[Python-Dev] Play with fuzzing

Brett Cannon brett at python.org
Mon Jul 7 01:33:14 CEST 2008


On Sun, Jul 6, 2008 at 4:11 PM, Victor Stinner
<victor.stinner at haypocalc.com> wrote:
> Hi,
>
> I wrote a fuzzing "framework" called Fusil and this week I wrote a fuzzer for
> Python. The idea is quite simple: for a module,
>  - list all functions, classes and class methods
>  - call a function with random arguments (of random types)
>  - instanciate a class with random arguments
>  - if the class is created correctly, call methods with random arguments
>
> Example:
> --------------------- 8< -----------------------------------
> print "Call 39/40: linuxaudiodev.open()"
> try:
>    linuxaudiodev.open(
>        # argument 1/2
>        u"\u62C0\uFBD7\uB46A\u55E0\uFB7B\uD392\u7CEE",
>        # argument 2/2
>        52.682,
>    )
> except Exception, err:
>    print >>stderr, "ERROR: %s" % err
> --------------------- 8< -----------------------------------
>
> I tried it on CPython 2.5 and then on CPython trunk (future 2.6). I found some
> bugs, see last bug entries in Python bugtracker. Just an example:
>
> http://bugs.python.org/issue3304
>  -> invalid call to PyMem_Free() in fileio_init()
>

You can use

http://bugs.python.org/issue?%40search_text=&title=&%40columns=title&id=&%40columns=id&creation=&creator=haypo&activity=2008-07-06&%40columns=activity&%40sort=activity&actor=&nosy=&type=&components=&versions=&dependencies=&assignee=&keywords=&priority=&%40group=priority&status=1&%40columns=status&resolution=&%40pagesize=50&%40startwith=0&%40queryname=&%40old-queryname=&%40action=search

to see all of the bugs Victor has filed today (looks like eight).

-Brett


More information about the Python-Dev mailing list