Fuzz testing is throwing randomly perturbed inputs at a given piece of software to see what breaks. I was entirely unaware of the state of the art of fuzz testing, though. afl-fuzz is a tool that watches the execution traces of its target while reacting to the input. It can synthesize a legal bash script from nothing, by watching how bash reacts to different byte sequences. (And it discovered that bash vulnerability that made everybody upgrade last month or so.)
To which I can only say: holy Toledo. I have seen the future.
It discovered CDATA sections in XML. Randomly. Against the expectations of its author, who says, "it's an example of the fuzzer defiantly and secretly working around one of its intentional and explicit design limitations". Evolution is weird. Almost magic.
It made a legal JPG from the seed string "Hello" - again, by noticing different execution paths taken in response to different bytes of input. Here are some test sets for graphics. Interesting stuff.
skip to main |
skip to sidebar
More information
Search This Blog
Blog Archive
Topics of interest
programming languages
(97)
NLP
(90)
Javascript
(78)
target applications
(78)
web design
(72)
machine learning
(62)
perl
(50)
open source target
(45)
Web frameworks
(38)
boilerplate
(38)
databases
(37)
programming practice
(36)
target domains
(35)
data journalism
(34)
AI
(33)
Decl
(33)
APIs
(31)
website components
(31)
graphics
(30)
data mining
(29)
patterns
(29)
music
(28)
data scraping
(27)
semantic programming
(27)
workflow
(26)
Email
(25)
games
(25)
php
(24)
sysadmin
(24)
big data
(23)
math
(23)
scaling
(21)
Python
(20)
Startup::Declarative
(20)
spam
(19)
system architecture
(19)
CSS
(18)
algorithms
(18)
parsing
(18)
best practices
(17)
Class::Declarative
(16)
Lisp
(16)
business processes
(16)
deployment
(16)
node.js
(16)
diagramming
(15)
HTML5
(14)
mapping
(14)
semantic web
(14)
code analysis
(13)
macro
(13)
software component database
(13)
text generation
(13)
genetic algorithms
(12)
text analysis
(12)
code generation
(11)
declarative
(11)
testing
(11)
pattern/macro/template system
(10)
programming
(10)
programming idioms
(10)
Flash
(9)
PDF::Declarative
(9)
Ruby
(9)
SQL
(9)
UI design
(9)
compilers
(9)
design
(9)
quant
(9)
dataflow
(8)
gamification
(8)
image processing
(8)
meta
(8)
telephony
(8)
template
(8)
visual programming
(8)
CPAN
(7)
NoSQL
(7)
Rails
(7)
Twilio
(7)
Wx::Declarative
(7)
comparable systems
(7)
error checking
(7)
language
(7)
parser
(7)
programming process
(7)
3D graphics
(6)
Android
(6)
CLI
(6)
Mail::Declarative
(6)
automation
(6)
code katas
(6)
components
(6)
interactive models
(6)
project management
(6)
state machines
(6)
Prolog
(5)
Unix
(5)
binary parsing
(5)
functional programming
(5)
graph databases
(5)
job sources
(5)
software maintenance
(5)
sproggler
(5)
structured text
(5)
C++
(4)
UML
(4)
UX
(4)
WWW::Declarative
(4)
WWW::Mechanize
(4)
data parsing
(4)
debugging
(4)
file
(4)
metaprogramming
(4)
pattern matching
(4)
research
(4)
tasks
(4)
Canvas
(3)
Color::Declarative
(3)
Hofstadter
(3)
Unicode
(3)
WWW::Publisher
(3)
Win32::Word::Declarative
(3)
actions
(3)
assembly language
(3)
checklists
(3)
code snippets
(3)
coffeescript
(3)
domain
(3)
finance
(3)
linear algebra
(3)
natural-language programming
(3)
refactoring
(3)
scheduling
(3)
semantic context
(3)
transaction patterns
(3)
FARG
(2)
Flex
(2)
GUI frameworks
(2)
Mechanical Turk
(2)
Padre
(2)
SDL
(2)
System::Declarative
(2)
agent
(2)
code quality
(2)
crowdsourcing
(2)
expression
(2)
lexicon
(2)
map-reduce
(2)
math manipulation
(2)
presentations
(2)
requirements
(2)
scripting
(2)
symbolic unit
(2)
syntax
(2)
system-level design
(2)
understanding systems
(2)
Angry Birds
(1)
AppEngine
(1)
CRM114
(1)
Depatenting
(1)
Despammed
(1)
HTML
(1)
HTML::Declarative
(1)
HTML::TreeBuilder
(1)
HTTP
(1)
Hookbox
(1)
OMeta
(1)
Octave
(1)
OpenMath
(1)
Parse::Indented
(1)
RDF
(1)
REPL
(1)
SMT
(1)
TeX
(1)
TermL
(1)
UTF-8
(1)
Windows 7 gadgets
(1)
Wx::DefinedUI
(1)
abstraction
(1)
aside
(1)
assertion
(1)
calculated field
(1)
challenges
(1)
closures
(1)
cognate tasks
(1)
concept
(1)
e-discovery
(1)
expectation
(1)
facial recognition
(1)
forensics
(1)
function descriptor
(1)
informal logic
(1)
intelligent content
(1)
interaction
(1)
layout
(1)
libraries
(1)
link dumps
(1)
magic variable
(1)
mode
(1)
openlogos
(1)
pattern source
(1)
philosophy
(1)
photo archive
(1)
poker
(1)
reasoning
(1)
rhetoric
(1)
self-description
(1)
state
(1)
text-to-speech
(1)
threads
(1)
unit
(1)
wxdtut
(1)
Alphabetically
- 3D graphics (6)
- abstraction (1)
- academic code (2)
- accounting (5)
- actions (3)
- aesthetics (1)
- agent (2)
- AI (33)
- algorithms (18)
- analytics (6)
- Android (6)
- Angry Birds (1)
- annotations (1)
- APIs (31)
- app builder (3)
- AppEngine (1)
- architectural patterns (8)
- Arduino (2)
- articles (5)
- aside (1)
- assembly language (3)
- assertion (1)
- autoassociative memories (1)
- automation (6)
- Bayes (8)
- behavior-driven design (1)
- best practices (17)
- big data (23)
- binary parsing (5)
- bioinformatics (2)
- blogging (3)
- boilerplate (38)
- browser automation (2)
- build systems (10)
- business plans (2)
- business processes (16)
- C (10)
- C++ (4)
- calculated field (1)
- Canvas (3)
- cartooning (3)
- cellular automata (1)
- challenges (1)
- checklists (3)
- Chrome extension (2)
- citation analysis (3)
- Class::Declarative (16)
- CLI (6)
- Clojure (2)
- closures (1)
- code analysis (13)
- code complexity (1)
- code generation (11)
- code katas (6)
- code quality (2)
- code semantics (3)
- code snippets (3)
- code understanding (30)
- coffeescript (3)
- cognate tasks (1)
- Color::Declarative (3)
- command line (4)
- comparable systems (7)
- Competitive programming (2)
- compilers (9)
- components (6)
- computer science (2)
- computer vision (1)
- concept (1)
- conditions (1)
- constraint programming (2)
- content (3)
- continuous integration (1)
- coroutines (1)
- CPAN (7)
- CPAN API survey (8)
- CRAN (1)
- CRM114 (1)
- crowdsourcing (2)
- crypto (3)
- CSS (18)
- D (2)
- data analysis (1)
- data handling (16)
- data journalism (34)
- data mining (29)
- data modeling (9)
- data parsing (4)
- data science (29)
- data scraping (27)
- data structures (6)
- Data Web (1)
- data-driven documents (9)
- Data::Repo (1)
- databases (37)
- dataflow (8)
- Datalog (2)
- debugging (4)
- decision table (1)
- decision tree (2)
- Decl (33)
- declarative (11)
- deep neural networks (2)
- Depatenting (1)
- deployment (16)
- design (9)
- desktop programming (1)
- Despammed (1)
- diagramming (15)
- disassembly (1)
- Django (6)
- document automation (3)
- document management (1)
- documentation (4)
- domain (3)
- Drupal (1)
- DSL (5)
- e-discovery (1)
- economics (2)
- econophysics (1)
- editors (25)
- education (1)
- electronics (1)
- Email (25)
- Enron corpus (1)
- error checking (7)
- event scheduling (1)
- evolution (2)
- Excel (9)
- exegesis (6)
- expectation (1)
- expression (2)
- facial recognition (1)
- FARG (2)
- file (4)
- file manager site (1)
- file systems (2)
- finance (3)
- FizzBuzz (1)
- Flash (9)
- Flex (2)
- flow-based programming (1)
- forensics (1)
- Forth (2)
- function descriptor (1)
- functional programming (5)
- fuzz testing (1)
- games (25)
- gamification (8)
- genetic algorithms (12)
- geometry (3)
- git (4)
- Go (1)
- GPU (1)
- graph databases (5)
- graphics (30)
- graphs (2)
- GUI frameworks (2)
- GUI scripter (1)
- Hadoop (3)
- Haskell (3)
- Heckle (5)
- history (1)
- Hofstadter (3)
- Hookbox (1)
- hosting (2)
- HTML (1)
- HTML::Declarative (1)
- HTML::TreeBuilder (1)
- HTML5 (14)
- HTTP (1)
- Hylaea (1)
- image processing (8)
- Image::Magick::Wand (3)
- industry news (3)
- informal logic (1)
- infrastructure (2)
- intelligent content (1)
- interaction (1)
- interactive models (6)
- Internet Explorer (1)
- J (1)
- Java (4)
- Javascript (78)
- job sources (5)
- journalism (1)
- jQuery (4)
- JSON (1)
- language (7)
- language-oriented programming (1)
- layout (1)
- learning support (6)
- lexicon (2)
- libraries (1)
