Re: [fuzzing] Coverage and a recent paper by L. Suto

["Lance M. Havok" <lmh () info-pull com>]

On 10/27/07, Nicolas RUFF <nruff () security-labs org> wrote:
> > Using the following perl script two buffer overflows are detected:
> > cat vuln.c | perl -ne '/rnd\[i\]/ and print "Buffer overflow!\n"'
> > This post does have a point. Discuss among yourselves.
>
> Is this vendor bashing, maybe ? ;)

It sounds more like the KKK employing some academic geniuses [1].
Information visualization is cool these days. It's like syntax
coloring back in 1970 with gray scale palettes. In 10 years, there
will be no need to pay for anyone to read code and then write bullshit
about it. Therefore, the population employed in farms and related
facilities will skyrocket. Unless they find another ground breaking
technology to make the wheel roll. Or maybe we start using genetically
enhanced elephants as work force. I love punctuation today, too.

[1]: http://info-pull.com/code/fortify_crazy-evil.jpg

I managed to get an exclusive reseller license for fgrep, if someone
wants to hook up some serious business for this static code analysis
tool, I'll be more than happy to outline a flawless business plan.
"Fgrep: string match your ego and beyond". Only PHP and objdump output
supported at the moment.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave