Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Why couldn't the fuzzer be used to discover the bug in the popular browsers?


A bug in the spec doesn't necessarily mean there will be a noticeable bug in the browsers; e.g. a crash.

The browsers may have been written to "work" / not crash over adhering strictly to the spec.


https://github.com/google/clusterfuzz

At least Chromium has integrated multiple different fuzzers into their regular development workflow and found lots of bugs even before going public.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: