fuzzgoat icon indicating copy to clipboard operation
fuzzgoat copied to clipboard

Published 20 hours ago verified publisher icon fuzzstati0n

More variety in vulnerabilities?

Open dobin opened this issue 7 years ago • 1 comments

It appears that the following vulnerabilities are currently implemented:

  • Use after free
  • Invalid free 2x
  • NULL pointer dereference

Are there any plans to implement other vulnerabilities, e.g.:

  • Integer wraparound / overflow / truncation
  • Stack based buffer overflow
  • Double free

and maybe even:

  • Invalid type conversion
  • Uncontrolled format string
  • Heap buffer overflow

(vulns from https://www.slideshare.net/PatriciaAas/secure-programming-practices-in-c-ndc-security-2018 slide 19)

dobin avatar Feb 07 '18 08:02 dobin

Yes - it would be great to add all of these. Pull requests are very welcome -

One issue is how to organize the bugs - maybe a different file for each bug and one file with all of the bugs. Some fuzzers (like libFuzzer) stop fuzzing in the event of a crash so it would be nice to have a .c file for each bug.

Another possibility is a separate branch for each bug - any thoughts on these options?

fuzzstati0n avatar Feb 09 '18 20:02 fuzzstati0n