Subject: Re: [boost] Formal Review of IO and Toolbox extensions to Boost.GIL starts TOMORROW
From: Christian Henning (chhenning_at_[hidden])
Date: 2010-12-07 15:21:13
On Mon, Dec 6, 2010 at 4:08 PM, Fabio Fracassi <f.fracassi_at_[hidden]> wrote:
> Note that I also do not have any first hand experience with it, but from
> what I have heard some forms of randomized (with a logged or fixed seed)
> fault injection
> (https://secure.wikimedia.org/wikipedia/en/wiki/Fault_injection) or
> fuzz-testing (https://secure.wikimedia.org/wikipedia/en/wiki/Fuzz_testing)
> is quite effective for that kind of testing.
> A quick google search turned up this
> (http://www.securiteam.com/tools/6P00B1FNFM.html) for a jpeg fuzzer (haven't
> checked the license though)
> I think adding something like this to the test suite would be the most
> efficient approach, especially since scripted fuzzing does not take too much
Don't you think that adding a fuzzer to the boost source tree is a
little dangerous? Same goes "fuzzed" jpegs since they might be picked
up by a virus scanner.
I rather not add such dodgy data into the boost community. That
doesn't mean I shouldn't test that. I just have to find a better way.
Anyone has a good idea?
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk