Show simple item record

dc.contributor.authorSteinhöfel, Dominic
dc.contributor.authorZeller, Andreas
dc.contributor.editorEngels, Gregor
dc.contributor.editorHebig, Regina
dc.contributor.editorTichy, Matthias
dc.date.accessioned2023-01-18T13:38:50Z
dc.date.available2023-01-18T13:38:50Z
dc.date.issued2023
dc.identifier.isbn978-3-88579-726-5
dc.identifier.issn1617-5468
dc.identifier.urihttp://dl.gi.de/handle/20.500.12116/40110
dc.description.abstractTo exhaustively test a program, we need inputs that the program does not reject. Such valid inputs must satisfy syntactic and semantic constraints of the input language. Grammar-based fuzzers efficiently produce syntactically valid system inputs but miss context-sensitive semantic constraints. Example semantic properties are length fields or checksums in binary inputs or definition-use constraints for variables in programming languages. We introduce ISLa [SZ22a], a declarative specification language for context-sensitive properties of structured system inputs. An ISLa specification, or input invariant, consists of a context-free grammar and a potentially context-sensitive ISLa constraint. Our ISLa fuzzer produces streams of inputs from invariants. We show that a few ISLa constraints suffice to generate diverse and 100% semantically valid inputs. Additionally, the fuzzer can repair and—preserving semantics—mutate inputs. Provided sample inputs, a program property, or both, our ISLearn prototype mines precise invariants. In follow-up work, we used ISLearn for diagnosing failures: “The heartbleed vulnerability is triggered if length exceeds the length of payload.”en
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofSoftware Engineering 2023
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-332
dc.subjectfuzzing
dc.subjectspecification language
dc.subjectgrammars
dc.subjectconstraint mining
dc.titleInput Invariantsen
dc.typeText/Conference Paper
dc.pubPlaceBonn
mci.reference.pages113-114
mci.conference.sessiontitleWissenschaftliches Hauptprogramm
mci.conference.locationPaderborn
mci.conference.date20.–24. Februar 2023


Files in this item

Thumbnail

Show simple item record