[fuzzing] PROTOS Genome Test Suite c10-archive

[Heikki Kortti]

Hullo everyone, 

in case anyone is looking for a diversion from the admittedly
fascinating certification discussion, this might provide some food for
thought:

<URL:http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/>

Abstract:

"Archive formats are used to serialise a set of files and directories
into a single byte stream, usually applying a form of compression in
the process. The archive files can then be stored or transmitted on
various media conveniently and economically, and later extracted. The
use of archiving formats is ubiquitous in transmitting files over
email and in distribution of software, among other areas. The present
set of archive formats were chosen as the subject protocols for
vulnerability assessment through structure inference directed fuzzing
and test suite creation. A list of frequently observed archiving
formats was drawn up. Test material was prepared and tests were
carried out against a sample set of existing anti-virus
programs. Results were gathered. Most of the implementations available
for evaluation failed to perform in a robust manner under test. Some
failures had information security implications, and should be
considered as vulnerabilities. In order to achieve a robustness
baseline for archival products, this test material should be adopted
for their evaluation and development. Anti-virus and other security
products employing archive formats should be considered the most
important subjects in this respect."

Disclaimer: I did not have anything to do with this, all kudos goes to
the fine folks at OUSPG.

-- 
Heikki / Codenomicon