Linux Symposium

Trinity: A system call fuzzer

Dave Jones

This talk will cover a project I've been working on for most of the last year. After noticing security holes appearing within a month of almost every time the Linux kernel introduced a new system call, I decided to do something more proactive about it, and write a tool that would help find problems while they were still in the development phase.

System call fuzzing isn't a new idea. Many of the ideas employed in trinity aren't new either in the world of fuzzing, but some interesting things came out of the development of the tool which may be of use for future QA tools and processes.

Policies   |   Media Archives