Project

General

Profile

Actions

Optimization #3589

open

fuzz: target for iprep data files

Added by Victor Julien over 4 years ago. Updated 3 months ago.

Status:
New
Priority:
Low
Target version:
Effort:
Difficulty:
Label:
Hardening

Description

This should probably be mixed with rules (and pcap?) so that the files are picked by the detect engine.

A simpler way would be to directly expose the parsing routines, but I think getting the detect engine set up and packets eval'd will cover quite a bit more.


Related issues 1 (1 open0 closed)

Related to Suricata - Optimization #4125: Ideal integration into oss-fuzzIn ProgressPhilippe AntoineActions
Actions #1

Updated by Victor Julien over 4 years ago

  • Priority changed from Normal to Low
Actions #2

Updated by Victor Julien over 4 years ago

  • Assignee set to Philippe Antoine
Actions #3

Updated by Philippe Antoine over 4 years ago

What are iprep data files ?

Actions #4

Updated by Philippe Antoine over 3 years ago

Actions #5

Updated by Philippe Antoine almost 3 years ago

prep stands for IP reputation cf reputation.c

I think this ticket should be covered with the similar ones : #3587 to #3590
There are all additional configuration files
We can try to fuzz them with structure awareness or not.
Structure awareness may be especially useful for the files parsed by PCRE
Anyways I think a good seed corpus with valid versions of all files should be relevant there.

So, we want one target that combines all these and checks them against some traffic.
But here, we want to focus fuzzing on the use of these configuration files.
So maybe, we should be selective where we instrument fuzzing coverage...

Actions #6

Updated by Philippe Antoine over 1 year ago

  • Target version set to QA
Actions #7

Updated by Philippe Antoine 3 months ago

  • Label Hardening added
Actions

Also available in: Atom PDF