* * * * *
                                        
                  It's always nice when my code doesn't crash
                                        
I was reading this article (How I nearly almost saved the Internet, starring
afl-fuzz and dnsmasq » SkullSecurity) [1] (link via Hacker News [2]) about
fuzz testing [3] a DNS (Domain Name Service) server and when I saw that the
problematic packets that caused the program to crash could be downloaded [4],
I figured I would give them a try against my own DNS parsing code [5].

My code did not crash, which is what I expected given that some of the tests
I did included throwing random data. But I might have to install afl-fuzz
(American fuzzy lop) [6] and play around with it. I'd really love to throw
afl-fuzz at the Protocol Stack From Hell™ [7], and while it would be
cathartic, in a way, that's like shooting already dead fish in a wine barrel
with a double barrel shot-gun at point-blank range.

[1] https://blog.skullsecurity.org/2015/how-i-nearly-almost-saved-the-internet-starring-afl-fuzz-and-dnsmasq
[2] https://news.ycombinator.com/item?id=9897159
[3] https://en.wikipedia.org/wiki/Fuzz_testing
[4] https://blogdata.skullsecurity.org/fuzz_dnsmasq.tar.bz2
[5] https://github.com/spc476/SPCDNS
[6] http://lcamtuf.coredump.cx/afl/
[7] gopher://gopher.conman.org/0Phlog:2012/01/30.2

Email Sean Conner at sean@conman.org

.