Wireshark-dev: Re: [Wireshark-dev] Fuzz testing with valgrind

From: Martin Mathieson <martin.r.mathieson@xxxxxxxxxxxxxx>
Date: Wed, 25 Jul 2012 19:03:24 -0400


On Wed, Jul 25, 2012 at 6:12 PM, Evan Huus <eapache@xxxxxxxxx> wrote:
I've been playing around in my head for a while now with the idea of
running fuzz tests under valgrind. I notice the fuzz-test script
already sets a bunch of environment variables for memory checking, so
I'm not sure if valgrind would really add anything.

How extensive are the memory checks turned on by the fuzz-test script?
Would valgrind be a useful addition, or would it be mostly redundant?

Thanks,
Evan

I'm not sure either, but out of the 3 problems reported by valgrind that I just fixed:
- 1 was writing outside of allocated data (which the canary checks may have picked up on)
- 2 were reading/displaying/branching-based-upon uninitialized data (which I don't expect other types of checks would spot)

Martin