freenode/lisp - IRC Chatlog
Search
0:07:32
AeroNotix
The hangs are pretty much why I stopped working on it so much. I think the hangs are due to the link hints.
3:50:42
gigamonkey
So is there some clever way between SLIME and Emacs to automatically get Emacs's font-locking to colorize uses of macros that are the moral equivalent of DEFUN similar to DEFUN?
4:00:39
Bike
looks like you need to set the 'common-lisp-indent-function' property of the thing to 'defun'. no idea what that means but it sounds possible
7:59:10
beach
So I think I understand why it is tempting to parse lambda lists using some ad-hoc code rather than some existing parsing technique. Existing parsing techniques assume a linear sequence of tokens, but lambda lists can be nested, and no existing parsing technique can handle that.
7:59:56
beach
But ad-hoc code won't do for Cleavir, because I need for the client Common Lisp system to be able to customize the lambda-list parsers.
8:00:35
beach
So I need to adapt some existing technique to make it able to handle nested lambda lists. That should be fun.
8:27:48
shrdlu68_
"Remember that you can use e.g. tcpflow to record TCP traffic to files, which can then be used as samples for radamsa."
8:30:14
shrdlu68_
It's trivial to make cl-tls dump ssl packets to a file. But then when radamsa tries to fuzz cl-tls live (or any other ssl implementation), it can only go so far because it is not ssl-capable.
8:32:51
shrdlu68
But it would be very useful for fuzzing some parts of cl-tls, like the x509 decoder and the ASN.1 decoder.
9:29:34
pjb
shrdlu68: there are other fuzzers that take into account the paths taken by the program (they have to instrument it), to explore and find the right input to exercise all the paths.
9:58:19
pjb
Now, of course, http://lcamtuf.coredump.cx/afl/ instruments C code. Perhaps it could be adapted to instrument CL code (using something like eg. cl-stepper).
11:24:21
p_l
pjb: there's a story (legend or truth, who knows) that some intern at Google melted a rack while fuzzing libpng...
11:26:15
p_l
sounds like common problem whenever someone touches x509 (and that includes big commercial players)
11:27:37
p_l
I do as well, but ASN.1 shows in so many places that having a single, good implementation that is portable it would be great
11:28:18
p_l
shrdlu68: I often find myself thinking that OSI protocol stack etc. was probably better for *today* even if it was too heavy in the past
11:28:48
shrdlu68
p_l: I'll put cl-tls on github i the next hour or so. The ASN.1 code so far is mostly a prototype, but I'd like your opinion on it.
11:29:38
shrdlu68
It's not as comprehensive as I'd like at this point, but that's something I'll work on.
11:31:21
shrdlu68
I noticed the work I was doing was something that could be automatable. Mostly iterating over an octet vector while ensuring types match, lengths are okay, etc.
11:31:26
p_l
shrdlu68: there's a lot of that done already in cl-snmp, but ideally it would be a separate library/toolkit