On Mon, Aug 18, 2014 at 4:31 PM, Guy Harris <guy@xxxxxxxxxxxx> wrote:
>
> On Aug 18, 2014, at 12:46 PM, Evan Huus <eapache@xxxxxxxxx> wrote:
>
>> Guy, how are you finding these last four or five API abuses? Do you
>> have some sort of super-checkAPIs or are you just doing a lot of
>> manual code review?
>
> No, and not exactly.
>
> I have my regression script, which I was using to check whether I'd broken anything with the X11 changes; it runs two versions of tshark against a file, and compares the results. It runs against a big collection of captures, including the menagerie used for fuzz testing.
>
> It *also* captures the standard error of tshark in both cases, and reports it regardless of whether it's different or not, so it catches dissector bug messages.
Hmm - should the fuzz script raise an error when it detects anything
on stderr? We'd probably catch a lot of things that way.
> I then do the code review on the dissectors that are issuing bug messages.
> ___________________________________________________________________________
> Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe