Closed Bug 348483 Opened 18 years ago Closed 2 years ago

[meta] Fuzzer that makes random XBL bindings

Categories

(Core :: Fuzzing, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED

People

(Reporter: jruderman, Unassigned)

References

(Depends on 1 open bug)

Details

(Keywords: meta, sec-other, Whiteboard: [sg:nse meta])

Attachments

(2 obsolete files)

This fuzzer makes random XBL bindings by copying DOM subtrees into <xbl:content> part of new bindings.  Sometimes it adds an <xbl:children/> somewhere in its copy of the subtree.

It assumes you have a copy of http://www.software.hixie.ch/utilities/cgi/test-tools/delayed-file.pl at http://localhost/cgi-bin/delayed-file.pl.  (I couldn't figure out how to get XBL working in a data: or javascript: URL due to the need for #bindingid at the end of the URL.  Another alternative was creating a file for each binding and encouraging the use of a RAM disk.)

So far it has only found one bug, bug 348049.  That bug is a security hole.
Attached file fuzzer-bindings.js (obsolete) —
Whiteboard: [sg:nse meta]
Attached file fuzzer-bindings.js 3.0 (obsolete) —
Attachment #233423 - Attachment is obsolete: true
Depends on: 360078
Shouldn't have security bugs assigned to nobody. Jesse can own his test bugs
Assignee: nobody → jruderman
Depends on: 366112
Depends on: 366207
> It assumes you have a copy of
> http://www.software.hixie.ch/utilities/cgi/test-tools/delayed-file.pl at
> http://localhost/cgi-bin/delayed-file.pl.  (I couldn't figure out how to get
> XBL working in a data: or javascript: URL due to the need for #bindingid at the
> end of the URL.  Another alternative was creating a file for each binding and
> encouraging the use of a RAM disk.)

See bug 243917, "Not possible to use data url scheme to embed xbl file into html", which is marked as invalid :(
Depends on: 367251
Depends on: 369051
Comment on attachment 242979 [details]
fuzzer-bindings.js 3.0

New version in bug 339948.
Attachment #242979 - Attachment is obsolete: true
Depends on: 373586
Depends on: 377592
Depends on: 377820
Depends on: 379105
Depends on: 379920
Depends on: 382376
Depends on: 383709
Depends on: 384740
Depends on: 385885
Depends on: 386566
Depends on: 386947
Depends on: 391904
Depends on: 395469
Depends on: 397574
Depends on: 397849
Depends on: 398466
Depends on: 398492
Depends on: 399946
Depends on: 401993
Depends on: 403360
Depends on: 403574
Depends on: 404125
Depends on: 404869
Depends on: 405184
Depends on: 405186
Depends on: 406900
Depends on: 406904
Depends on: 409573
Depends on: 412104
Depends on: 414058
Depends on: 415017
Depends on: 415192
Depends on: 415301
Depends on: 417109
Depends on: 418498
Depends on: 420233
Depends on: 420429
Depends on: 420785
Depends on: 420790
Depends on: 420835
Depends on: 425821
Depends on: 429085
Depends on: 429458
Depends on: 429623
Depends on: 429780
Depends on: 432068
Depends on: 433429
Depends on: 444030
Depends on: 451323
Depends on: 454736
Depends on: 454746
Depends on: 460876
Depends on: 463511
Depends on: 464149
Depends on: 464863
Depends on: 465466
Depends on: 468210
Depends on: 468546
Depends on: 471594
Depends on: 472260
Depends on: 472957
Depends on: 474181
Depends on: 476245
Depends on: 477740
Depends on: 479160
Depends on: 483120
Depends on: 489925
Depends on: 490760
Depends on: 493123
Depends on: 495354
Depends on: 497519
Depends on: 498036
Depends on: 499885
Depends on: 503991
Depends on: 508927
Depends on: 509547
Depends on: 513741
Depends on: 514104
Depends on: 514300
Depends on: 526381
Depends on: 532808
Depends on: 537059
Depends on: 537141
Depends on: 538070
Depends on: 541294
Depends on: 554202
Depends on: 559705
Depends on: 560435
Depends on: 560441
Depends on: 561981
Depends on: 564461
Depends on: 567292
Depends on: 569012
Depends on: 569674
Depends on: 580140
Depends on: 588226
No longer blocks: fuzz
Remote XBL, along with remote XUL, was disabled in bug 546857. As a result, this module of DOMFuzz no longer exists.
Group: core-security
Component: Tracking → Platform Fuzzing Team

The bug assignee didn't login in Bugzilla in the last 7 months.
:decoder, could you have a look please?
For more information, please visit auto_nag documentation.

Assignee: jruderman → nobody
Flags: needinfo?(choller)
Summary: Fuzzer that makes random XBL bindings → [meta] Fuzzer that makes random XBL bindings
Status: NEW → RESOLVED
Closed: 2 years ago
Flags: needinfo?(choller)
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.