On 10/05/2011 06:41 PM, Caolán McNamara wrote:
caolanm->huzaifas: any advice ?
Nice to see the work you have been doing here!
To share some opinion about the my work which lead me to the discovery
of CVE-2011-2713.
1. There is no right or wrong approach here. A good approach would be
the one which covers all the possible code paths or maximum possible
ones in this case.
2. Ideally Peachfuzz or any other intelligent fuzzers (ones available
freely or custom ones) would be the best way to find flaws. But i will
have to agree with you, the specs are too big in this case and the time
taken to translate them into a fuzzer format is formidable.
3. I was pointed at [1] by Caolan. How do you run these files through
libreoffice after generating these test cases?. zzuf could actually
create the test cases, run libreoffice, destroy them and cycle through
this process as many times as you want. Saving on hard disk space? :)
--
Huzaifa Sidhpurwala / Red Hat Security Response Team
Context
Privacy Policy |
Impressum (Legal Info) |
Copyright information: Unless otherwise specified, all text and images
on this website are licensed under the
Creative Commons Attribution-Share Alike 3.0 License.
This does not include the source code of LibreOffice, which is
licensed under the Mozilla Public License (
MPLv2).
"LibreOffice" and "The Document Foundation" are
registered trademarks of their corresponding registered owners or are
in actual use as trademarks in one or more countries. Their respective
logos and icons are also subject to international copyright laws. Use
thereof is explained in our
trademark policy.