Bug#700506: ITP: trinity -- A Linux System call fuzz tester
Package: wnpp
Severity: wishlist
Owner: gustavo panizzo <gfa@zumbi.com.ar>
* Package name : trinity
Version : 1.1
Upstream Author : Dave Jones <davej@redhat.com>
* URL : http://codemonkey.org.uk/projects/trinity
* License : GPLv2
Programming Lang: C
Description : A Linux System call fuzz tester
As 'fuzz testing' suggests, trinity calls syscalls at random, with random
arguments. Where Trinity differs is that the arguments it passes are not
purely random.
If a syscall took, for example, a file descriptor as an argument,
one of the first things kernels does is validate that fd, if is not valid the
kernel would just reject it as -EINVAL.
So on startup, Trinity creates a list of file descriptors, by opening pipes,
scanning sysfs, procfs, /dev, and creates a bunch of sockets using random
network protocols. Then when a syscall needs an fd, it gets passed one of
these at random.
Trinity also shares those file descriptors between multiple threads, which
causes havoc sometimes.
Reply to: