Project

General

Profile

Actions

Optimization #3587

open

fuzz: target for threshold.config

Added by Victor Julien over 4 years ago. Updated 4 months ago.

Status:
New
Priority:
Low
Target version:
Effort:
Difficulty:
Label:
Hardening

Related issues 1 (1 open0 closed)

Related to Suricata - Optimization #4125: Ideal integration into oss-fuzzIn ProgressPhilippe AntoineActions
Actions #1

Updated by Victor Julien over 4 years ago

  • Priority changed from Normal to Low
Actions #2

Updated by Victor Julien over 4 years ago

  • Assignee set to Philippe Antoine
Actions #3

Updated by Philippe Antoine almost 4 years ago

Actions #4

Updated by Philippe Antoine about 3 years ago

Should this target use rules and traffic as well ?
There does not seem to be much to fuzz in SCThresholdConfParseFile by itself

Actions #5

Updated by Victor Julien about 3 years ago

Rules for sure, yes, as the threshold rules are applied to regular rules. Of course coverage may get higher with traffic, although I could imagine that reaching the thresholding conditions from traffic+rules might be tricky. But maybe I'm underestimating the fuzz algos.

Actions #6

Updated by Victor Julien about 3 years ago

Since the threshold file has rules that reference the regular rules by sig_id, I wonder if there should be some logic in the fuzz target to make sure we don't get a billion inputs that never reference a rule.

Actions #7

Updated by Philippe Antoine about 3 years ago

I could imagine that reaching the thresholding conditions from traffic+rules might be tricky

Would not fuzzer set the threshold to 2 to easily reach it ?

Since the threshold file has rules that reference the regular rules by sig_id,

Indeed, see my comment in https://redmine.openinfosecfoundation.org/issues/3589#note-5

Actions #8

Updated by Philippe Antoine over 1 year ago

  • Target version set to QA
Actions #9

Updated by Philippe Antoine 4 months ago

  • Label Hardening added
Actions

Also available in: Atom PDF