diff options
| author | 2022-03-16 01:03:02 +0000 | |
|---|---|---|
| committer | 2022-03-16 01:05:44 +0000 | |
| commit | 9711ad3d0e9792eb7073cc8525eaaefe49285b9c (patch) | |
| tree | fef24e9b39b89c7ceefa3dd6738a4ee21fa56af3 /libs/binder/Parcel.cpp | |
| parent | 8a2607c4aa1519e68f2e99529d6f5036a5b2c5dc (diff) | |
libbinder_random_parcel: driver writes iface token
It's really hard for the fuzzer to guess the interface token, so
rather than generating corpus or dictionaries for these for every
fuzzer, have the driver do this.
As a follow-up, we should have the driver keep track of binder
objects which are returned inside of the reply Parcel and also
fuzz these objects as well as send them back into the service.
Bug: 224646709
Test: vibrator example fuzzer instantly hits code inside of the
vibrator service when fuzzing.
Change-Id: Idf1970439b87a01b44df1904605858c98a49e81a
Diffstat (limited to 'libs/binder/Parcel.cpp')
0 files changed, 0 insertions, 0 deletions