Closed
Bug 379903
Opened 18 years ago
Closed 3 years ago
[meta] Bugs found by Paul's "Canvas API Fuzzer"
Categories
(Core :: Fuzzing, enhancement)
Core
Fuzzing
Tracking
()
RESOLVED
FIXED
People
(Reporter: pvnick, Unassigned)
References
(Depends on 7 open bugs)
Details
(Keywords: meta, sec-other, Whiteboard: [sg:nse meta])
This script fuzzes the canvas context object as well as moving the canvas object around the DOM.
Steps to reproduce:
1. Open fuzz-canvas-api.xhtml
2. Input the settings
3. Wait a while
I'll add the bookmarklet later.
Reporter | ||
Comment 1•18 years ago
|
||
Updated•18 years ago
|
Whiteboard: [sg:nse meta]
Updated•13 years ago
|
Attachment #263949 -
Attachment is private: true
Comment 2•13 years ago
|
||
I've belatedly folded this code into the big DOM fuzzer.
It's finding a decent number of bugs on its own, and in combination with the following other parts of the fuzzer:
* randomizing graphics settings
* resizing canvas elements
* printing
* API discovery
Thanks, Paul :)
Group: core-security
OS: Windows XP → All
Hardware: x86 → All
Comment 3•9 years ago
|
||
pvnick's canvas fuzzer is now a DOMFuzz module:
https://github.com/MozillaSecurity/funfuzz/blob/master/dom/fuzzer/modules/canvas.js
cdiehl also wrote one:
https://github.com/MozillaSecurity/funfuzz/blob/master/dom/fuzzer/modules/canvas2d.js
(I should probably merge them at some point.)
Updated•8 years ago
|
Component: Tracking → Platform Fuzzing Team
Comment 4•3 years ago
|
||
The bug assignee didn't login in Bugzilla in the last 7 months.
:decoder, could you have a look please?
For more information, please visit auto_nag documentation.
Assignee: chofmann → nobody
Flags: needinfo?(choller)
Updated•3 years ago
|
Summary: Bugs found by Paul's "Canvas API Fuzzer" → [meta] Bugs found by Paul's "Canvas API Fuzzer"
Updated•3 years ago
|
Status: NEW → RESOLVED
Closed: 3 years ago
Flags: needinfo?(choller)
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•