Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Trac Trac
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Service Desk
    • Milestones
  • Monitor
    • Monitor
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value stream
  • Wiki
    • Wiki
  • Activity
  • Create a new issue
  • Issue Boards
Collapse sidebar
  • Legacy
  • TracTrac
  • Issues
  • #21439
Closed (moved) (moved)
Open
Issue created Feb 11, 2017 by Nick Mathewson@nickm🌻

Add a configure option to disable safety features that make fuzzing harder

We've got quite a few places in our code where we use redundant safety features to prevent bugs from turning into really serious bugs. But many of those safety features interfere with fuzzing, by covering up any underlying bugs that fuzzing would otherwise detect.

For example, I'm thinking of: * The 4-byte sentinel word at the end of each buffer chunk * Various places in our code where we NUL-terminate stuff that doesn't actually (we hope!) need to be NUL-terminated. * The entire "memarea" fragmentation-resistant allocation strategy. * Probably some other stuff too

But in addition to hardening our code a little, these features all make some classes of memory bug less likely to get noticed by the sanitizers.

Now, you might argue that there's no need to have a way to fuzz without those safety features, if they actually do provide safety. But on the other hand, they're meant to provide redundant safety, and if they are ever actually needed, that's a bug in our code that we ought to fix.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking