Bug 217411

Summary: Integrate support for library and binary fuzzing
Product: Tools Reporter: Andrew G. Morgan (morgan)
Component: libcapAssignee: Tools/Libcap default virtual assignee (tools_libcap)
Status: NEW ---    
Severity: enhancement    
Priority: P3    
Hardware: All   
OS: Linux   
Kernel Version: Subsystem:
Regression: No Bisected commit-id:

Description Andrew G. Morgan 2023-05-06 21:09:22 UTC 
A recent audit was performed on libcap and friends by https://x41-dsec.de/ . (The audit was sponsored by the the Open Source Technology Improvement Fund (https://ostif.org/).

Addressing the findings is the subject of

   https://bugzilla.kernel.org/show_bug.cgi?id=217410

As part of the audit, the x41-dsec team developed a fuzzing code harness for the library and some of the binaries. The full details of which are included in text form in the PDF report. I'm filing this enhancement bug to track fully integrating this into the library and tools.

Since the findings from the audit did not include issues derived from the fuzzing, I plan to defer implementing this part until after I release libcap-2.69 (which will include fixes for issues found by the audit).