A sample format protection method and device for gray-box fuzz testing
A technology of fuzz testing and formatting, which is applied in computer security devices, software testing/debugging, error detection/correction, etc., and can solve problems such as low efficiency of fuzz testing
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Embodiment 1
[0060] refer to figure 1 , which shows a schematic flow chart of a sample format protection method for gray box fuzz testing provided by an embodiment of the present invention. In this embodiment, the method includes:
[0061] S101: Obtain test corpus from the corpus;
[0062] In this embodiment, the corpus contains a plurality of corpora. When fuzz testing needs to be performed, it is necessary to select the test samples required for fuzz testing from the corpus. In order to improve the efficiency of fuzz testing, it is possible to ensure that the selected test samples are in the correct format The test corpus, and the test corpus can cover all the EDGE of the preset program. The specific selection method will be introduced in detail below, and will not be repeated here.
[0063] It should be noted that the program is randomly inserted into blocks, the program is divided into blocks of different sizes, and the jump of the program between blocks is called EDGE.
[0064] S102...
Embodiment 2
[0117] refer to figure 2 , which shows a flow chart of a process for obtaining test corpus from a corpus provided by an embodiment of the present invention. In this embodiment, the method includes:
[0118] S201: Create a temporary work set;
[0119] In this embodiment, after the steps S201-S206 are executed, the test corpus stored in the temporary working set completely covers all EDGE of the program. After creating a temporary working set, the initial temporary working set is an empty set.
[0120] S202: Randomly select a target EDGE from the EDGEs of the program, where the target EDGE is the EDGE of the program not covered by the test corpus in the temporary working set;
[0121] In this embodiment, in order to ensure that the corpus stored in the temporary working set can completely cover all EDGEs of the program, the target EDGE selected each time is the EDGE not covered by the test corpus in the temporary working set.
[0122] S203: Select the corpus with the least c...
Embodiment 3
[0130] refer to image 3 , which shows a schematic flowchart of a method for mutating the test corpus provided by an embodiment of the present invention. In this embodiment, the method includes:
[0131] S301: Read the variation position of the test corpus;
[0132] S302: Determine whether the mutated position is included in the preset position set;
[0133] S303: If the preset position set includes the mutated position, prevent the current mutated position from being mutated.
[0134] In this embodiment, in the process of mutating the corpus, the corresponding position of the initial corpus will be mutated according to the variation method. If the test corpus obtained after a certain position is mutated is a wrongly formatted corpus, it means that the position is not correct. Mutation should be carried out. In order to ensure the correctness of the mutation process, that is, to ensure the correctness of the format of the test corpus obtained after the mutation, when it is d...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com