Research on automatic generation of fuzz-target for software library functions

Research on automatic generation of fuzz-target for software library functions

연구 분야: Verification

학회: 2022 Ivannikov Ispras Open Conference (ISPRAS)

To avoid re-development, software libraries are widely used. However, the automated testing of software libraries remains challenging. This article focuses on the use of fuzzing technology and automatic code generation for testing software libraries. Since late of 2020, the instrument Futag [1] – Fuzz-targets automatic generator for software libraries – has been developed in Ivannikov Institute for system programming of Russian academy of science. The instrument gathers data on the building process, generates the fuzz-targets for library functions, and performs static analysis to find entity dependencies in library source code. As result, Futag has found bugs in software libraries such as libpng, tinyxml2, libpq-standalone, etc.