proftpd icon indicating copy to clipboard operation
proftpd copied to clipboard
verified publisher icon proftpd

Add continuous fuzzing by way of OSS-fuzz

Open AdamKorcz opened this issue 4 years ago • 3 comments

What I Did

I have written a fuzzer for proftpd and set up continuous fuzzing through OSS-fuzz

What I Suggest

For those unfamiliar: Fuzzing is a way of testing software applications whereby pseudo-random data is passed to a target application with the goal of finding bugs and security issues.

I have taken the first steps in setting up continuous fuzzing of proftpd: https://github.com/google/oss-fuzz/pull/5173 From here on after it will be easy to add more fuzzers and have them run continuously. To complete the integration, at least one maintainers email is needed for bug reports.

Integrating with OSS-fuzz is free for critical open source projects. The service is offered with the implied expectation that bugs are fixed so that the resources spent on fuzzing proftpd go towards resolving bugs.

AdamKorcz avatar Mar 05 '21 18:03 AdamKorcz

Thanks! I know only a little about fuzzing, and will definitely be reading up more on this. Thanks for getting this started!

Castaglia avatar Mar 07 '21 01:03 Castaglia

@AdamKorcz You can use my gmail account as a maintainer contact: [email protected].

Castaglia avatar Apr 11 '21 14:04 Castaglia

For my future reference, this article is a good read:

  • https://securitylab.github.com/research/fuzzing-sockets-FTP/

It provides a sample input corpus as well:

  • https://github.com/antonio-morales/Fuzzing/tree/master/Input%20Corpus/FTP/ProFTPd

To help facilitate more fuzzing of ProFTPD (via the running server process, vs unit-test style fuzz tests, which are also useful), I may implement a --enable-devel=fuzzing build-time option, which would able all of the source code hacks/changes mentioned in this article.

Castaglia avatar Nov 24 '22 18:11 Castaglia