2020/01/30 @ webassembly-security.com
In this short blogpost, I will first introduce jsfuzz, a coverage-guided fuzzer for javascript/nodejs packages. Then, I’ll discuss about the wasm binary parsing library I decided to target. Finally, I’ll explain how to create a jsfuzz target script and show the OOM/DoS crash I found.