Markus Zimmermann

Functions can often reduce clutter, typos copy&paste behavior in format files e.g. XML-styled formats: ``` START = "" (1 | 2 | 3) "" ``` could be reduced to (syntax...

Plan and implement the groundwork for feedback-driven fuzzing -> transition into completely stateful fuzzing. This would allow fuzzing strategies to be more intelligent by using feedback of e.g. coverage tools.

Unrolling is currently in place to work around the complexity of real loops in the token graph. But this also means that recursive defined formats are not really recursive but...

This could be easily done by Tavor https://github.com/kevinburke/hamms

e.g. - https://github.com/dmajda/pegjs - https://github.com/JetBrains/Grammar-Kit

- Fuzz the Tavor format - Fuzz the binary

``` tavor A = "a" B B = "b" A START = A ``` This loop can never exit, what should happen here if we unroll?

Here is one way to do this http://conferences.idealliance.org/extreme/html/2004/Kepser01/EML2004Kepser01.html search for more ways to show. If the Tavor format is not turing complete, add additional issues to make it complete.

Remove "$" of expressions

2

The dollar sign for expressions is unnecessary because it is already explicitly defined using the curly braces.

The "not in" operator is currently marked as experimental. This issue should remove this mark and implement the following operators for every list token: - **in** filter the list for...