The JSON-parsing vulnerability fixed in steemd 0.20.9In my previous bug report on parsing in the Steem blockchain, a user asked if custom JSON was also vulnerable…Feb 18, 2019Feb 18, 2019
Reproducing a Memory-Tracking Bug with TLA+I was interested in a first project for getting familiar with TLA+, “a high-level language for modelling programs and systems.”Feb 18, 2019Feb 18, 2019
Fuzz-testing Ontology’s NeoVM Execution EngineTwo smart contract fragments were identified that cause panics in the NeoVM implementation in the Ontology blockchain code.Jan 8, 20192Jan 8, 20192
Improving Ripple Unit Test Coverage with FuzzingEven quality code with good test coverage can benefit from fuzz testing!Jan 2, 2019Jan 2, 2019
Fuzz-Testing the Snappy Compression AlgorithmUsing American Fuzzy Lop on the Snappy compression library found no new bugs, and reported only high memory usage related to preallocation…Dec 21, 2018Dec 21, 2018
A Memory Exhaustion Attack Against the Steem BlockchainUsing American Fuzzy Lop on a message parsing library contained in the Steem blockchain implementation found unexpectedly large memory…Dec 18, 2018Dec 18, 2018
Finding Bugs in the Steem Blockchain with Fuzz TestingUsing American Fuzzy Lop on the JSON parsing library contained in the Steem blockchain implementation found a latent bug.Dec 14, 2018Dec 14, 2018