HackerTrans
TopNewTrendsCommentsPastAskShowJobs

andrei

no profile record

Submissions

Fuzzing Go APIs for SQL Injection

blog.fuzzbuzz.io
64 points·by andrei·4 वर्ष पहले·22 comments

House passes bill that DoD software can’t have any CVEs

twitter.com
19 points·by andrei·4 वर्ष पहले·9 comments

Advanced Go Fuzzing Techniques

blog.fuzzbuzz.io
2 points·by andrei·4 वर्ष पहले·0 comments

Go Fuzz Testing

blog.fuzzbuzz.io
114 points·by andrei·4 वर्ष पहले·22 comments

comments

andrei
·2 वर्ष पहले·discuss
just link to the real thing :) [0]

[0]: https://twitter.com/nealagarwal/status/1747284257582506102
andrei
·3 वर्ष पहले·discuss
facepalm I read that paragraph, but my brain skipped that sentence for some reason. Thanks for clarifying
andrei
·3 वर्ष पहले·discuss
How is this different than just turning your TV off? I feel like I'm missing something
andrei
·4 वर्ष पहले·discuss
Somewhat relevant: https://tonsky.me/blog/disenchantment/
andrei
·4 वर्ष पहले·discuss
As of go 1.18, fuzzing is built into the toolchain itself, and is what we're using in this post.

We go over the basics here [0], if you'd like to start at the beginning

[0]: https://blog.fuzzbuzz.io/go-fuzzing-basics/
andrei
·4 वर्ष पहले·discuss
It's much more common than you may think - especially at larger organizations where engineers go "off-script" frequently.

That being said, we wanted to highlight an example of how fuzzing can be applied to a typical (albeit, toy) API to find logic bugs, and figured SQL Injection would be something that resonated with most (all?) developers.
andrei
·4 वर्ष पहले·discuss
A lot of folks we talk to think fuzzing is only useful for finding memory leaks in C++ programs, so we wanted to show how adding a single fuzz test to your API can find SQL injection and other logic bugs.

Would love to hear others' experience with Go fuzzing now that it's been out for a few months.
andrei
·4 वर्ष पहले·discuss
> 2. What measures is Oven taking to proactively detect and mitigate vulnerabilities? (e.g.: fuzzing, audits, bug bounties)

We're huge fans of bun at Fuzzbuzz (waiting for it to get a bit more production-ready). If Jarred's interested, we'd be happy to donate some compute to support fuzzing Bun.

<hn username> @ fuzzbuzz.io
andrei
·4 वर्ष पहले·discuss
I've heard this talked about before, and I believe there's a phrase for it, but I don't remember. Do you happen to know?
andrei
·4 वर्ष पहले·discuss
Good catch :) fixed!
andrei
·4 वर्ष पहले·discuss
It does! Fuzzing actually started off as a tool built by security researchers to find vulnerabilities in parsers, and other complex codebases, usually written in C/C++ (looking for memory bugs). So anything that deals with untrusted binary data is a prime candidate for fuzz testing.

Go’s fuzzing framework supports `[]byte` arguments as well as all of the standard Go primitives, so you should be able to test netcode this way.

If you're looking for a C/C++ solution, my recommendation is libfuzzer [0]. We've also built our own C/C++ fuzzing engine at Fuzzbuzz [1].

[0] https://llvm.org/docs/LibFuzzer.html

[1] https://docs.fuzzbuzz.io/docs/getting-started-in-c-or-c++