Do not verify checksum during fuzzing

RustAudio / ogg

Ogg container decoder and encoder written in pure Rust

Other

113 stars 21 forks source link

Do not verify checksum during fuzzing #6

Closed Shnatsel closed 6 years ago

Shnatsel commented 6 years ago

Allows meaningful fuzzing of ogg and lewton crates via rust-fuzz tooling (afl.rs, cargo-fuzz, honggfuzz-rs). Without this fuzzers do not reach any interesting code because they cannot generate valid checksums without detailed knowledge about the format, which they do not have.

This already has been used to discover https://github.com/RustAudio/lewton/issues/27

est31 commented 6 years ago

Thanks for the PR! Could you add a comment?

est31 commented 6 years ago

Thanks!