Software QA FYI - SQAFYI

Fuzz Testing for Dummies

By: Michael Orland

Fuzz Testing
Providing unexpected, invalid, or random data to an application with the intention of triggering a bug
• Unexpected behavior
• Crashes
— Buffer overflows
— Integer overflows
— Memory corruption
— Format string bugs

Fuzzing Methods
Smart (generational) fuzzing
• Requires in-depth knowledge of target and specialized tools —
Dranzer ActiveX fuzzer •
Results —
Less crash analysis required —
Less duplication of findings Dumb (mutational) fuzzing •
Requires no knowledge of target, existing tools •
Results —
More crash analysis required —
More duplication of finding

) Fuzzing
Charlie Miller’s “five lines of python” dumb fuzzer •
Found vulnerabilities in PDF readers and Office presentation software
math.ceil((float(len(buf)) /FuzzFactor)))+1for j in range
=random.randrange(len(buf))buf[rn] = "%c"%(rbyte);

Framework Requirements
Features required for an effective fuzzing framework
Test case generation •
Application execution •
Anomaly detection •
Crash reporting

CERT Fuzzing Tools
: Smart ActiveX
File format
BFF: Basic Fuzzing Framework •
FOE: Failure Observation Engine •
Most effective against uncompressed binary formats

Full article...

Other Resource

... to read more articles, visit

Fuzz Testing for Dummies