FirefoxSummit/2006/ProposedSessions/FuzzTesting: Difference between revisions
Jump to navigation
Jump to search
Line 43: | Line 43: | ||
* [[User:Crowder|Crowder]] | * [[User:Crowder|Crowder]] | ||
* [[User:Zak|Zak Greant]] | * [[User:Zak|Zak Greant]] | ||
* [[User:Noam|Noam Rathaus]] |
Latest revision as of 07:57, 18 November 2006
Session Title
Fuzz-testing Gecko
Session Leader
Jesse Ruderman
Summary
Fuzz testing is the art of creating "random" but interesting input to a program. For example, someone wanting to test an HTML parser might feed it thousands of horribly invalid HTML files. But someone testing code that displays SVG would want to use well-formed XML, only using SVG tags and attributes in random combinations and sometimes in invalid ways.
Hundreds of bugs have been fixed as a result of fuzz-testing components of Gecko over the last 15 months. Many of these were bogus assertion failures or obscure hangs, but some were security holes.
Agenda
- How the Gecko fuzzers work
- The state of Gecko (with respect to fuzzing)
- Strategies for creating new fuzzers that are effective at finding bugs and facilitate creating reduced testcases after finding bugs
- What Gecko features, components, and APIs haven't been fuzz-tested and should be?
Interested Attendees
Please add your name here if you're likely to attend this session, this will help prioritize sessions and minimize conflicts
- Jeff Walden
- Gavin
- tor
- David Baron
- Zach Lipton
- Christopher Aillon
- rbs
- Steven Michaud
- Olli Pettay
- Jonas Sicking
- chofmann
- Roc
- ispiked
- Ryan Flint
- Martijn Wargers
- robcee
- Crowder
- Zak Greant
- Noam Rathaus