Platform Security Fuzzing Team

The Platform Security Fuzzing team does fuzz testing on the Mozilla Platform, including JavaScript. Fuzz testing involves throwing random data at a program until something goes wrong, causing faults which are often security related.

Usually we're most interested in exploitable crashes, but we also hit plenty of non-exploitable crashes and assertion failures, with occasional hangs, bugs where Firefox becomes less responsive, bugs where Firefox stops painting, and bugs where firefox.exe doesn't exit when you close the last window (on platforms where it's supposed to). If you run under something like Valgrind, you can also find subtle memory-corruption bugs and certain kinds of memory leaks.

Members

The Platform Security Fuzzing Team is composed of:

• Gary Kwong
• Jesse Ruderman
• Christian Holler
• Christoph Diehl
• Raymond Forbes
• Al Billings (management overhead)

You can contact the team through fuzzing@mozilla.com.