Bug Hunting with Mercurial

In this article, we will take a look at a technique for bug hunting in Open Source projects by using version tracking information. In this particular case, we will look at Firefox and their Mercurial setup. By identifying patches that are connected to bugs with public reading turned off, we are able to identify specific fixes for potential security issues in a major web browser, often before releases are pushed. This is also an excellent way of coming up with Proof of Concept code for N-day bugs.

[Read More]