Our current fuzz tests are run using the fuzz-test.sh and run-randpkt.sh
scripts in the "tools" directory in the Wireshark sources. fuzz-test.sh
uses editcap to introduce errors in existing capture files and
run-randpkt.sh uses randpkt to create packets with random contents.
We've been able to find many bugs with each script but each approach is
naive and inefficient. Neither uses modern fuzzing techniques such as
code coverage analysis.
On 4/14/13 8:49 PM, Ninh Khong wrote:
> Dear Sirs,
>
> I am a CS student from Ho Chi Minh City University of Technology. I
> have learnt the information regarding the GSoC project ideas and am
> really exciting to know about Project Improved Fuzzing of Wireshark.
>
> While I am interested in applying and joining this, I might need your
> clarification on the below:
>
> 1. It is my intention to apply Smart Fuzzing to find bugs. Can you
> please suggest me any pointers/references specifically related to the
> smart fuzzing which you have used before to find vuln of Wireshark.
> 2. I am only going to do Smart Fuzzing Wireshark on the Linux OS. It
> has limitation but I think it is fine with the period of three months.
> Can you please advise whether the above is working?
>
> I would appreciate any reply from Gerald Comb at your earliest
> convenience.
>
> Many thanks
>
> Yours sincerely,
>
> --
> --
> Faculty of Computer Science '08
> University of Technology
> Cell Phone: 0977 475 249
> Mail: ninhkhongdang@xxxxxxxxx <mailto:ninhkhongdang@xxxxxxxxx>
> Y!M : thieugianhangheo_06
>
>
>
> ___________________________________________________________________________
> Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe