
Mksanitizer – Bug detector software integration with the NetBSD userland - zdw
http://blog.netbsd.org/tnf/entry/mksanitizer_bug_detector_software_integration
======
adrianN
I'm surprised that this project found bugs so quickly. I had assumed that most
popular software already used some kind of fuzzer paired with a sanitizer, or
at least run their tests with a sanitizer build.

~~~
viraptor
Fuzzing is not trivial and even if you do it, people with different approaches
can find different issues. Then, even if you do it, you need to let it run for
days to find the non-trivial scenarios (assuming single machine).

On top of that, the knowledge about sanitizers and fuzzers is pretty low, if
you look at an average project. Some don't even care about integrating the
existing efforts.

I'm not sure what's the state these days, but 2 years ago I took 5 projects I
was using, pointed a very trivial setup of AFL at them and found bugs in each.
From yaml parsers to systemd-resolved.

------
brian_herman
This is so cool! Awesome work!

------
pjmlp
Nice work improving UNIX security.

