On 2014-12-18 15:02, Ed Maste wrote: > On 18 December 2014 at 11:53, Pedro Giffuni <pfg_at_freebsd.org> wrote: >> test the tools with a fuzzer like security/afl > > Yes, a very good idea, especially for strings(1) given the way it is > often used. I've already found a strings crash with afl. > _______________________________________________ > freebsd-current_at_freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe_at_freebsd.org" > I cam across this not that long ago: http://lcamtuf.blogspot.ca/2014/10/psa-dont-run-strings-on-untrusted-files.html Our strings didn't crash with his proof of concept, but there may be other similar bugs -- Allan Jude
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:54 UTC