Subject: Re: [boost] Formal Review of IO and Toolbox extensions to Boost.GIL starts TOMORROW
From: Fabio Fracassi (f.fracassi_at_[hidden])
Date: 2010-12-06 16:08:16
On 6/12/2010 19:11, Christian Henning wrote:
> Hi Fabio,
>
>>
>> Have you looked into how browsers test against malicious attacks?
>> IIRC they take valid images and change them in a "educatedly random"
>> fashion. (i.e. all kinds of header corruption)
>> As images are a common attack vector for malicious attacks I think that kind
>> of testing is quite important.
>>
>
> I think you bring up a valid point. I'll make an entry in the todo
> list to add some invalid reads. Now how do I create a good cross
> selection of invalid jpeg, tiff, png, bmp, and pnm images? I'm open
> for suggestions.
>
Note that I also do not have any first hand experience with it, but from
what I have heard some forms of randomized (with a logged or fixed seed)
fault injection
(https://secure.wikimedia.org/wikipedia/en/wiki/Fault_injection) or
fuzz-testing
(https://secure.wikimedia.org/wikipedia/en/wiki/Fuzz_testing) is quite
effective for that kind of testing.
A quick google search turned up this
(http://www.securiteam.com/tools/6P00B1FNFM.html) for a jpeg fuzzer
(haven't checked the license though)
I think adding something like this to the test suite would be the most
efficient approach, especially since scripted fuzzing does not take too
much diskspace.
HTH
Fabio