Software Open Access

FuzzFactory: Domain-Specific Fuzzing with Waypoints (Replication Package)

Padhye, Rohan; Lemieux, Caroline


JSON Export

{
  "files": [
    {
      "links": {
        "self": "https://zenodo.org/api/files/0858d33b-ef0a-4db7-ab3b-057a5f8a0cf2/fuzzfactory-artifact.tar.gz"
      }, 
      "checksum": "md5:1923fb6008ef16d632e37caacef0f1de", 
      "bucket": "0858d33b-ef0a-4db7-ab3b-057a5f8a0cf2", 
      "key": "fuzzfactory-artifact.tar.gz", 
      "type": "gz", 
      "size": 1060295749
    }, 
    {
      "links": {
        "self": "https://zenodo.org/api/files/0858d33b-ef0a-4db7-ab3b-057a5f8a0cf2/LICENSE.txt"
      }, 
      "checksum": "md5:d257542ba026d1176360bb6e6fb68094", 
      "bucket": "0858d33b-ef0a-4db7-ab3b-057a5f8a0cf2", 
      "key": "LICENSE.txt", 
      "type": "txt", 
      "size": 2098
    }, 
    {
      "links": {
        "self": "https://zenodo.org/api/files/0858d33b-ef0a-4db7-ab3b-057a5f8a0cf2/README.txt"
      }, 
      "checksum": "md5:210dda6d1fd2ee6e1872f8e90ae326f1", 
      "bucket": "0858d33b-ef0a-4db7-ab3b-057a5f8a0cf2", 
      "key": "README.txt", 
      "type": "txt", 
      "size": 15712
    }
  ], 
  "owners": [
    74235
  ], 
  "doi": "10.5281/zenodo.3364086", 
  "stats": {
    "version_unique_downloads": 35.0, 
    "unique_views": 141.0, 
    "views": 158.0, 
    "version_views": 157.0, 
    "unique_downloads": 35.0, 
    "version_unique_views": 140.0, 
    "volume": 24387249529.0, 
    "version_downloads": 61.0, 
    "downloads": 61.0, 
    "version_volume": 24387249529.0
  }, 
  "links": {
    "doi": "https://doi.org/10.5281/zenodo.3364086", 
    "conceptdoi": "https://doi.org/10.5281/zenodo.3364085", 
    "bucket": "https://zenodo.org/api/files/0858d33b-ef0a-4db7-ab3b-057a5f8a0cf2", 
    "conceptbadge": "https://zenodo.org/badge/doi/10.5281/zenodo.3364085.svg", 
    "html": "https://zenodo.org/record/3364086", 
    "latest_html": "https://zenodo.org/record/3364086", 
    "badge": "https://zenodo.org/badge/doi/10.5281/zenodo.3364086.svg", 
    "latest": "https://zenodo.org/api/records/3364086"
  }, 
  "conceptdoi": "10.5281/zenodo.3364085", 
  "created": "2019-08-09T00:18:12.243597+00:00", 
  "updated": "2020-01-25T19:21:16.365488+00:00", 
  "conceptrecid": "3364085", 
  "revision": 5, 
  "id": 3364086, 
  "metadata": {
    "access_right_category": "success", 
    "doi": "10.5281/zenodo.3364086", 
    "description": "<p>This artifact accompanies the paper &quot;FuzzFactory: Domain-Specific Fuzzing with Waypoints&quot;, submitted to OOPSLA 2019.</p>\n\n<p><strong>Paper abstract</strong>:</p>\n\n<p>Coverage-guided fuzz testing has gained prominence as a highly effective method of finding security vulnerabilities such as buffer overflows in programs that parse binary data. Recently, researchers have introduced various specializations to the coverage-guided fuzzing algorithm for different domain-specific testing goals, such as finding performance bottlenecks, generating valid inputs, handling magic-byte comparisons, etc. Each such solution can require weeks of development effort and produces a distinct variant of a fuzzing tool. We observe that many of these domain-specific solutions follow a common solution pattern. In this paper, we present FuzzFactory, a framework for rapid prototyping of domain-specific fuzzing applications. FuzzFactory allows users to specify the collection of dynamic domain-specific feedback during test execution. FuzzFactory uses a domain-specific fuzzing algorithm that incorporates such custom feedback to selectively save intermediate inputs, called waypoints, to augment coverage-guided fuzzing. We use FuzzFactory to implement six domain-specific fuzzing applications: three re-implementations of prior work and three novel solutions, and evaluate their effectiveness on benchmarks from Google&#39;s fuzzer test suite. We also show how domain-specific feedback can be composed to produce composite applications, which perform better than the sum of their parts. For example, we combine domain-specific feedback about strict equality comparisons and dynamic memory allocations, to enable the automatic generation of ZIP bombs and PNG bombs. We also discover a previously unknown memory leak in libarchive.</p>", 
    "contributors": [
      {
        "affiliation": "UC Berkeley", 
        "type": "Other", 
        "name": "Sen, Koushik"
      }, 
      {
        "affiliation": "Samsung Research America", 
        "type": "Other", 
        "name": "Simon, Laurent"
      }, 
      {
        "affiliation": "Samsung Research America", 
        "type": "Other", 
        "name": "Vijayakumar, Hayawardh"
      }
    ], 
    "title": "FuzzFactory: Domain-Specific Fuzzing with Waypoints (Replication Package)", 
    "license": {
      "id": "BSD-2-Clause"
    }, 
    "relations": {
      "version": [
        {
          "count": 1, 
          "index": 0, 
          "parent": {
            "pid_type": "recid", 
            "pid_value": "3364085"
          }, 
          "is_last": true, 
          "last_child": {
            "pid_type": "recid", 
            "pid_value": "3364086"
          }
        }
      ]
    }, 
    "version": "1.0", 
    "publication_date": "2019-08-08", 
    "creators": [
      {
        "affiliation": "UC Berkeley", 
        "name": "Padhye, Rohan"
      }, 
      {
        "affiliation": "UC Berkeley", 
        "name": "Lemieux, Caroline"
      }
    ], 
    "access_right": "open", 
    "resource_type": {
      "type": "software", 
      "title": "Software"
    }, 
    "related_identifiers": [
      {
        "scheme": "doi", 
        "identifier": "10.5281/zenodo.3364085", 
        "relation": "isVersionOf"
      }
    ]
  }
}
157
61
views
downloads
All versions This version
Views 157158
Downloads 6161
Data volume 24.4 GB24.4 GB
Unique views 140141
Unique downloads 3535

Share

Cite as