Detalle del congreso
Autores: Gustavo Grieco; Martín Ceresa; Pablo Buiras.
Resumen: Fuzzing is a technique that involves testing programs using invalidor erroneous inputs. Most fuzzers require a set of valid inputs as astarting point, in which mutations are then introduced. QuickFuzzis a fuzzer that leverages QuickCheck-style random test-case gen-eration to automatically test programs that manipulate common fileformats by fuzzing. We rely on existing Haskell implementations offile-format-handling libraries found on Hackage, the community-driven Haskell code repository. We have tried QuickFuzz in thewild and found that the approach is effective in discovering vul-nerabilities in real-world implementations of browsers, image pro-cessing utilities and file compressors among others. In addition, weintroduce a mechanism to automatically derive random generatorsfor the types representing these formats. QuickFuzz handles mostwell-known image and media formats, and can be used to test pro-grams and libraries written in any language.
Tipo de reunión: Simposio.
Tipo de trabajo: Artículo Completo.
Producción: QuickFuzz: an automatic random fuzzer for common file formats.
Reunión científica: International Symposium on Haskell.
Lugar: Nara.
Publicado: Sí
Lugar publicación: New York, NY, USA
Mes de reunión: 9
Año: 2016.
Página web: aquí