- linear algebra (3)
- link dumps (1)
- Linux (1)
- Lisp (16)
- literate programming (13)
- logic (8)
- Lua (3)
- Lucene (1)
- machine learning (62)
- machinery (1)
- macro (13)
- magic variable (1)
- Mail::Declarative (6)
- malware (15)
- map-reduce (2)
- mapping (14)
- Markdown (6)
- Marpa (6)
- math (23)
- math manipulation (2)
- mechanical motion (1)
- Mechanical Turk (2)
- mental models (4)
- meta (8)
- metaprogramming (4)
- ML (7)
- mltut (6)
- mode (1)
- Mojolicious (2)
- Moose (1)
- music (28)
- natural-language programming (3)
- neural networks (7)
- news scraper (1)
- nginx (2)
- NLP (90)
- node.js (16)
- NoSQL (7)
- numeric (1)
- numerical methods (1)
- Objective-C (1)
- OCR (1)
- Octave (1)
- OMeta (1)
- ontology (2)
- open government (4)
- open science (1)
- open source target (45)
- openFrameworks (1)
- openlogos (1)
- OpenMath (1)
- operations research (1)
- packet analysis (1)
- Padre (2)
- Parse::Indented (1)
- parser (7)
- parsing (18)
- pattern matching (4)
- pattern source (1)
- pattern/macro/template system (10)
- patterns (29)
- PDF::Declarative (9)
- perl (50)
- perl 6 (2)
- philosophy (1)
- photo archive (1)
- php (24)
- physics (2)
- planning (1)
- Pokemon (1)
- poker (1)
- PostgreSQL (1)
- presentations (2)
- probabilistic programming (1)
- Processing (3)
- programming (10)
- programming examples (3)
- programming idioms (10)
- programming languages (97)
- programming practice (36)
- programming process (7)
- project management (6)
- Prolog (5)
- publishing (8)
- Python (20)
- quant (9)
- query languages (1)
- queues (2)
- R (6)
- Rails (7)
- RCX (1)
- RDF (1)
- reactive programming (8)
- reasoning (1)
- receipt indexer (1)
- refactoring (3)
- regex (4)
- relational programming (1)
- REPL (1)
- requirements (2)
- research (4)
- REST (4)
- reverse engineering (2)
- rhetoric (1)
- rich code (1)
- Ruby (9)
- Rust (1)
- SaaS (1)
- Scala (3)
- scaling (21)
- scheduling (3)
- Scheme (3)
- scripting (2)
- SDL (2)
- security (24)
- self-description (1)
- semantic context (3)
- semantic databases (2)
- semantic maps (2)
- semantic programming (27)
- semantic web (14)
- sentiment analysis (2)
- serialization (1)
- shell (2)
- signal processing (1)
- simulation (2)
- SIP (1)
- SMT (1)
- social network analysis (6)
- social platforms (2)
- software complexity (1)
- software component database (13)
- software maintenance (5)
- spam (19)
- speech recognition (1)
- sproggler (5)
- SQL (9)
- SQP (2)
- startup community (2)
- Startup::Declarative (20)
- state (1)
- state machines (6)
- static code analysis (3)
- static typing (1)
- statistics (8)
- strategy (1)
- structured text (5)
- SVG (2)
- symbolic math (1)
- symbolic unit (2)
- syntax (2)
- sysadmin (24)
- system architecture (19)
- system-level design (2)
- System::Declarative (2)
- systems programming (1)
- table-oriented programming (1)
- target applications (78)
- target domains (35)
- tasks (4)
- technology trends (1)
- telephony (8)
- template (8)
- TermL (1)
- testing (11)
- TeX (1)
- text analysis (12)
- text generation (13)
- text mining (2)
- text-to-speech (1)
- threads (1)
- to do (1)
- todo list manager (1)
- toolchain (2)
- toonchecker (1)
- topic maps (1)
- transaction patterns (3)
- translation organizer (2)
- tree languages (1)
- tree walking (2)
- tutorials (12)
- Twilio (7)
- Twitter (1)
- type systems (3)
- UI design (9)
- UML (4)
- understanding systems (2)
- Unicode (3)
- unit (1)
- Unix (5)
- UTF-8 (1)
- UX (4)
- video (4)
- visual programming (8)
- visualization (16)
- voice (3)
- VX (1)
- web crawlers (6)
- web design (72)
- Web frameworks (38)
- webapps (13)
- website components (31)
- Win32::COM (2)
- Win32::Word::Declarative (3)
- Windows (6)
- Windows 7 gadgets (1)
- Windows automation (4)
- Word (5)
- WordPress (3)
- workflow (26)
- writing about code (2)
- Wt (1)
- Wubuntu (1)
- WWW::Declarative (4)
- WWW::Mechanize (4)
- WWW::Publisher (3)
- Wx (1)
- Wx::Declarative (7)
- Wx::DefinedUI (1)
- wxdtut (1)
- XML (3)
No comments:
Post a Comment