everyone should test their code this way

Low Level Learning
Low Level Learning
79,755
0
Published 2023-10-15
Did you know you can just SCREAM at your code to find bugs? Yeah seriously it's that easy. In this video we'll talk about libfuzzer, which is a simple to use tool to write code that finds bugs in your code. In this video we write some code, find a bug, and patch it.

đŸ« COURSES đŸ« Learn to code in C at lowlevel.academy/
📰 NEWSLETTER 📰 Sign up for our newsletter at mailchi.mp/lowlevel/the-low-down

🙌 SUPPORT THE CHANNEL 🙌 Become a Low Level Associate and support the channel at youtube.com/c/LowLevelLearning/join

Why Are Switch Statements so FAST?    ‱ why are switch statements so HECKIN f...  
Why Do Header Files Exist?    ‱ why do header files even exist?  
How Does Return Work?    ‱ do you know how "return" works under ...  

đŸ”„đŸ”„đŸ”„ SOCIALS đŸ”„đŸ”„đŸ”„
Low Level Merch!: lowlevel.store/
Follow me on Twitter: twitter.com/lowleveltweets
Follow me on Twitch: twitch.tv/lowlevellearning
Join me on Discord!: discord.gg/gZhRXDdBYY
All Comments (21)
  • @Dev-Siri
    I already yell around 5-10 times a day at my computer
  • @matthias916
    "like literally yelling at the code" proceeds not to yell at the code
  • @mu11668B
    Just for fun though, there's a footgun hidden in the example code, too. As the recv buffer has a hardcoded length limit of 1024 bytes, directly casting the input buffer into a struct that contains a user-controlled length field is not really a good idea. If somehow the codebase got updated in a certain way and the memcpy destination was a heap allocation, it may lead to information leak. E.g. ask the server to echo a 65535-byte data chunk from a 1024-byte input.
  • @millax-ev6yz
    Why is fuzzing better than boundary tests?...after watching I withdraw my question.
  • @trexake
    Use -fsanitize=fuzzer,address and you should be able to find another bug in the parse code. If the input is less than the size of the struct you would read outside the memory. Does not always cause crash without address sanitizer. However not a bug in the program due to the receiving buffer size.
  • @piotrkaminski3443
    I love this type of videos where you show a useful tool and an example using this tool, and what's even cooler is the fact that using it you were able to detect a bug that wasn't intentional
  • @holmybeer
    It would be really funny if he said "there's no more bugs in this code" and libfuzzer just crashed.
  • @uuu12343
    Satisfied customer here, been doing this for the last 10 years 10/10 - my code has feared me ever since
  • @mc4ndr3
    I publish fuzzers. Applied to tech roles for nineteen months without success. Hiring teams are ass.
  • @mk72v2oq
    That's why I used to use unsigned everywhere by default, until negative values are explicitly required by design. And yes, using e.g. -1 magic value to represent things like a non-existent index is a bad design. Don't do it.
  • @LunarSoul255
    Ah, there's a name for it. I do this regularly the manual way in my own projects, though granted those are all smaller projects where my scope of potential issues is "is there some way a user can force invalid data down this thing's throat". Useful to know if I ever manage to get a real job, lol(being a dev without a college degree is the dark souls of job hunting, I swear)
  • @wecann.clinic
    Amazing brother, you have the gift of communicate complex concepts into simple terms. Thanks! Glad to find your channel! ;)
  • @markojojic6223
    Well, because I am so good at messing up function calls by using function pointers and structs/unions, I need no help. The code would yell either way nevertheless.
  • @darkrasen
    I didn't quite catch why 7:45 is an issue. Would anyone mind please clarifying?
  • @mp_rho
    why did i think we might actually be yelling at code?