[webkit-dev] SVG Stabilization
Krzysztof Kowalczyk
kkowalczyk at gmail.com
Sat Feb 24 15:08:22 PST 2007
On 2/24/07, Nikolas Zimmermann <zimmermann at kde.org> wrote:
> > 2) Additional testing
> > * Fuzz-test for custom parsers - the biggest security risk is
> > buffer overruns in some of the custom parsers, so we'd like to
> > develop a fuzz-testing tool for attributes that trigger these, and
> > fix resulting crashes.
> Definately. There have been too many crashes around involving the svg
> path parsing code etc. Any idea how to develop such a fuzz-testing tool?
> Simple perl/ruby/<whatever> script producing static test files?
You might try http://sam.zoy.org/zzuf/ - I never tried it but from the
description it seems to fit the bill perfectly.
-- kjk
More information about the webkit-dev
mailing list