-
the 'people' here is just
#ossfuzz bots continuously torturing GDAL and the like :-) -
Thanks to
@PaulDreik {fmt} now has a shiny new oss-fuzz badge and the first short-lived regression found by fuzzer has been fixed!#fuzzing#ossfuzz pic.twitter.com/v4oGQkBCfu
-
-
@kurtschwehr Discovering from Bas email that someone has taken care of registering a CVE at least for one of the GDAL#ossfuzz issues: https://nvd.nist.gov/vuln/detail/CVE-2019-17545 … . Why this one and not others is a mystery :-) -
"RT RT fivancic: I am really proud of my team for receiving a best paper award at
#esecfse19! Check it out at https://ai.google/research/pubs/pub48314 …. We synthesize drivers that find security and reliability issues using fuzzing. Many run in#ossfuzz - supported w… pic.twitter.com/6WyWLoUNHx"
-
I am really proud of my team for receiving a best paper award at
#esecfse19! Check it out at https://ai.google/research/pubs/pub48314 …. We synthesize drivers that find security and reliability issues using fuzzing. Many run in#ossfuzz - supported with integration rewards https://security.googleblog.com/2018/11/a-new-chapter-for-oss-fuzz.html …pic.twitter.com/eQpF6rlCTz
-
Ok, first fix of a fuzzer bug is: https://github.com/google/effcee/pull/32 … When parsing the checks string, there are cases where a string intended as a regexp isn't a valid RE2 regexp. The fix is to check those cases and fail early. Prevents a heap-buffer-overflow later on
#ossfuzzPrikaži ovu nit -
Forward to today, Effcee is stable. The news is the OSS-Fuzz team started fuzzing it. https://github.com/google/effcee/issues/29 … 100% cool with me. They've found some bugs in Effcee, so I'm going to start fixing them.
#ossfuzzPrikaži ovu nit -
Ok, rewind to early 2017. My team was going to write a SPIR-V backend to DXC, lovingly called Spiregg https://github.com/microsoft/DirectXShaderCompiler/blob/master/docs/SPIR-V.rst …. Question was: how were we going to test it?
#ossfuzzPrikaži ovu nit -
#ossfuzz is now fuzzing GDAL on i386 and has already found a few 32-bit specific (or generic but easier to spot) bugs -
Who analyses an OSS project’s security over time? Check out these 4
#OpenSecurity project examples that are raising the OSS bar -#ossfuzz@github#internetbugbountyhttps://hubs.ly/H0k63jM0 -
Fuzz Driver Generation at Scale! Check out the preprint of our
@FSEconf paper at: https://ai.google/research/pubs/pub48314 … work w/ D. Babic,@sbucur, Y. Chen,@fivancic, T. King, M. Kusano,@cestlemieux, W. Wang. See you at@FSEconf in August!#esecfse#google#fuzzing#ossfuzz -
oss-fuzz integration has been merged into {fmt}: https://github.com/fmtlib/fmt/pull/1199 … Thanks to
@PaulDreik!#ossfuzz#fmtlib -
Who analyses an OSS project’s security over time? Check out these 4 open security examples that are raising the bar -
#ossfuzz@github#internetbugbounty https://hubs.ly/H0jt4CY0 -
Sharing
#ossfuzz bounty with@unicorn_engine... Help would now be appreciated for merging it with latest#qemu -
{fmt} support has been added to oss-fuzz, a continuous fuzzing system for open-source software. Thanks
@PaulDreik who has done all the work to make this happen! https://github.com/google/oss-fuzz/pull/2381 …#fmtlib#ossfuzz#fuzzing -
During the past
@Doyensec research week,@nJoyneer ported OpenSSL#ossfuzz integration to@LibreSSL. Fuzz all the things!https://twitter.com/nJoyneer/status/1082585884417974272 … -
Google'ın open source yazılımları daha güvenli hale getirmek için başlattığı projesi ve Fuzzer uygulaması
#OSSFuzz https://github.com/google/oss-fuzz -
Google’s automated fuzz bot has found over 9,000 bugs in the past two years
#ITProsManagement#Google#fuzzbot#bugs#ossfuzz#vulnerabilities#software#data#analyze#app#download#cloudbaseservices#security#engineers#technology#techhttp://ow.ly/j5gG30mxhsI
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.