Input Invariants
| dc.contributor.author | Steinhöfel, Dominic | |
| dc.contributor.author | Zeller, Andreas | |
| dc.contributor.editor | Engels, Gregor | |
| dc.contributor.editor | Hebig, Regina | |
| dc.contributor.editor | Tichy, Matthias | |
| dc.date.accessioned | 2023-01-18T13:38:50Z | |
| dc.date.available | 2023-01-18T13:38:50Z | |
| dc.date.issued | 2023 | |
| dc.description.abstract | To exhaustively test a program, we need inputs that the program does not reject. Such valid inputs must satisfy syntactic and semantic constraints of the input language. Grammar-based fuzzers efficiently produce syntactically valid system inputs but miss context-sensitive semantic constraints. Example semantic properties are length fields or checksums in binary inputs or definition-use constraints for variables in programming languages. We introduce ISLa [SZ22a], a declarative specification language for context-sensitive properties of structured system inputs. An ISLa specification, or input invariant, consists of a context-free grammar and a potentially context-sensitive ISLa constraint. Our ISLa fuzzer produces streams of inputs from invariants. We show that a few ISLa constraints suffice to generate diverse and 100% semantically valid inputs. Additionally, the fuzzer can repair and—preserving semantics—mutate inputs. Provided sample inputs, a program property, or both, our ISLearn prototype mines precise invariants. In follow-up work, we used ISLearn for diagnosing failures: “The heartbleed vulnerability is triggered if length exceeds the length of payload.” | en |
| dc.identifier.isbn | 978-3-88579-726-5 | |
| dc.identifier.pissn | 1617-5468 | |
| dc.identifier.uri | https://dl.gi.de/handle/20.500.12116/40110 | |
| dc.language.iso | en | |
| dc.publisher | Gesellschaft für Informatik e.V. | |
| dc.relation.ispartof | Software Engineering 2023 | |
| dc.relation.ispartofseries | Lecture Notes in Informatics (LNI) - Proceedings, Volume P-332 | |
| dc.subject | fuzzing | |
| dc.subject | specification language | |
| dc.subject | grammars | |
| dc.subject | constraint mining | |
| dc.title | Input Invariants | en |
| dc.type | Text/Conference Paper | |
| gi.citation.endPage | 114 | |
| gi.citation.publisherPlace | Bonn | |
| gi.citation.startPage | 113 | |
| gi.conference.date | 20.–24. Februar 2023 | |
| gi.conference.location | Paderborn | |
| gi.conference.sessiontitle | Wissenschaftliches Hauptprogramm |
Dateien
Originalbündel
1 - 1 von 1