Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add h2o cve #2

Open
wants to merge 21 commits into
base: master
Choose a base branch
from
Open

Add h2o cve #2

wants to merge 21 commits into from

Conversation

sciencemanx
Copy link
Contributor

Adds

  • h2o cve
  • poc test case
  • improvements to github/docker CI

dbrumley
dbrumley requested changes Jun 3, 2020
View reviewed changes
h2o-cve-2018-0608/README.md Show resolved Hide resolved
.github/workflows/docker_publish.yml Outdated Show resolved Hide resolved
.github/push.sh Outdated Show resolved Hide resolved
h2o-cve-2018-0608/mayhem/h2o/Mayhemfile Outdated Show resolved Hide resolved
h2o-cve-2018-0608/mayhem/h2o/Mayhemfile
version: '1.4'
project: h2o-cve-2018-0608
target: h2o
baseimage: forallsecure/h2o-cve-2018-0608
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please specify a duration (upper bound on what it would take to find, say on demo).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok haven't found the bug from scratch yet (ran target shortly and verified crash repro) but will update when it is found

h2o-cve-2018-0608/README.md Outdated Show resolved Hide resolved
h2o-cve-2018-0608/README.md Show resolved Hide resolved
h2o-cve-2018-0608/Dockerfile Outdated Show resolved Hide resolved
h2o-cve-2018-0608/Dockerfile Show resolved Hide resolved
h2o-cve-2018-0608/README.md

Note: Fuzzing has some degree of non-determinism, so when you run
yourself you may not get exactly this file. This is expected; your
output should still trigger the memory corruption bug.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pls add how long it takes us to find. Such as:
On our test cluster, given the original seed, it takes about xxx minutes to reproduce the bug.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dbrumley dbrumley dbrumley requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sciencemanx @dbrumley