-
My name is McKenna Dallmeyer and I would like to submit fonttools to OSS-Fuzz. If you are not familiar with the project, OSS-Fuzz is Google's platform for continuous fuzzing of Open Source Software. I…
-
At this time of writing, I don't have any idea of the data-structure we could use to deal with these resources. I would probably use a map at first, with some fixed fields, it would be easy to export/…
-
Currently I am not sure the Kaitai-generated code won't cause any security issues, so as a first step we should create a warning about this.
I have some ideas:
- an attacker can create a specific…
-
With macOS 14 and XCode 15, I get the following compiler errors when attempting to build `./diff-build.sh`:
```
$ CompDiff git:(main) ✗ ./diff-build.sh
[*] Compiling afl++ for OS Darwin on ARCH a…
-
-
# Suggestion: Add a Permission API for high-frame-rate
## Purpose: To allow users to permit/deny higher-framerate animations to save battery power.
I suggest a permissions-based API for high-rat…
-
Several places in libxmp use integer division, which is slow and very unfriendly to platforms without a dedicated integer division instruction like ARMv6 (and are still slow even if there is one). Unl…
-
## What's the problem?
While running tests on UPX, we found 2 crashing inputs. In detail:
1. Segmentation fault is received in function `invert_pt_dynamic`.
2. Segmentation fault is received in f…
-
I'm starting to think that the higher levels of the source track will look fundamentally different for closed source and open source projects, and we would benefit from making the distinction explicit…
kpk47 updated
1 month ago
-
[dynamic_analysis] A dynamic analysis tool examines the software by executing it with specific inputs. For example, the project MAY use a fuzzing tool (e.g., American Fuzzy Lop) or a web application s…