[llvm-dev] Fuzzing complex programs
Greg Stark via llvm-dev
llvm-dev at lists.llvm.org
Sun Aug 30 13:09:14 PDT 2015
On 30 Aug 2015 20:04, "Kostya Serebryany" <kcc at google.com> wrote:
>
>
> In my (biased) opinion libFuzzer is particularly well suited for this task
> (fuzzing individual libraries, as opposed to fuzzing the whole postgress).
> I've played with a dozen of regular expression libs and found bugs in all
of them
> (e.g. search for "Fuzzer" in
http://vcs.pcre.org/pcre2/code/trunk/ChangeLog?view=markup&pathrev=360)
>
>
>>>
>>> To do this effectively I think it would be best to invoke the fuzzer
>>> from inside Postgres.
>
>
> Never tied this.
> Can't you just link libFuzzer with a part of the code you want to test?
The problem I'm specifically trying to tackle is that the code in question
can use any of the internal postgres APIs and might have dependencies on
anything in the environment.
Even the simplest cases like the date/tone parser will depends on the
timezone library which is initialised at startup, the server session state
which specifies the current timezone and default date format, etc.
The more interesting cases like arrays and other compound objects will
depend on the internal caches of the database schema which is where it
finds things like meta information about the data types stored within.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20150830/87001b01/attachment.html>
More information about the llvm-dev
mailing list