Date: Tue, 19 Aug 1997 21:40:08 +0930 (CST) From: Kristian Kennaway <kkennawa@physics.adelaide.edu.au> To: freebsd-questions@freebsd.org (FreeBSD Questions) Subject: 'Fuzz testing' as method of debugging Message-ID: <9708191210.AA00353@bragg>
next in thread | raw e-mail | index | archive | help
Has anyone turned an eye towards conducting a systematic 'Fuzz test' of some of the various FreeBSD utilities, as outlined in the paper at http://www.cs.wisc.edu/~bart/fuzz/fuzz.html ? Basically, this method involves feeding the utility a stream of randomly-generated data, and trying to get it to crash - according to the authors, it may be a simple way to track down otherwise elusive buffer overrun or memory mismanagement bugs in the code. According to the results of the study, which was conducted several years ago now, Linux performed significantly better (ie less utilities of those tested spontaneously crashing. as opposed to exiting with a graceful error message) than all of the commercial Unices they tested. It would be interesting to see how FreeBSD fared in this regard, if only from the point of view of curiosity. What do people think? Kris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9708191210.AA00353>