Cap'n Proto security advisory due to compiler optimization affecting 32-bit builds, seemingly only with Apple's compiler: https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2017-04-17-0-apple-clang-elides-bounds-check.md
6 plus ones
Shared publicly•View activity
- ...And now the weekend code quiz has context. Fuzzing ftw.34w
- I don't know what fuzzing is in this context. It seems I ought to learn. I almost got the coding quiz question right though. Almost. grin34w
- - Generally, it means running code on random inputs in order to find paths that crash.
In this case, the fuzz test is a hand-written unit test that tries flipping bits on a pointer in a Cap'n Proto message and then reading the pointer.
Another, more-general approach is to use American Fuzzy Lop, which instruments your code to determine what branches are being exercised and then uses a genetic algorithm to try to find inputs exercising every possible path. But you generally have to leave it running for days, whereas my hand-written narrow-purpose fuzz test takes about 30 seconds.34w
- Your definition is the one I would expect. The American Fuzzy Lop thing is an odd idea. It sounds like a breed of rabbit (which, apparently it is). Since it's a genetic algorithm, I suppose the test cases do do a lot of simulated reproduction (which is a nicely ambiguous term in this context too). I wonder if the multi-level punniness is intentional.34w
- AFL may be an odd idea but boy does it work.34w
- - Reading the Wikipedia page, it certainly looks like it would. I want to try it on stuff I've written now. :-)34w
Add a comment...