Boost multiprecision differential fuzzer running on Google's oss-fuzz
Dear list, I built a bignum differential fuzzer [1] that has been running on Google's oss-fuzz service [2] for a while. It performs the same mathematical operations (addition, subtraction, multiplication, modular exponentation, etc) across multiple bignum libraries (eg. OpenSSL + Boost multiprecision), compares their results and crashes if they don't match. This effort has so far found a couple of (minor) bugs in OpenSSL and Go. As soon as a mismatch is found, oss-fuzz will send a notification e-mail to the developers of the various bignum libraries so the bug can be examined and resolved. At which e-mail address(es) do the developers of Boost wish to receive these notifications? Please bear in mind that the notifications will contain potentially security-sensitive information so the recipient may not be a public mailing list. Currently, a potential bug is found only every couple of weeks, so recipients do not have to worry about a lot of incoming traffic. If you wish to write comments to the fuzzer's private bug tracker, the e-mail you specify must be linked to a Google account. To all others who are reading this, please feel welcome to submit pull requests to the Boost multiprecision module of my fuzzer [3] if these modifications increase the scope (code coverage) and probability of finding bugs. Thanks, Guido [1] https://github.com/guidovranken/bignum-fuzzer [2] https://github.com/google/oss-fuzz [3] https://github.com/guidovranken/bignum-fuzzer/tree/master/modules/cpp_boost
On 25/05/2018 16:55, Guido Vranken via Boost wrote:
Dear list,
I built a bignum differential fuzzer [1] that has been running on Google's oss-fuzz service [2] for a while. It performs the same mathematical operations (addition, subtraction, multiplication, modular exponentation, etc) across multiple bignum libraries (eg. OpenSSL + Boost multiprecision), compares their results and crashes if they don't match. This effort has so far found a couple of (minor) bugs in OpenSSL and Go.
As soon as a mismatch is found, oss-fuzz will send a notification e-mail to the developers of the various bignum libraries so the bug can be examined and resolved. At which e-mail address(es) do the developers of Boost wish to receive these notifications?
You can send those to me at jz.maddock@gmail.com
Please bear in mind that the notifications will contain potentially security-sensitive information so the recipient may not be a public mailing list. Currently, a potential bug is found only every couple of weeks, so recipients do not have to worry about a lot of incoming traffic. If you wish to write comments to the fuzzer's private bug tracker, the e-mail you specify must be linked to a Google account.
To all others who are reading this, please feel welcome to submit pull requests to the Boost multiprecision module of my fuzzer [3] if these modifications increase the scope (code coverage) and probability of finding bugs.
Thanks,
Guido
[1] https://github.com/guidovranken/bignum-fuzzer [2] https://github.com/google/oss-fuzz [3] https://github.com/guidovranken/bignum-fuzzer/tree/master/modules/cpp_boost
_______________________________________________ Unsubscribe & other changes: http://lists.boost.org/mailman/listinfo.cgi/boost
--- This email has been checked for viruses by AVG. https://www.avg.com
participants (2)
-
Guido Vranken -
John Maddock