Inputs From Hell:

Soremekun, Ezekiel; Pavese, Esteban; Havrikov, Nikolas; Grunske, Lars; Zeller, Andreas

doi:10.1109/tse.2020.3013716

Cited by 16 publications

(8 citation statements)

References 64 publications

(63 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Black-box strategies. Recent advances in grammar-based fuzzing, such as systematically achieving grammar coverage [22] or learning and leveraging probability distributions [39] could easily be adopted for binary template fuzzing, too. Search-based fuzzing.…”

Section: Discussionmentioning

confidence: 99%

FormatFuzzer: Effective Fuzzing of Binary File Formats

Dutra¹,

Gopinath²,

Zeller³

2021

Preprint

Self Cite

View full text Add to dashboard Cite

Effective fuzzing of programs that process structured binary inputs, such as multimedia files, is a challenging task, since those programs expect a very specific input format. Existing fuzzers, however, are mostly formatagnostic, which makes them versatile, but also ineffective when a specific format is required.We present FormatFuzzer, a generator for format-specific fuzzers. FormatFuzzer takes as input a binary template (a format specification used by the 010 Editor) and compiles it into C++ code that acts as parser, mutator, and highly efficient generator of inputs conforming to the rules of the language.The resulting format-specific fuzzer can be used as a standalone producer or mutator in black-box settings, where no guidance from the program is available. In addition, by providing mutable decision seeds, it can be easily integrated with arbitrary format-agnostic fuzzers such as AFL to make them format-aware. In our evaluation on complex formats such as MP4 or ZIP, FormatFuzzer showed to be a highly effective producer of valid inputs that also detected previously unknown memory errors in ffmpeg and timidity.CCS Concepts: • Software and its engineering → Software testing and debugging; Translator writing systems and compiler generators; Parsers; Syntax.

show abstract

Section: Discussionmentioning

confidence: 99%

FormatFuzzer: Effective Fuzzing of Binary File Formats

Dutra¹,

Gopinath²,

Zeller³

2021

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…This technique is aimed at provoking erroneous program behavior. However, when working on a program that uses highly structured input data, just randomly generating inputs will result in only testing the input validation of the program under test (PUT) 13 . To overcome this limitation, grammar based fuzzers (e.g., Nautilus 14 , EvoGFuzz 15 , syntax machine 16 ) were developed, that make use of a grammar for the structured inputs.…”

Section: Grammar-based Fuzzingmentioning

confidence: 99%

“…Furthermore, researchers employed probabilistic grammars in order to target specific regions of the PUT. These probabilistic grammars may be used to generate files that execute specific branches while being evaluated 13 . Using this technique, the fuzzer is able to generate test inputs that are (by definition of the grammar) syntactically valid, but can also be aimed at specific areas of the PUT that are under-tested according to some metric.…”

Section: Grammar-based Fuzzingmentioning

confidence: 99%

Grammar-based Fuzzing of Data Integration Parsers in Computational Materials Science

Sparka

Müller

Kubáň

et al. 2023

Preprint

View full text Add to dashboard Cite

Context: Computational materials science (CMS) focuses on in silico experiments to compute the properties of known and novel materials, where many software packages are used in the community. The NOMAD Laboratory1 offers to store the input and output files in its FAIR data repository. Since the file formats of these software packages are non-standardized, parsers are used to provide the results in a normalized format. Objective: The main goal of this article is to report experience and findings of using grammar-based fuzzing on these parsers. Method: We have constructed an input grammar for four common software packages in the CMS domain and performed an experimental evaluation on the capabilities of grammar-based fuzzing to detect failures in the NOMAD parsers. Results: With our approach, we were able to identify three unique critical bugs concerning the service availability, as well as several additional syntactic, semantic, logical, and downstream bugs in the investigated NOMAD parsers. We reported all issues to the developer team prior to publication. Conclusion: Based on the experience gained, we can recommend grammar-based fuzzing also for other research software packages to improve the trust level in the correctness of the produced results.

show abstract

“…These probabilistic grammars may be used to generate files that execute specific branches while being evaluated. 13 Using this technique, the fuzzer is able to generate test inputs that are (by definition of the grammar) syntactically valid, but can also target specific areas of the PUT that are under-tested according to some metric. Therefore, (probabilistic) grammar-based fuzzing is a sub-form of white-box fuzzing, in which a model of the PUT is available to the fuzzer.…”

Section: Grammar-based Fuzzingmentioning

confidence: 99%

Grammar‐based fuzzing of data integration parsers in computational materials science

Müller,

Sparka,

Kuban

et al. 2023

Softw Pract Exp

Self Cite

View full text Add to dashboard Cite

ContextComputational materials science (CMS) focuses on in silico experiments to compute the properties of known and novel materials, where many software packages are used in the community. The NOMAD Laboratory (Draxl C, Scheffler) offers to store the input and output files in its FAIR data repository. Since the file formats of these software packages are non‐standardized, parsers are used to provide the results in a normalized format.ObjectiveThe main goal of this article is to report experience and findings of using grammar‐based fuzzing on these parsers.MethodWe have constructed an input grammar for four common software packages in the CMS domain and performed an experimental evaluation on the capabilities of grammar‐based fuzzing to detect failures in the Novel Materials Discovery (NOMAD) parsers.ResultsWith our approach, we were able to identify three unique critical bugs concerning service availability, as well as several additional syntactic, semantic, logical, and downstream bugs in the investigated NOMAD parsers. We reported all issues to the developer team prior to publication.ConclusionBased on the experience gained, we can recommend grammar‐based fuzzing also for other research software packages to improve the trust level in the correctness of the produced results.

show abstract

Inputs From Hell:

Cited by 16 publications

References 64 publications

FormatFuzzer: Effective Fuzzing of Binary File Formats

FormatFuzzer: Effective Fuzzing of Binary File Formats

Grammar-based Fuzzing of Data Integration Parsers in Computational Materials Science

Grammar‐based fuzzing of data integration parsers in computational materials science

Contact Info

Product

Resources

About