Fuzz testing techniques are becoming pervasive for their ever-improving ability to generate crashing trial cases for programs. Memory safety violations however can lead to silent corruptions and errors, and a fuzzer may recognize them only in the presence of sanitization machinery. For closed-source software combining sanitization with fuzzing incurs practical obstacles that we try to tackle with an architecture-independent proposal called QASan for detecting heap memory violations. In our tests QASan is competitive with standalone sanitizers and adds a moderate 1.61x average slowdown to the AFL++ fuzzer while enabling it to reveal more heap-related bugs.
Fuzzing Binaries for Memory Safety Errors with QASan / Fioraldi, A.; Delia, D. C.; Querzoni, L.. - (2020), pp. 23-30. (Intervento presentato al convegno 2020 IEEE Secure Development, SecDev 2020 tenutosi a USA; Virtual, Atlanta) [10.1109/SecDev45635.2020.00019].
Fuzzing Binaries for Memory Safety Errors with QASan
Fioraldi A.;Delia D. C.
;Querzoni L.
2020
Abstract
Fuzz testing techniques are becoming pervasive for their ever-improving ability to generate crashing trial cases for programs. Memory safety violations however can lead to silent corruptions and errors, and a fuzzer may recognize them only in the presence of sanitization machinery. For closed-source software combining sanitization with fuzzing incurs practical obstacles that we try to tackle with an architecture-independent proposal called QASan for detecting heap memory violations. In our tests QASan is competitive with standalone sanitizers and adds a moderate 1.61x average slowdown to the AFL++ fuzzer while enabling it to reveal more heap-related bugs.File | Dimensione | Formato | |
---|---|---|---|
Fioraldi_Fuzzing_2020.pdf
solo gestori archivio
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
397.62 kB
Formato
Adobe PDF
|
397.62 kB | Adobe PDF | Contatta l'autore |
Fioraldi_preprint_Fuzzing_2020.pdf
accesso aperto
Note: DOI: 10.1109/SecDev45635.2020.00019
Tipologia:
Documento in Pre-print (manoscritto inviato all'editore, precedente alla peer review)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
393.57 kB
Formato
Adobe PDF
|
393.57 kB | Adobe PDF |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.