[tor-bugs] #24265 [Core Tor/Tor]: Fuzz all rust functions that are used by authorities to make sure they match C
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Jun 10 12:10:58 UTC 2018
#24265: Fuzz all rust functions that are used by authorities to make sure they
match C
-------------------------------------------------+-------------------------
Reporter: teor | Owner: (none)
Type: enhancement | Status: new
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: Rust, protover, fuzz, | Actual Points:
034-triage-20180328, 034-removed-20180328 |
Parent ID: | Points: 3
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by chelseakomlo):
I'm going to add more description about what we think the outcome of this
ticket should be, so it can be easily picked up. Please update/add more
info if this isn't exactly what we need.
1) This implementation should be fairly lightweight, as we don't want a
lot of dual implementations between Rust/C in the future, this is largely
to support existing code and where we only critically need it in the
future.
2) This should be added to existing C fuzzing tests in `/src/test/fuzz`.
3) This should use existing fuzzing infrastructure in Tor (see
`doc/HACKING/Fuzzing.md`, but should compare outputs between the C and
Rust implementation. This would mean we would need some mechanism to
generate both implementations (build tor with rust enabled and not
enabled) and then push arbitrary input into functions defined in both and
then compare the output.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24265#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list