Recently I had a conversation with a programmer who repeated the adage that programming in perl consists of writing line-noise. This isn't true but it reminded me of my love of fuzzers. Fuzzers are often used to generate random input files which are fed to tools, looking for security problems, segfaults, and similar hilarity.
To the untrained eye the output of most fuzzers is essentially line-noise, since you often start with a valid input file and start flipping bits, swapping bytes, and appending garbage.
Anyway this made me wonder what happens if you fed random garbage into a perl interpreter? I wasn't brave enough to try it, because knowing my luck the fuzzer would write a program like so:
system( "rm -rf /home/steve" );
But I figured it was still an interesting idea, and I could have a go at
fuzzing something else. I picked gawk, the GNU implementation of
awk because the codebase is pretty small, and I understand it
reasonably well.
Almost immediately my fuzzer found some interesting segfaults and problems. Here's a nice simple example:
$ gawk 'for (i = ) in steve kemp rocks'
..
gawk: cmd. line:1: fatal error: internal error: segfault
Aborted
I look forward to seeing what happens when other people fuzz perl..
Tags: fun, fuzzing, gawk 5 comments