crashers found by `go-fuzz`

Question

crashers found by `go-fuzz`

dgryski opened this issue 9 years ago · 7 comments

I ran https://github.com/dvyukov/go-fuzz for 20 minutes on my laptop, using the two test cases as seeds. I found two crashers. I've put them here. https://gist.github.com/671299f5b190c5229ca7

The fixes should probably be merged into the pending CL https://go-review.googlesource.com/#/c/11986/ . We should also check if this bug affects github.com/cloudflare/cfssl/ , which includes a copy of this code.

We could probably use a bit more fuzzing on a bigger computer for a longer period of time.

Answer 1 · 2015-07-27T07:49:02.000Z

Just realized I needed to add the fuzzing framework too. I've pushed that to the gist too as fuzz.go.

Answer 2 · 2015-07-27T18:40:43.000Z

@dgryski Paul the repo owner is currently on vacation and will be back on Aug 24. I guess until he comes back we cannot update the CL. Just giving heads up. 😄

Answer 3 · 2015-07-27T18:59:07.000Z

I will have some time Thurs or Fri to look at this.

Answer 4 · 2015-10-02T10:35:30.000Z

The patches from @agl in https://go-review.googlesource.com/#/c/11986/ look like they fix these.

Answer 5 · 2015-10-02T20:11:57.000Z

Yes, he cleaned it up quite a bit. :-) Thanks for commenting on that review. I'll leave this issue open, but I propose we don't fix it unless the crypto PR doesn't make the cut eventually.

Answer 6 · 2015-10-04T17:51:59.000Z

I've confirmed that the current version of the code on Gerritt doesn't crash for these inputs and I'm going to leave go-fuzz running for a little while so see if it finds anything more here.

Answer 7 · 2015-10-08T00:15:40.000Z

Awesome. I'll close the issue here.