Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp936508ybv; Thu, 13 Feb 2020 12:21:01 -0800 (PST) X-Google-Smtp-Source: APXvYqzsvsevdDVgNFp1yHsOM12KUkoX3ELPIIjUcgWQHvxPubWShqjYcYJ7IUMg/nbO/7iJtYtF X-Received: by 2002:a9d:65c1:: with SMTP id z1mr15392106oth.180.1581625261167; Thu, 13 Feb 2020 12:21:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1581625261; cv=none; d=google.com; s=arc-20160816; b=RWVjcAJVBvtbWjTAiWnixTG8cFRK39crZyIW094+1nLdJJn4RpkIodhOioJ4xnebE7 e/Y5r4ZrzMk3jdCsK2okn4kKuAFrbYcwsam2nSTfJIGsEn3zLcqx6UH414dlANXb+E24 yuxFxwI31FfgjhsOtzKVjjyTgturb8zKcbLa0mfNqA4T/VulSWpX1ho1N+2qD44W2vp3 WPVs9re/dyWsnYRouOlsyAi78Noi1PFj7nv4Cc3zA/9f+lSPj4sJU81AbafJDa5YLdMl 57Ji7hATI27Lhi5f/eVz28cd+putF4Firf/44TYh0y+UAs3ZzGttzPMqa46Ojd1SXlsr x9RA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id; bh=sd80IAt6XFLUW8jxhl61yfqmy9VmyDItxQyx9VO2WN0=; b=AUZMcPOpPtu+Jck2MNP9gdkDGMCAqW+rUjoNAETxMs0Ma0aig+rDmVXO1rWRzhEUox RYuNV4jeXqHrPIhlVqu5bVN596nS9BJWNg8NqVlnsjYW1BGMpi9Vj/LBe6eITpY9pgXB 2NFy4ixDdf/heCTGhnlf/3I9sPtfRDaQehbVwO1bGsimzZYGIsS666PKTSa9zjYaNtdT kopKSmSpdHTn2c0dIHB5w4idmFp2p4XHamoI7V+j5n73HzMV+OeJIHLCIpqNPNp+VfCT qmlASQUe4sIIldOwPHyzOOY3M+MC+jmrXr5/YdKeUIVveaiPjgZkPbqluWrfQg0NiZtS XsLQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-wireless-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c22si1672607otr.97.2020.02.13.12.20.40; Thu, 13 Feb 2020 12:21:01 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-wireless-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-wireless-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728405AbgBMUTV (ORCPT + 99 others); Thu, 13 Feb 2020 15:19:21 -0500 Received: from s3.sipsolutions.net ([144.76.43.62]:48446 "EHLO sipsolutions.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727742AbgBMUTV (ORCPT ); Thu, 13 Feb 2020 15:19:21 -0500 Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.93) (envelope-from ) id 1j2KxD-009e2Z-GE; Thu, 13 Feb 2020 21:19:19 +0100 Message-ID: <03361a0c6f35db6aac6eab650d35e8ade0541d21.camel@sipsolutions.net> Subject: Re: [RFC PATCH] iw: add clang-based fuzzer for scan IEs From: Johannes Berg To: Markus Theil Cc: linux-wireless@vger.kernel.org Date: Thu, 13 Feb 2020 21:19:17 +0100 In-Reply-To: <20200211114502.4250-1-markus.theil@tu-ilmenau.de> References: <20200211114502.4250-1-markus.theil@tu-ilmenau.de> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.34.2 (3.34.2-1.fc31) MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-wireless-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org FWIW, I applied most of your patches, though some I squashed since you just introduced the bugs in a previous non-applied patch ... :) Regarding the fuzzing ... how long did you run this? I adjusted this to afl-clang-fast (afl++, not the original) and it's not finding much easily... I guess making it realloc each element into a separate buffer so that it's checking out-of-bounds for each element separately will help somewhat, let's see... johannes