-
Notifications
You must be signed in to change notification settings - Fork 4
Bugs found using Fuzi_Q
Christian Huitema edited this page Jan 9, 2022
·
1 revision
Bugs that were found using fuzi_q:
- Bug in Picoquic: Fuzzer causes binlog to crash. A faulty "stream" frame can cause the binlog write to crash, when the "byte" position returned by the parser is NULL.
- Bug in Picoquic: Fuzzing the client shows traces of reverse connections. Fuzzing changed the DCID of an initial message sent by the server, and the received message was interpreted as the first message of a connection started by the server. It did stop there, but it shows a potential issue if a "client only" context is allowed to process incoming connections.
- Bug in Picoquic: bad qlog for unknown frames. The bad formatting of qlog reports was maybe a minor issue, but fixing it and adding new tests surfaced a "read beyond the bounds" bug in frame parsing.