ATF-devel archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Fuzzing
On 06/14/2011 04:08 AM, Jukka Ruohonen wrote:
>
> I don't think something like this requires a profound design document.
> A lot has been however written about fuzzing in the literature. Basically
> you just feed random garbage as input to applications, system calls, library
> routines, etc. A great deal of security bugs is (still today) found by this
> way.
In my view of ATF, I really wouldn't expect that a fuzzer lie in it...
On the contrary, I would just expect that the framework allow me to
select the fuzzer that I like and only help me to plug it easily on my
test suites and feed them with random data if I want to.
Remember the "Small is beautiful" mojo... ATF wants to be a test
framework and only a test framework (no more).
Thus, everything generating inputs to feed the tests may be considered
as external (fuzzers included), in my humble opinion.
Regards
--
Emmanuel Fleury
You can present the material, but you can't make me care.
-- Calvin & Hobbes (Bill Waterson)
Home |
Main Index |
Thread Index |
Old Index