Unreliable VPN Code to Detect Bugs by Fuzzing.

I had an interesting idea today to find bugs in networking code.

Design a VPN that deliberately introduces network packet corruption.

One could introduce a tunable to corrupt a certain % of packets.

For example, you could bring up a MySQL master/slave on your ethernet network and then launch the VPN to transfer the replication binary log across the corrupted network link.

Then you could wait and find that MySQL will break in a few minutes.

Now you could implement a patch to hashcode and resend the binary log packets on error.

Then just launch the code on your corrupting VPN and verify that it works.

Could be a great way to find data corruption bugs in protocols that were originally designed to be resilient.

Ideally it would be able to build packets that can find collisions in TCP checksums. Either that or create a new packet with a new TCP checksum.

Using PPP and a network pipe could yield an easy proof of concept.

Update: I imagine a tool like this already exists as I haven’t tested. If that is the case then the only change I would think would be to introduce this tool into normal protocol testing.

When you have petabytes of data even a small data corruption can be dangerous because tracking it down can be exceedingly problematic.



%d bloggers like this: