[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#700506: ITP: trinity -- A Linux System call fuzz tester

Package: wnpp
Severity: wishlist
Owner: gustavo panizzo <gfa@zumbi.com.ar>

* Package name    : trinity
  Version         : 1.1
  Upstream Author : Dave Jones <davej@redhat.com> 
* URL             : http://codemonkey.org.uk/projects/trinity
* License         : GPLv2
  Programming Lang: C
  Description     : A Linux System call fuzz tester

As 'fuzz testing' suggests, trinity calls syscalls at random, with random 
arguments. Where Trinity differs is that the arguments it passes are not 
purely random.
If a syscall took, for example, a file descriptor as an argument,
one of the first things kernels does is validate that fd, if is not valid the 
kernel would just reject it as -EINVAL.
So on startup, Trinity creates a list of file descriptors, by opening pipes, 
scanning sysfs, procfs, /dev, and creates a bunch of sockets using random 
network protocols. Then when a syscall needs an fd, it gets passed one of 
these at random.

Trinity also shares those file descriptors between multiple threads, which 
causes havoc sometimes.

Reply to: