[Python-Dev] Fuzzing bugs: most bugs are closed
Victor Stinner
victor.stinner at haypocalc.com
Sun Jul 20 22:45:39 CEST 2008
Le Saturday 19 July 2008 21:52:09 A.M. Kuchling, vous avez écrit :
> Excellent work! Another fruitful area for fuzzing might be the
> miniature virtual machine used by the re module. It's possible to
> import _sre and call the compile() function directly (see the end of
> Lib/sre_compile.py for how it's invoked); I wonder how the regex VM
> copes with random strings of bytecode.
Hum... how can I say it? It's trivial to crash _sre :-) So I blacklisted
_sre.compile() in my fuzzer.
For information, it's also very easy to crash CPython with fuzzed .pyc file.
It's hard to check bytecode without execute it. It's maybe better to add
checks directly in the VM.
--
Victor Stinner aka haypo
http://www.haypocalc.com/blog/
More information about the Python-Dev
mailing list