veganism.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Veganism Social is a welcoming space on the internet for vegans to connect and engage with the broader decentralized social media community.

Administered by:

Server stats:

296
active users

#fuzzing

2 posts2 participants0 posts today

Reviewed the 3 PRs we got for lafleur: github.com/devdanzin/lafleur/p

All 3 marked as "good first issue". They've clear signs of being created by or with help from AI, like tentative code ("# do this in case... ") and removing docstrings.

Merged one and gave feedback on 2, including tips on how to get AI to fix their issues.

I might get unfollows for this, but I welcome AI generated code as long as it's good enough. In fact, AI made this project viable.

A feedback-driven, evolutionary fuzzer for the CPython JIT compiler. - Pull requests · devdanzin/lafleur
GitHubPull requests · devdanzin/lafleurA feedback-driven, evolutionary fuzzer for the CPython JIT compiler. - Pull requests · devdanzin/lafleur

Busy day, good day: the new CPython fuzzer lafleur found its first 2 crashes this morning!

Happiness only marred by the bad job I did reducing the testcases and making the reports reproducible. Thanks Brandt Bucher and and Ken Jin for the patience! Next bug reports will be more polished and reliable.

Also, we got 3 new PRs for the fuzzer but I didn't have time to review them, will have to leave that for tomorrow.

github.com/devdanzin/lafleur/

A feedback-driven, evolutionary fuzzer for the CPython JIT compiler. - devdanzin/lafleur
GitHubGitHub - devdanzin/lafleur: A feedback-driven, evolutionary fuzzer for the CPython JIT compiler.A feedback-driven, evolutionary fuzzer for the CPython JIT compiler. - devdanzin/lafleur

Launching a new project on a Sunday night: lafleur, a CPython JIT fuzzer.

github.com/devdanzin/lafleur

It's a feedback driven fuzzer (using JIT debug output) with corpus prioritization and JIT-targeted AST-based mutations. Calling it "evolutionary" may be a stretch, but sounds good.

It's also a fuzzer that so far hasn't found any crashes or bugs. Still working on that ;)

If you want to understand how it works, there is a good amount of docs.

A feedback-driven, evolutionary fuzzer for the CPython JIT compiler. - devdanzin/lafleur
GitHubGitHub - devdanzin/lafleur: A feedback-driven, evolutionary fuzzer for the CPython JIT compiler.A feedback-driven, evolutionary fuzzer for the CPython JIT compiler. - devdanzin/lafleur

Trying real hard to build a fuzzer targeting the CPython JIT, lots of features implemented but not a single crash or bug discovered so far.

Such is life when hunting for crashes in robust code.

This weekend I'll be spinning off a new fuzzer that grew from fusil. Wish me luck 🙂

#Python#CPython#JIT
Continued thread

All this was only possible due to the great response from the Python community.

Thanks to the developers efforts to triage, diagnose, and fix the problems, the campaign became a collaborative effort to improve Python.

The impact was considerable, mobilizing Core Devs and contributors to create 98 PRs to fix these bugs. The average time to fix an issue was about 20 days, with a median of just five days.

(2/5)

Happy to share the results of a fuzzing campaign targeting CPython that ran from Oct 2024 to May 2025. Using the fusil fuzzer, the goal was to find crashes and improve CPython's robustness.

I really like the results we got: the effort uncovered 52 unique crash-related issues. These reports approached 30% of all "type-crash" issues filed during that period. One of the crashes was classified as a Release Blocker, that was a nice result! :)

(1/5)

My colleagues at CEA in #Paris, France, are hiring a 2-year #postdoc to work on the joint research project #SECUBIC about #fuzzing binaries to identify #backdoors. (See this recently joint work at #ICSE2025 for previous results: upsilon.cc/~zack/research/publ )

If you're interested, or know interested candidates, head to: secubic-ptcc.github.io/jobs/op for details.

Do you maintain or contribute to a #Python package that includes a C extension? Would you like to run a fuzzer against it?

If so, let me know and I will run it, or help you to get it running.

The fuzzer is #fusil, which generates random code calling into your functions and methods. It's useful to check for crashes on invalid inputs or unexpected call patterns.

It has found about 50 crashes in #CPython, 20 in #PyPy, 6 in #Numpy etc.

#fuzzing #fuzzer #testing
See here:
github.com/devdanzin/fusil/iss

GitHubFuzz C extensions · Issue #37 · devdanzin/fusilBy devdanzin

Hello everyone :)

Since it seems to be a requirement, here is my #introduction for anyone willing to follow a full-time lurker o_o

- I do #fuzzing research, and this will make up most of what I post here
- I live in Germany

Please do not follow if you cannot be kind :) I will likely mistype things or be overly passionate sometimes ._.

Sydr-Fuzz: Continuous Hybrid Fuzzing and Dynamic Analysis for Security Development Lifecycle arxiv.org/abs/2211.11595

85 new bugs in 22 open source projects. Dynamic analysis pipeline: hybrid #fuzzing with symbolic executor Sydr and libFuzzer or @aflplusplus, corpus minimization, error detection (out of bounds, integer overflow, etc.) via symbolic security predicates, collecting coverage, crash triaging (deduplication, clustering, severity estimation) with Casr: github.com/ispras/casr

FuzzBench: sydr-fuzz.github.io/fuzzbench
OSS-Sydr-Fuzz: github.com/ispras/oss-sydr-fuz

arXiv.orgSydr-Fuzz: Continuous Hybrid Fuzzing and Dynamic Analysis for Security Development LifecycleNowadays automated dynamic analysis frameworks for continuous testing are in high demand to ensure software safety and satisfy the security development lifecycle (SDL) requirements. The security bug hunting efficiency of cutting-edge hybrid fuzzing techniques outperforms widely utilized coverage-guided fuzzing. We propose an enhanced dynamic analysis pipeline to leverage productivity of automated bug detection based on hybrid fuzzing. We implement the proposed pipeline in the continuous fuzzing toolset Sydr-Fuzz which is powered by hybrid fuzzing orchestrator, integrating our DSE tool Sydr with libFuzzer and AFL++. Sydr-Fuzz also incorporates security predicate checkers, crash triaging tool Casr, and utilities for corpus minimization and coverage gathering. The benchmarking of our hybrid fuzzer against alternative state-of-the-art solutions demonstrates its superiority over coverage-guided fuzzers while remaining on the same level with advanced hybrid fuzzers. Furthermore, we approve the relevance of our approach by discovering 85 new real-world software flaws within the OSS-Sydr-Fuzz project. Finally, we open Casr source code to the community to facilitate examination of the existing crashes.

Hi, I'm Dominik 🙃

I had always worked for product security teams on the side (WiFi SoHo routers, Smartcard readers, random software, ..) during uni/PhD, but finally quit #academia completely a while ago.

Now I'm doing #connectivity security and vuln research, trying to improve archaic low level protocols and implementations in #phones 😬.

Before that, I did a lot of #fuzzing (still do) and co-authored a bunch of papers I personally like, about #snapshot and #network fuzzing (FitM), #binary-only baseband fuzzing (FirmWire), Nvidia #driver fuzzing (BSOD) and many more.

Also, stumbled into @aflplusplus, the team maintaining #AFL++ and the fuzzing library #LibAFL we wrote in #rust (github.com/AFLplusplus/LibAFL) that currently dominates benchmarks! Enjoying this a lot :)

Apart from that, I travel, play games, organize CTFs, and just do whatever activities friends spontaneously throw at me