Post Syndicated from corbet original http://lwn.net/Articles/692878/rss
The developers of “Project Triforce,” an effort to run the “american fuzzy
lop” fuzz-testing tool in a system-wide manner, have posted a
detailed description of what they are up to.
“AFL is an awesome tool. The power of an easy to use, feedback-driven
fuzzer has produced an absolutely staggering number of bugs. Still, at
first AFL required being able to build the executable, something sadly not
available on a lot of targets. With the addition of AFL’s qemu_mode, it
became possible to fuzz binaries without source, exposing a whole new world
of targets to AFL. I’d been on a number of Linux container engagements
recently where we’d managed to escape through kernel exploits. I fell
asleep one night to several AFL screens running, and I awoke suddenly with
a crazy idea: ‘Run AFL on the Linux Kernel.’”