A directed greybox fuzzing tool for continuous integration

Wenwei Lan; Jiaming Zhang; Huiwen Yang; Zhanqi Cui

SoftwareX (Sep 2024)

A directed greybox fuzzing tool for continuous integration

Wenwei Lan,
Jiaming Zhang,
Huiwen Yang,
Zhanqi Cui

Affiliations

Wenwei Lan: School of Computer Science, Beijing Information Science and Technology University, Beijing, China; Key Laboratory of Safety-Critical Software (Nanjing University of Aeronautics and Astronautics) Ministry of Industry and Information, Nanjing, China
Jiaming Zhang: School of Computer and Communication Engineering, University of Science and Technology Beijing, Beijing, China
Huiwen Yang: College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing, China
Zhanqi Cui: School of Computer Science, Beijing Information Science and Technology University, Beijing, China; Key Laboratory of Safety-Critical Software (Nanjing University of Aeronautics and Astronautics) Ministry of Industry and Information, Nanjing, China; Corresponding author at: School of Computer Science, Beijing Information Science and Technology University, Beijing, China.

Journal volume & issue: Vol. 27
p. 101824

Abstract

Read online

Changes are occurred frequently during continuous integration. Existing testing methods often suffer from weak specificity or insufficiency when applied to continuous integration. To solve this problem, we implement a fuzzing tool called CIDFuzz for continuous integration. First, difference analysis is performed to locate the change points, and the distances between basic blocks and the change points are calculated. Then, the distances are instrumented into the program under test. During fuzz testing, testing resources are allocated according to the coverage of seeds to test the change points effectively.

Published in SoftwareX

ISSN: 2352-7110 (Online)
Publisher: Elsevier
Country of publisher: Netherlands
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science: Computer software
Website: http://www.journals.elsevier.com/softwarex/

About the journal

Abstract

Keywords