hey @halvarflake is there an official source for your "crackaddr"-like bug challenge? where was it posted originally?
-
-
Replying to @hanno
Good question. I emailed it around to a variety of people originally, and then posted it *somewhere*, but I don't actually recall?
1 reply 0 retweets 0 likes -
-
Replying to @hanno @halvarflake
I only found copies in some google drive. Do you have the originals? Could you re-post them to something with a stable archive (e.g. FD)
1 reply 0 retweets 0 likes -
Replying to @hanno @halvarflake
also fyi: could find the bug with afl+asan, but not with libfuzzer+asan
2 replies 0 retweets 0 likes -
Replying to @hanno
Sending requests to individuals I emailed the original file to. AFL finding it is well-known, and a tad surprising. What happens if you
1 reply 0 retweets 0 likes -
Replying to @halvarflake @hanno
increase the size? Link to the google drive?
1 reply 0 retweets 0 likes -
Replying to @halvarflake2 replies 0 retweets 0 likes
-
Replying to @hanno
So this is actually my original file :-) thanks for finding it ! :-) https://drive.google.com/file/d/0B5hBKwgSgYFaQlRkLWVnYVBKZGc …
1 reply 0 retweets 3 likes -
Replying to @halvarflake @hanno
Ok. It's one file, the vuln & not vuln versions just different in the comment. AFL's path exploration finds it, static analyzers fail mostly
2 replies 1 retweet 0 likes
The part of our CRS that "gets it" is the mixer fuzzer. We produce 2*100 variants of every pair of inputs in our minset, eg.:pic.twitter.com/Cb9yPWKL4Y
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.