I’ve been fuzz-testing libopenmpt for a while now, and just for the sake of it I threw some of the test cases that crashed libopenmpt at Renoise as well - and lo and behold, some of them crash Renoise as well.
I’ve attached three IT files that make Renoise crash either when loading or playing the file. Please disregard the filenames, those are just indications of what went wrong in libopenmpt.
If you are interested, I have a test corpus of more than 50,000 files generated with American Fuzzy Lop. Many of those files won’t even load in Renoise because it doesn’t support those formats, but others will definitely load and maybe provoke further crashes. Maybe you can find a way to automatically feed all those files into Renoise for stress-testing it.
danoise, yes I did! Especially with the help of a fuzzing dictionary (containing the “magic numbers” of all supported module formats), American Fuzzy Lop managed to generate such perversions as MO3 files inside XPK (old Amiga compression format) containers and other stuff (without the dictionary, this would take much longer though, so compared to the blogpost you could consider it to be “cheating”, hehe). I also did not have any Unreal containers (UMX files) in my initial test cases, but with the help of the fuzzer dictionary, they turned up in the generated files very quickly. It also managed to generate an XM file once that I couldn’t send via email because the university firewall considered the file to match the signature of an old Winamp exploit from ten years ago… lol
