|
|
|
|
|
|
by matthewdgreen
1007 days ago
|
|
|
The answer to this stuff isn't to fuzz, it's to cut this code out like it's a tumor. Then if it breaks stuff throughout the OS/browser, write one heavily sandboxed and memory-safe format converter that can handle the problem. I'd rather have an iPhone or browser that is annoying in a few edge cases than have code like this where vulnerabilities are almost guaranteed (irrespective of fuzzing.) I know I'm being optimistic here, but I'm positive this won't the last chapter in this story. |
|
|
I'm sure you're right about that.'Fuzzing resistant, takes human-directed fuzzing to recreate a PoC' seemed fun, but, as you say, that's the magic of memory unsafety.