Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Comparative fuzzing with other SMTP servers #83

Open
Ekleog opened this issue May 14, 2020 · 0 comments
Open

Comparative fuzzing with other SMTP servers #83

Ekleog opened this issue May 14, 2020 · 0 comments
Labels
a:smtp-message Area: in the smtp-message crate c:hard Complexity: hard n:dev Needs: development work p:medium Prio: medium t:cleanup Type: cleanup

Comments

@Ekleog
Copy link
Owner

Ekleog commented May 14, 2020

We should probably try to do some comparative fuzzing of at least our parsers with other SMTP servers' parsers.

This will require:

  • gutting these other servers and figuring out where their parsers are
  • deciding on a list of invariants to test (eg. taking as input a bracketed email address, is it valid? where is the @? is the localpart quoted? does it contain utf-8?)
  • putting all the invariants in an AFL / libFuzzer loop and asserting they're all equal
  • running the fuzzer for a long time, hoping it finds some differences between the various parser implementations
@Ekleog Ekleog added a:smtp-message Area: in the smtp-message crate t:cleanup Type: cleanup c:hard Complexity: hard p:medium Prio: medium n:dev Needs: development work labels May 14, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
a:smtp-message Area: in the smtp-message crate c:hard Complexity: hard n:dev Needs: development work p:medium Prio: medium t:cleanup Type: cleanup
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Ekleog