Tain't not enough to fuzz all the memory errors presented at grehack 2013

by Herbert Bos,

Summary : In this talk, I will discuss the past, present, and future of memory errors, and some of the projects in my group that build on information flow tracking (sometimes referred to as taint analysis) to detect and stop memory corruption attacks, These projects include plain old tainting solutions like Argos and Minemu, as well as more elaborate defenses like BinArmor. Finally, I will discuss new work in my group on fuzzing for buffer overflows (sec13-paper_haller.pdf) which combines taint analysis with symbolic execution and some cool heuristics to track down those pesky overflows in real programs."