QuickFuzz testing for fun and profit
Artikel i vetenskaplig tidskrift, 2017

Fuzzing is a popular technique to find flaws in programs using invalid or erroneous inputs but not without its drawbacks. At one hand, mutational fuzzers require a set of valid inputs as a starting point, in which modifications are then introduced. On the other hand, generational fuzzing allows to synthesize somehow valid inputs according to a specification. Unfortunately, this requires to have a deep knowledge of the file formats under test to write specifications of them to guide the test case generation process.

In this paper we introduce an extended and improved version of QuickFuzz, a tool written in Haskell designed for testing unexpected inputs of common file formats on third-party software, taking advantage of off-the-self well known fuzzers.

Unlike other generational fuzzers, QuickFuzz does not require to write specifications for the file formats in question since it relies on existing file-format-handling libraries available on the Haskell code repository. It supports almost 40 different complex file-types including images, documents, source code and digital certificates.

In particular, we found QuickFuzz useful enough to discover many previously unknown vulnerabilities on real-world implementations of web browsers and image processing libraries among others.

Haskell

QuickCheck

Testing

Fuzzing

Författare

Gustavo Grieco

CIFASIS-CONICET

Martín Ceresa

CIFASIS-CONICET

Claudio Agustin Mista

Informationssäkerhet

Pablo Buiras

Harvard University

Journal of Systems and Software

0164-1212 (ISSN)

Vol. 134 December 2017 340-354

Styrkeområden

Informations- och kommunikationsteknik

Ämneskategorier

Datorsystem

DOI

10.1016/j.jss.2017.09.018

Mer information

Senast uppdaterat

2023-11-17