(2019) Parser-Directed Fuzzing.
|
Text
pldi19main-p767-p-33025aa-40085-submitted.pdf Download (715kB) | Preview |
Abstract
To be effective, software test generation needs to well cover the space of possible inputs. Traditional fuzzing generates large numbers of random inputs, which however are unlikely to contain keywords and other specific inputs of non-trivial input languages. Constraint-based test generation solves conditions of paths leading to uncovered code, but fails on programs with complex input conditions because of path explosion. In this paper, we present a test generation technique specifically directed at input parsers. We systematically produce inputs for the parser and track comparisons made; after every rejection, we satisfy the comparisons leading to rejection. This approach effectively covers the input space: Evaluated on five subjects, from CSV files to JavaScript, our pFuzzer prototype covers more tokens than both random-based and constraint-based approaches, while requiring no symbolic analysis and far fewer tests than random fuzzers.
| Item Type: | Conference or Workshop Item (A Paper) (Paper) |
|---|---|
| Uncontrolled Keywords: | fuzzing, test generation, parsers, security |
| Divisions: | Andreas Zeller (Software Engineering, ST) |
| Conference: | PLDI ACM-SIGPLAN Conference on Programming Language Design and Implementation |
| Depositing User: | Björn Mathis |
| Date Deposited: | 18 Apr 2019 10:42 |
| Last Modified: | 18 Jul 2019 12:11 |
| Primary Research Area: | NRA4: Secure Mobile and Autonomous Systems |
| URI: | https://publications.cispa.saarland/id/eprint/2823 |
Actions
Actions (login required)
 |
View Item |