[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] afl-fuzz'ing wget?

From: Jacek Wielemborek
Subject: Re: [Bug-wget] afl-fuzz'ing wget?
Date: Sat, 15 Aug 2015 23:08:03 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.1.0

W dniu 15.08.2015 o 22:23, Tim Rühsen pisze:
> Am Samstag, 15. August 2015, 12:29:45 schrieb Jacek Wielemborek:
>> Hello,
>> I was looking into fuzzing wget with afl-fuzz [1]. While I hadn't
>> managed to crash it yet, I found a lot of code paths so far with the
>> following input:
>>> HTTP/1.1 200 OK
>>> Server: nginx
>>> Date: Mon, 10 Aug 2015 20:31:38 GMT
>>> Content-Type: text/html; charset=utf-8
>>> Content-Length: 283087
>>> Connection: keep-alive
>>> Vary: Accept-Encoding
>>> cache-control: no-cache
>>> qwe
> Hi Jacek,
> what exactly did you find ?
> Maybe you can give us an example wget command line that produces unexpected 
> behavior. Or better, give us a pointer to the code that fails.
> We highly appreciate patches to wget (non-trivial patches needs an FSF 
> copyright assignment by you).
> Looking forward to hear from you.
> Tim


I found nothing because I was only testing it under a netbook so far,
but I wanted to know if it was tested before and if not, encourage you
people to do that by giving some pointers on how this can be achieved.
I'll let you know once I find anything.


Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]