Fuzzing Ladybird with tools from Google Project Zero

While Ladybird does an okay job with well-formed web content, I thought it would be useful to throw some security research tools at it and see what kind of issues it might reveal. So today we’ll be using “Domato”, a DOM fuzzer from Google Project Zero, to stress test Ladybird and fix some issues found along the way.

The way this works is that Domato generates randomized web pages with lots of mostly-valid but strange HTML, CSS and JavaScript. I then load these pages into a debug build of Ladybird and observe what happens.

Andreas Kling

I have high hopes for Ladybird.

One Response

  1. 2024-03-18 7:31 pm