The Relevance of Classic Fuzz Testing: Have We Solved This One?
نویسندگان
چکیده
As fuzz testing has passed its 30th anniversary, and in the face of incredible progress techniques tools, question arises if classic, basic technique is still useful applicable? In that tradition, we have updated tools scripts applied them to a large collection Unix utilities on Linux, FreeBSD, MacOS. before, our failure criteria was whether program crashed or hung. We found 9 crash hang out 74 15 78 12 76 A total 24 different failed across three platforms. note these rates are somewhat higher than previous 1995, 2000, 2006 studies reliability command line utilities. debugged each utility categorized causes failures. Classic categories failures, such as pointer array errors not checking return codes, were broadly present current results. addition, couple new failures appearing. examples illustrate programming practices allowed happen. side note, tested limited number available modern language (Rust) be no better standard ones.
منابع مشابه
Why have we not solved the MSD problem?
Despite worldwide attention for more than four decades, musculoskeletal disorders (MSDs) remain a substantial concern at work and result in considerable personal and societal burden. This slow progress is not for want of trying. Prevention of MSDs has been emphasized in multiple jurisdictions. For example, in 2007 the European Agency for Safety and Health at Work organized a major campaign, “Li...
متن کاملCode Randomization: Haven't We Solved This Problem Yet?
Two decades since the idea of using software diversity for security was put forward, ASLR is the only technique to see widespread deployment. This is puzzling since academic security researchers have published scores of papers claiming to advance the state of the art in the area of code randomization. Unfortunately, these improved diversity techniques are generally less deployable than integrit...
متن کاملAutomated Whitebox Fuzz Testing
Fuzz testing is an effective technique for finding security vulnerabilities in software. Traditionally, fuzz testing tools apply random mutations to well-formed inputs and test the program on the resulting values. We present an alternative whitebox fuzz testing approach inspired by recent advances in symbolic execution and dynamic test generation. Our approach records an actual run of a program...
متن کاملWe should have seen this coming
The possibility of precognition has fascinated humanity since ancient times making it a recurring theme in fiction and mythology. It has also been a topic for scientific investigation. While the majority of such parapsychological studies have been ignored by the larger scientific community, several recent studies of purported precognitive phenomena were published by major international psycholo...
متن کاملsurveying the relevance of proportions to the content of quran verses
چکیده : قرآن چشمه سار زلال هدایتی است که از سوی خداوند حکیم نازل شده تا بشر را به سر منزل کمال برساند. و در این راستا از شیوه های گوناگون بیانی خطابی و بلاغی استفاده کرده تا با فطرت زیبا طلب انسان درآمیزد و اورا مقهور خویش ساخته، به سوی کمالات سوق دهد.ازجمله جنبه های بارز اعجاز بیانی قرآن وجود فواصل در پایان آیات است که کار برد سجع و قافیه در کلام بشر شبیه آن است. برخی ازعلمای سلف تفاوت هایی ب...
15 صفحه اولذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Transactions on Software Engineering
سال: 2022
ISSN: ['0098-5589', '1939-3520', '2326-3881']
DOI: https://doi.org/10.1109/tse.2020.3047766