One of the two issues was interestingly found using Clang fuzzing capabilities. ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

jbaviat on May 3, 2016 | parent | context | favorite | on: OpenSSL Security Advisory

One of the two issues was interestingly found using Clang fuzzing capabilities. This is in-process fuzzing, that Clang libFuzzer makes quite easy:

http://blog.llvm.org/2015/04/fuzz-all-clangs.html

http://llvm.org/docs/LibFuzzer.html

ashitlerferad on May 3, 2016 [–]

Another fuzzer, quite amazing one actually (it managed to create PNG/JPEG images from fuzzing).

http://lcamtuf.coredump.cx/afl/

jbaviat on May 3, 2016 | [–]

The (truly amazing) lcamtuf blog post you are referring to is this one:

http://lcamtuf.blogspot.fr/2014/11/pulling-jpegs-out-of-thin...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact