|
|
Boost : |
Subject: Re: [boost] Formal Review of IO and Toolbox extensions to Boost.GIL starts TOMORROW
From: Fabio Fracassi (f.fracassi_at_[hidden])
Date: 2010-12-06 16:08:16
On 6/12/2010 19:11, Christian Henning wrote:
> Hi Fabio,
>
>>
>> Have you looked into how browsers test against malicious attacks?
>> IIRC they take valid images and change them in a "educatedly random"
>> fashion. (i.e. all kinds of header corruption)
>> As images are a common attack vector for malicious attacks I think that kind
>> of testing is quite important.
>>
>
> I think you bring up a valid point. I'll make an entry in the todo
> list to add some invalid reads. Now how do I create a good cross
> selection of invalid jpeg, tiff, png, bmp, and pnm images? I'm open
> for suggestions.
>
Note that I also do not have any first hand experience with it, but from
what I have heard some forms of randomized (with a logged or fixed seed)
fault injection
(https://secure.wikimedia.org/wikipedia/en/wiki/Fault_injection) or
fuzz-testing
(https://secure.wikimedia.org/wikipedia/en/wiki/Fuzz_testing) is quite
effective for that kind of testing.
A quick google search turned up this
(http://www.securiteam.com/tools/6P00B1FNFM.html) for a jpeg fuzzer
(haven't checked the license though)
I think adding something like this to the test suite would be the most
efficient approach, especially since scripted fuzzing does not take too
much diskspace.
HTH
Fabio
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk