jonathanmetzman

icon company Google icon location Security engineer working on open source and Chrome security

Results 243 issues of jonathanmetzman

Use bugs to measure fuzzer performance

25 comment

My view of fuzzers is that "better" fuzzers can find more exploitable bugs than worse fuzzers. While coverage is a decent, easy-to-use, proxy for this, we should look into using...

core feature
priority

Remove stutter in benchmark names

1 comment

Speed up report generation by doing it in parallel.

Fail on failed checkout

19 comment

Stack-buffer-overflow in AffixMgr::compound_check_morph

2 comment

This was found using this fuzz target: ```c++ #include #include #include extern "C" { #include } extern "C" int LLVMFuzzerTestOneInput(const char *data, size_t size) { if (size < 1) return...

"Is reached" is ambiguous and hard to understand

1 comment

Using "is reached" to mean "is statically reachable" is confusing. Maybe say "is statically reachable" or "is reachable"

Dont use map on a zero length list

Fixes: https://github.com/google/clusterfuzz/issues/3965 Doing so caused this error: `ChildProcessError: [Errno 10] No child processes` Vitor discovered this issue.

Dont schedule impact task outside of chrome

Fixes: #3964

Fix issues with zero size thread pools.

1 comment

Ensure that impact tasks aren't run on non-chrome projects

They are currently being run on the proprietary google code clusterfuzz. I think schedule_impact_tasks is responsible.