On Mon, Feb 11, 2008 at 02:18:05PM +0100, Pierre Chifflier wrote: > > The description is very unclear to me. [...] > Right, the previous description was not clear. I have reworded it, from > the README file, and from the author description: > > Fusil is a fuzzing framework designed to expose bugs in software by > changing random bits of its input. > It helps to start process with a prepared environment (limit memory, > environment variables, redirect stdout, etc.), start network client or > server, and create mangled files. Fusil has many probes to detect > program crash: watch process exit code, watch process stdout and syslog > for text patterns (eg. "segmentation fault"), watch session duration, > watch cpu usage (process and system load), etc. > . > Fusil is based on a modular architecture. It computes a session score > used to guess fuzzing parameters like number of injected errors to > input files. > . > Available fuzzing projects: ClamAV, Firefox (contains an HTTP server), > gettext, gstreamer, identify, libc_env, libc_printf, libexif, > linux_syscall, mplayer, php, poppler, vim, xterm.
Wow, that is much better! The only remark I have is that you can define
your own fuzzing projects, I would replace "Available" in the last
paragraph by "Pre-defined" or something equivalent.
Upstream should put your description on their front page :)
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <[EMAIL PROTECTED]>
signature.asc
Description: Digital signature
