|
|
|
|
|
|
by malanj
4249 days ago
|
|
|
This is how I understand it: 1) JPEG file structure is complex (much more so than a BMP file for example).
2) Imagine you didn't know what it looked, but had a tool that could "read" them. djpeg in this case
3) What the fuzzer does is "peek" at how the djpeg tool reacts to random "fuzzed" data. It's smart about it, understanding when a bit of data makes the tool do something new (code path)
4) After millions of iterations it "learns" how JPEG file structure works and can generate valid JPEGs. This might not be very relevant for JPEGs, given that you can just Google their structure. This is cool because it shows how the tool could figure out (or find a weakness in) something where you don't know how it works. |
|
|
It is better to look at it as a maze solver that tries to generate instructions for a robot that will lead that robot through the maze, while that robot has its own weird way of interpreting the instructions. It it generates) makes