new blog post: Write Fuzzable Code https://blog.regehr.org/archives/1687 in which I express a lack of sympathy for anti-fuzzing measures
-
-
Avoiding checksums seems counter-productive. If your code naturally/consistently rejects invalid input, then random attackers aren't going to get in anyway. If you want to fuzz, then you have to generate valid inputs. If you can't get total coverage that way, so be it.
-
That means those unreached paths can never be exploited anyway.
- Još 2 druga odgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.