Input Invariants
Abstract
To exhaustively test a program, we need inputs that the program does not reject. Such valid inputs must satisfy syntactic and semantic constraints of the input language. Grammar-based fuzzers efficiently produce syntactically valid system inputs but miss context-sensitive semantic constraints. Example semantic properties are length fields or checksums in binary inputs or definition-use constraints for variables in programming languages. We introduce ISLa [SZ22a], a declarative specification language for context-sensitive properties of structured system inputs. An ISLa specification, or input invariant, consists of a context-free grammar and a potentially context-sensitive ISLa constraint. Our ISLa fuzzer produces streams of inputs from invariants. We show that a few ISLa constraints suffice to generate diverse and 100% semantically valid inputs. Additionally, the fuzzer can repair and—preserving semantics—mutate inputs. Provided sample inputs, a program property, or both, our ISLearn prototype mines precise invariants. In follow-up work, we used ISLearn for diagnosing failures: “The heartbleed vulnerability is triggered if length exceeds the length of payload.”
- Citation
- BibTeX
Steinhöfel, D. & Zeller, A.,
(2023).
Input Invariants.
In:
Engels, G., Hebig, R. & Tichy, M.
(Hrsg.),
Software Engineering 2023.
Bonn:
Gesellschaft für Informatik e.V..
(S. 113-114).
@inproceedings{mci/Steinhöfel2023,
author = {Steinhöfel, Dominic AND Zeller, Andreas},
title = {Input Invariants},
booktitle = {Software Engineering 2023},
year = {2023},
editor = {Engels, Gregor AND Hebig, Regina AND Tichy, Matthias} ,
pages = { 113-114 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
author = {Steinhöfel, Dominic AND Zeller, Andreas},
title = {Input Invariants},
booktitle = {Software Engineering 2023},
year = {2023},
editor = {Engels, Gregor AND Hebig, Regina AND Tichy, Matthias} ,
pages = { 113-114 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
Dateien | Groesse | Format | Anzeige | |
---|---|---|---|---|
paper43.pdf | 224.5Kb | View/ |
Haben Sie fehlerhafte Angaben entdeckt? Sagen Sie uns Bescheid: Send Feedback
More Info
ISBN: 978-3-88579-726-5
ISSN: 1617-5468
xmlui.MetaDataDisplay.field.date: 2023
Language: (en)
Content Type: Text/Conference Paper