Software Open Access

FuzzFactory: Domain-Specific Fuzzing with Waypoints (Replication Package)

Padhye, Rohan; Lemieux, Caroline


DCAT Export

<?xml version='1.0' encoding='utf-8'?>
<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:adms="http://www.w3.org/ns/adms#" xmlns:cnt="http://www.w3.org/2011/content#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:dct="http://purl.org/dc/terms/" xmlns:dctype="http://purl.org/dc/dcmitype/" xmlns:dcat="http://www.w3.org/ns/dcat#" xmlns:duv="http://www.w3.org/ns/duv#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:frapo="http://purl.org/cerif/frapo/" xmlns:geo="http://www.w3.org/2003/01/geo/wgs84_pos#" xmlns:gsp="http://www.opengis.net/ont/geosparql#" xmlns:locn="http://www.w3.org/ns/locn#" xmlns:org="http://www.w3.org/ns/org#" xmlns:owl="http://www.w3.org/2002/07/owl#" xmlns:prov="http://www.w3.org/ns/prov#" xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#" xmlns:schema="http://schema.org/" xmlns:skos="http://www.w3.org/2004/02/skos/core#" xmlns:vcard="http://www.w3.org/2006/vcard/ns#" xmlns:wdrs="http://www.w3.org/2007/05/powder-s#">
  <rdf:Description rdf:about="https://doi.org/10.5281/zenodo.3364086">
    <rdf:type rdf:resource="http://www.w3.org/ns/dcat#Dataset"/>
    <dct:type rdf:resource="http://purl.org/dc/dcmitype/Software"/>
    <dct:identifier rdf:datatype="http://www.w3.org/2001/XMLSchema#anyURI">https://doi.org/10.5281/zenodo.3364086</dct:identifier>
    <foaf:page rdf:resource="https://doi.org/10.5281/zenodo.3364086"/>
    <dct:creator>
      <rdf:Description>
        <rdf:type rdf:resource="http://xmlns.com/foaf/0.1/Agent"/>
        <foaf:name>Padhye, Rohan</foaf:name>
        <foaf:givenName>Rohan</foaf:givenName>
        <foaf:familyName>Padhye</foaf:familyName>
        <org:memberOf>
          <foaf:Organization>
            <foaf:name>UC Berkeley</foaf:name>
          </foaf:Organization>
        </org:memberOf>
      </rdf:Description>
    </dct:creator>
    <dct:creator>
      <rdf:Description>
        <rdf:type rdf:resource="http://xmlns.com/foaf/0.1/Agent"/>
        <foaf:name>Lemieux, Caroline</foaf:name>
        <foaf:givenName>Caroline</foaf:givenName>
        <foaf:familyName>Lemieux</foaf:familyName>
        <org:memberOf>
          <foaf:Organization>
            <foaf:name>UC Berkeley</foaf:name>
          </foaf:Organization>
        </org:memberOf>
      </rdf:Description>
    </dct:creator>
    <dct:title>FuzzFactory: Domain-Specific Fuzzing with Waypoints (Replication Package)</dct:title>
    <dct:publisher>
      <foaf:Agent>
        <foaf:name>Zenodo</foaf:name>
      </foaf:Agent>
    </dct:publisher>
    <dct:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#gYear">2019</dct:issued>
    <dct:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2019-08-08</dct:issued>
    <owl:sameAs rdf:resource="https://zenodo.org/record/3364086"/>
    <adms:identifier>
      <adms:Identifier>
        <skos:notation rdf:datatype="http://www.w3.org/2001/XMLSchema#anyURI">https://zenodo.org/record/3364086</skos:notation>
      </adms:Identifier>
    </adms:identifier>
    <dct:isVersionOf rdf:resource="https://doi.org/10.5281/zenodo.3364085"/>
    <owl:versionInfo>1.0</owl:versionInfo>
    <dct:description>&lt;p&gt;This artifact accompanies the paper &amp;quot;FuzzFactory: Domain-Specific Fuzzing with Waypoints&amp;quot;, submitted to OOPSLA 2019.&lt;/p&gt; &lt;p&gt;&lt;strong&gt;Paper abstract&lt;/strong&gt;:&lt;/p&gt; &lt;p&gt;Coverage-guided fuzz testing has gained prominence as a highly effective method of finding security vulnerabilities such as buffer overflows in programs that parse binary data. Recently, researchers have introduced various specializations to the coverage-guided fuzzing algorithm for different domain-specific testing goals, such as finding performance bottlenecks, generating valid inputs, handling magic-byte comparisons, etc. Each such solution can require weeks of development effort and produces a distinct variant of a fuzzing tool. We observe that many of these domain-specific solutions follow a common solution pattern. In this paper, we present FuzzFactory, a framework for rapid prototyping of domain-specific fuzzing applications. FuzzFactory allows users to specify the collection of dynamic domain-specific feedback during test execution. FuzzFactory uses a domain-specific fuzzing algorithm that incorporates such custom feedback to selectively save intermediate inputs, called waypoints, to augment coverage-guided fuzzing. We use FuzzFactory to implement six domain-specific fuzzing applications: three re-implementations of prior work and three novel solutions, and evaluate their effectiveness on benchmarks from Google&amp;#39;s fuzzer test suite. We also show how domain-specific feedback can be composed to produce composite applications, which perform better than the sum of their parts. For example, we combine domain-specific feedback about strict equality comparisons and dynamic memory allocations, to enable the automatic generation of ZIP bombs and PNG bombs. We also discover a previously unknown memory leak in libarchive.&lt;/p&gt;</dct:description>
    <dct:accessRights rdf:resource="http://publications.europa.eu/resource/authority/access-right/PUBLIC"/>
    <dct:accessRights>
      <dct:RightsStatement rdf:about="info:eu-repo/semantics/openAccess">
        <rdfs:label>Open Access</rdfs:label>
      </dct:RightsStatement>
    </dct:accessRights>
    <dcat:distribution>
      <dcat:Distribution>
        <dct:rights>
          <dct:RightsStatement rdf:about="https://opensource.org/licenses/BSD-2-Clause">
            <rdfs:label>BSD 2-Clause "Simplified" License</rdfs:label>
          </dct:RightsStatement>
        </dct:rights>
        <dcat:accessURL rdf:resource="https://doi.org/10.5281/zenodo.3364086"/>
      </dcat:Distribution>
    </dcat:distribution>
  </rdf:Description>
</rdf:RDF>
157
61
views
downloads
All versions This version
Views 157158
Downloads 6161
Data volume 24.4 GB24.4 GB
Unique views 140141
Unique downloads 3535

Share

Cite as