Write a harness The code in exif.c is poorly written, and I suspect there are vulnerabilities in it. That’s why I’ve chosen to fuzz the ProcessExifDir function here. It is called after user rotates a jpeg file and press the “save” button.
Harness:
int harness(const char * fname, int new_angle) { int fail = FALSE; int exif_angle = 0; int a; if(new_angle == 0) return TRUE; // use jhead functions ResetJpgfile(); // Start with an empty image information structure.
I am going to fuzz real-world programs to find out vulnerabilities. The first step is to find some “proper” targets, which are easy to expose bugs under fuzz testing.
Debian packages is a large collection of widely used programs. We will focus on programs included by Debian 11 “bullseye” distribution, and answer the questions below:
How many packages have at least one associated CVE? How many CVEs does each package have on average?