I am sure that the Linux kernel itself has been fuzzed to discover unreported bugs and possible vulnerabilities.
Announcement
Collapse
No announcement yet.
Fuzzing Mesa Drivers Begin To Uncover Bugs
Collapse
X
-
Originally posted by bug77 View PostI thought Nvidia was supposed to be careless about validations. Yet going by this guy's findings, there's not much difference between Nvidia and AMD. Go figure...
In other news, great tool, it's nice to see bugs reported (and some already fixed) because of it.
Comment
-
Originally posted by tinko View Post
Sounds like a lot of work. Maybe we should start to use programing languages/subsets of languages/tools/techniques that allow us to have stronger safety guarantees at least for the parts of our software that parse random files from the internet.
Comment
-
Originally posted by TheBlackCat View Post
Right, of course, because running new tests on existing code is much more work than completely rewriting the entire code base from scratch in an entirely new language. /sarcasm.
But re-implementing at least certain critical parts in existing projects is an option as well. "Fuzzing" is a very clever approach, because it allows to cover a certain space of input data in an automated fashion, but "fuzzing" has limitations as well. There is a reason for the fact that pseudocode is a lot easier to prove correct than C code.
Comment
Comment