It is surprisingly easy to find memory access violation bugs in all kinds of common Linux tools via very simple fuzzing. The Fuzzing Project is trying to fix that by systematically fuzzing applications and providing helpful pointers for developers to fuzz their own code.
Fuzzing is an easy strategy to find bugs in software. It works by creating a large number of malformed inputs and see what happens. Crashes usually point to bugs in the memory handling of an application which can often be a sign of potential security bugs.
Lately a large number of bugs and security issues have been found with fuzzing, many of them in basic and important tools like less, strings, unzip, gnupg, bash and many more. This highlights a pretty dismal state of the security of many key free software projects.
The talk will give a short introduction to fuzzing with tools like zzuf, american fuzzy lop and Address Sanitizer.
Speakers: Hanno Böck