Fuzzing isn't really practical if all you do is just generate a totally random b... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Frizi on Dec 15, 2018 \| parent \| context \| favorite \| on: Remote code execution vulnerability in SQLite Fuzzing isn't really practical if all you do is just generate a totally random bit stream for input. There are many much more clever and robust strategies to hit as many edge cases as possible. Check AFL[1] for some details on generating smart random input files. You can also combine that with pretty advanced dynamic execution analysis to fuzz against unknown processor instruction sets, like in sandsifter[2]. [1]: http://lcamtuf.coredump.cx/afl/ [2]: https://github.com/xoreaxeaxeax/sandsifter

tptacek on Dec 15, 2018 [–]

On the contrary, for years, the most prolific fuzzers basically did just generate random bitstreams, and that technique will still find vulnerabilities in all the memory-unsafe software that hasn't been fished out by those same dumb fuzzers.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact