Adding extensions list about jackalope HOT 2 CLOSED

As a general recommendation, I usually recommend fuzzing different file formats separately. The exception for this would be for very similar format where discovering coverage in one format can somehow help with discovering coverage in another.

There is a way to do this with current Jacaklope, but it requires multiple instances: You start one fuzzing instance as a server, and then you start a client instance for every extension that connects to the same server.

If you wanted to add something like this to Jackalope, the biggest question is where to put it. If you just put it when the fuzzer initializes, then the extension gets randomly selected once and the same extension is used for the entire session. But if you change the extension for every iteration that also doesn't work well because e.g. Jackalope might try to e.g. verify coverage of a sample and, if the extension changes, so could the coverage. So the best place would probably be in or around Fuzzer::FuzzJob and store the current extension somewhere in ThreadContext, which means each thread could have a different extension and the same extension would be used for 1000 iterations or so (depending on the mutator settings). You would also need to kill the target process whenever the extension changes, otherwise the target and the fuzzer could end up with a different filename. And you'd also need to update the target arguments in ThreadContext whenever the extension changes, in addition to updating the filename used by FileSampleDelivery.

Otherwise, a couple of comments on the code itself:

• I wouldn't read the extension list from file but rather from command line, e.g. -file_extension_list png,gif,jpg
• There's no need to read both extension index and value, just the value is sufficient.

from jackalope.

Hi Ivan, make perfect sense. Thanks for your insight.!
I'm closing it

from jackalope.