Closed Bug 1863735 Opened 1 year ago Closed 1 year ago

Release early on error in IPC fuzzing

Categories

(Core :: Fuzzing, enhancement)

x86_64
Linux
enhancement

Tracking

()

RESOLVED FIXED
121 Branch
Tracking Status
firefox121 --- fixed

People

(Reporter: decoder, Assigned: decoder)

Details

Attachments

(1 file)

Currently, when sending malformed packets that trigger an error in IPC fuzzing, we continue to send more packets afterwards. Instead, using the previously implemented OnMessageError callback, we can immediately reset. This forces the fuzzer to work on the first message rather than blowing up the sample with error-inducing messages. However, it also forces us to synchronize after each packet, as the error callback is on a different thread compared to the fuzzing thread.

Pushed by choller@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/15122aaa6502 Release early on error in IPC fuzzing. r=truber
Status: ASSIGNED → RESOLVED
Closed: 1 year ago
Resolution: --- → FIXED
Target Milestone: --- → 121 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: