[libvirt] [GSoC] Project of libvirt/qemu fuzzing
Dear all, The project of qemu command line fuzzing has been accepted as a GSoC project [1] [2]. As a student participating Google Summer of Code activity, I am extremely exitited to get started today on May 30th, 2017. During the past months, I have received tremendous guidance from my mentors as well as many other contributors on the mailinglist. I look forward to contributing to the community and learning a lot over the summer. Any advice, comment, feedback, suggestion to my emails/commit, would always be highly appreciated and more than welcome. Thank you all for your time, Daniel Liu [1]. https://summerofcode.withgoogle.com/projects/#5088017038442496 [2]. https://wiki.libvirt.org/page/Google_Summer_of_Code_Ideas#QEMU_command_line_...
On Tue, May 30, 2017 at 12:03 PM, Dan <srwx4096@gmail.com> wrote:
The project of qemu command line fuzzing has been accepted as a GSoC project [1] [2]. As a student participating Google Summer of Code activity, I am extremely exitited to get started today on May 30th, 2017.
Welcome! Great project idea, I am looking forward to your contributions. Do you have a particular fuzzer in mind or will you write a custom fuzzer from scratch? I'm not aware of anyone using Google's OSS-Fuzz in the libvirt and QEMU communities yet. Maybe it would be a good platform to build upon: https://github.com/google/oss-fuzz Stefan
On Tue, May 30, 2017 at 02:08:54PM +0100, Stefan Hajnoczi wrote:
On Tue, May 30, 2017 at 12:03 PM, Dan <srwx4096@gmail.com> wrote:
The project of qemu command line fuzzing has been accepted as a GSoC project [1] [2]. As a student participating Google Summer of Code activity, I am extremely exitited to get started today on May 30th, 2017.
Welcome! Great project idea, I am looking forward to your contributions.
Thank you very much. I am very glad!
Do you have a particular fuzzer in mind or will you write a custom fuzzer from scratch?
I'm not aware of anyone using Google's OSS-Fuzz in the libvirt and QEMU communities yet. Maybe it would be a good platform to build upon: yeah, that's a very interesting project. I do not think there has been serious discussion about it among libvirt and QEMU communities except some mentioning [1]. I think it could be actually benificial for this
I planned to come with a list of fuzzer candidates and try them all. But now I am only playing with AFL and I would not start writing from scratch until I know for sure what I really need to do. So next, while I try with AFL I can start looking into fuzzers particularly with XML grammer generation or something like that potentially modifiable/extensible by ourselves. project if at some point we start working on oss-fuzz for libvirt because they share the fundamental ideas, though the proposal of this fuzzing project starts from a different perspective. [1] https://www.redhat.com/archives/libvir-list/2017-May/msg00196.html Cheers, Dan
https://github.com/google/oss-fuzz
Stefan
participants (2)
-
Dan -
Stefan Hajnoczi