[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v3 02/16] fuzz: Add general virtual-device fuzzer
|
From: |
Paolo Bonzini |
|
Subject: |
Re: [PATCH v3 02/16] fuzz: Add general virtual-device fuzzer |
|
Date: |
Thu, 8 Oct 2020 09:03:21 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 |
On 21/09/20 16:34, Alexander Bulekov wrote:
>> Can you fuzz writing "FUZZ" in memory? Like:
>> OP_WRITE(0x100000, "UsingLibFUZZerString")?
> No.. Hopefully that's not a huge problem.
>
Instead of always looking for a separator, can you:
1) skip over it if you find it naturally at the end of a command (that
is, "FUZZ" is like a comment command)
2) actively search for it only if you stumble upon an unrecognized command?
In that case, if you have
AbcFUZZD0x100000UsingLibFUZZerFUZZ
The first and third instances would be ignored, while the second would
be part of the input. On the other hand if you have
bcFUZZD0x100000UsingLibFUZZerFUZZ
"b" is an invalid command and therefore you'd skip directly to "D".
Paolo