Hi, On Fri, Dec 02, 2016 at 08:48:29AM +0500, ???????? ?????????????? wrote: > https://opensource.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html
This is generally interesting, of course.
Fuzzing openvpn "as a whole" is quite complicated, though - we do check
our input very well, so the last time someone tried to fuzz TLS packets
to make openvpn "do bad things", all he got was "go away, you stink,
session destroyed" :-)
Anyway - so what's necessary to make this google fuzz testing work? Do
we instrument our code, or just tell them "hey, here's a useful piece
of software, go figure it out yourself"?
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025 [email protected]
signature.asc
Description: PGP signature
------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today.http://sdm.link/xeonphi
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
