A demo for a fuzzing system that works for Rust through C code
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #25269 [Core Tor/Tor]: Set codegen-units to 1 in src/rust/Cargo.toml to eke out every last drop of performance
Next by Author: Re: [tor-bugs] #8494 [Core Tor/Tor]: Document MaxAdvertisedBandwidth in the bandwidth list spec
Previous by thread: Re: [tor-bugs] #26265 [Core Tor/Tor]: A proposal and demo for a fuzzing system that works with Rust through C code
Next by thread: [tor-bugs] #26266 [Applications/Tor Browser]: TOR BROWSER PRIVATE MODE == Useless, no cookies handled, BULLSHIT
Index(es):
- Author
- Thread