Ethereal-dev: Re: [Ethereal-dev] Fuzz-testers needed

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Thomas Anders <thomas.anders@xxxxxxxxxxxxx>
Date: Mon, 18 Apr 2005 15:45:37 +0200
Gerald Combs wrote:

If you have a collection of capture files and you haven't tried the
script yet, could you? 

Here are my initial minor remarks on tools/fuzz-test.sh:
1) it IMHO shouldn't require the current working directory to be Ethereal's bin/ directory (it currently starts capinfos/editcap/tethereal as ./capinfos etc.) 2) it should pass editcap errors directly to the user instead of only saying "Invalid format for editcap" on *any* editcap error 3) it should be documented that a recent editcap with "-E" support is required for fuzz-test.sh to work (if item 2 is done, the editcap error gives a hint at least) 
4) there should be more guidance how to best report those fuzz bugs
Other than those nits, this testing looks quite useful and I encourage everyone to turn its box into a fuzzbot ;-) 


I have a feeling that there are a ton of bugs
out there just waiting to be found.


Agreed. I ran into a SEGV on the 4th capture file in pass 1. :-(


+Thomas

--
Thomas Anders (thomas.anders at blue-cable.de)