skip to main content
10.1145/3359789.3359846acmotherconferencesArticle/Chapter ViewAbstractPublication PagesacsacConference Proceedingsconference-collections
research-article

FuzzBuilder: automated building greybox fuzzing environment for C/C++ library

Published: 09 December 2019 Publication History

Abstract

Fuzzing is an effective method to find bugs in software. Many security communities are interested in fuzzing as an automated approach to verify software security because most of the bugs discovered by fuzzing are related to security vulnerabilities. However, not all software can be tested by fuzzing because fuzzing requires a running environment, especially an executable. Notably, in the case of libraries, most of the libraries do not have a relevant executable in practice. Thus, state-of-the-art fuzzers have a limitation to test an arbitrary library. To overcome this problem, we propose FuzzBuilder to provide an automated fuzzing environment for libraries. FuzzBuilder generates an executable that calls library API functions to enable library fuzzing. Moreover, any executable generated by FuzzBuilder is compatible with existing fuzzers such as AFL. We evaluate the overall performance of FuzzBuilder by testing open source libraries. Consequently, we discovered unknown bugs in libraries while achieving high code coverage. We believe that FuzzBuilder helps security researchers to save both setup cost and learning cost for library fuzzing.

References

[1]
1997. expat. https://github.com/libexpat/libexpat
[2]
2003. c-ares. https://github.com/c-ares/c-ares
[3]
2008. Google Test. https://github.com/google/googletest
[4]
2008. yara. https://github.com/VirusTotal/yara
[5]
2009. cJSON. https://github.com/DaveGamble/cJSON
[6]
2012. JUnit Best Practices Guide. https://howtodoinjava.com/best-practices/unit-testing-best-practices-junit-reference-guide/
[7]
2013. mpc. https://github.com/orangeduck/mpc
[8]
2014. boringssl. https://github.com/google/boringssl
[9]
2016. lafintel. https://lafintel.wordpress.com/
[10]
2017. notes for asan. https://github.com/mirrorer/afl/blob/master/docs/notes_for_asan.txt
[11]
2019. clusterfuzz. https://github.com/google/clusterfuzz
[12]
Marcel Böhme, Van-Thuan Pham, Manh-Dung Nguyen, and Abhik Roychoudhury. 2017. Directed greybox fuzzing. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2329--2344.
[13]
Marcel Böhme, Van-Thuan Pham, and Abhik Roychoudhury. 2017. Coverage-based greybox fuzzing as markov chain. IEEE Transactions on Software Engineering (2017).
[14]
Peng Chen and Hao Chen. 2018. Angora: Efficient fuzzing by principled search. In 2018 IEEE Symposium on Security and Privacy (SP). IEEE, 711--725.
[15]
Jaeseung Choi, Joonun Jang, Choongwoo Han, and Sang Kil Cha. 2019. Greybox Concolic Testing on Binary Code. In International Conference on Software Engineering (ICSE).
[16]
Nicolas Coppik, Oliver Schwahn, and Neeraj Suri. 2019. MemFuzz: Using Memory Accesses to Guide Fuzzing. In 2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST). IEEE, 48--58.
[17]
Shuitao Gan, Chao Zhang, Xiaojun Qin, Xuwen Tu, Kang Li, Zhongyu Pei, and Zuoning Chen. 2018. CollAFL: Path sensitive fuzzing. In 2018 IEEE Symposium on Security and Privacy (SP). IEEE, 679--696.
[18]
HyungSeok Han and Sang Kil Cha. 2017. Imf: Inferred model-based fuzzer. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2345--2358.
[19]
Vivek Jain, Sanjay Rawat, Cristiano Giuffrida, and Herbert Bos. 2018. TIFF: Using Input Type Inference To Improve Fuzzing. In Proceedings of the 34th Annual Computer Security Applications Conference. ACM, 505--517.
[20]
George Klees, Andrew Ruef, Benji Cooper, Shiyi Wei, and Michael Hicks. 2018. Evaluating fuzz testing. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2123--2138.
[21]
Chris Lattner and Vikram Adve. 2004. LLVM: A compilation framework for lifelong program analysis & transformation. In Proceedings of the international symposium on Code generation and optimization: feedback-directed and runtime optimization. IEEE Computer Society, 75.
[22]
Yuekang Li, Bihuan Chen, Mahinthan Chandramohan, Shang-Wei Lin, Yang Liu, and Alwen Tiu. 2017. Steelix: program-state based binary fuzzing. In Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering. ACM, 627--637.
[23]
Hui Peng, Yan Shoshitaishvili, and Mathias Payer. 2018. T-Fuzz: fuzzing by program transformation. In 2018 IEEE Symposium on Security and Privacy (SP). IEEE, 697--710.
[24]
Sanjay Rawat, Vivek Jain, Ashish Kumar, Lucian Cojocar, Cristiano Giuffrida, and Herbert Bos. 2017. VUzzer: Application-aware Evolutionary Fuzzing. In NDSS, Vol. 17. 1--14.
[25]
Alexandre Rebert, Sang Kil Cha, Thanassis Avgerinos, Jonathan Foote, David Warren, Gustavo Grieco, and David Brumley. 2014. Optimizing seed selection for fuzzing. In 23rd {USENIX} Security Symposium ({USENIX} Security 14). 861--875.
[26]
Kosta Serebryany. 2016. Continuous fuzzing with libfuzzer and addresssanitizer. In 2016 IEEE Cybersecurity Development (SecDev). IEEE, 157--157.
[27]
Kostya Serebryany. 2017. OSS-Fuzz-Google's continuous fuzzing service for open source software. (2017).
[28]
Konstantin Serebryany, Derek Bruening, Alexander Potapenko, and Dmitriy Vyukov. 2012. AddressSanitizer: A fast address sanity checker. In Presented as part of the 2012 {USENIX} Annual Technical Conference ({USENIX}{ATC} 12). 309--318.
[29]
Lingyun Situ, Linzhang Wang, Xuandong Li, Le Guan, Wenhui Zhang, and Peng Liu. 2019. Energy distribution matters in greybox fuzzing. In Proceedings of the 41st International Conference on Software Engineering: Companion Proceedings. IEEE Press, 270--271.
[30]
Nick Stephens, John Grosen, Christopher Salls, Andrew Dutcher, Ruoyu Wang, Jacopo Corbetta, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna. 2016. Driller: Augmenting Fuzzing Through Selective Symbolic Execution. In NDSS, Vol. 16. 1--16.
[31]
Junjie Wang, Bihuan Chen, Lei Wei, and Yang Liu. 2017. Skyfire: Data-driven seed generation for fuzzing. In 2017 IEEE Symposium on Security and Privacy (SP). IEEE, 579--594.
[32]
Maverick Woo, Sang Kil Cha, Samantha Gottlieb, and David Brumley. 2013. Scheduling black-box mutational fuzzing. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. ACM, 511--522.
[33]
Wei You, Xuwei Liu, Shiqing Ma, David Perry, Xiangyu Zhang, and Bin Liang. 2019. SLF: Fuzzing without Valid Seed Inputs. In Proceedings of the 41st International Conference on Software Engineering, ICSE, Vol. 2019.
[34]
Insu Yun, Sangho Lee, Meng Xu, Yeongjin Jang, and Taesoo Kim. 2018. {QSYM}: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing. In 27th {USENIX} Security Symposium ({USENIX} Security 18). 745--761.
[35]
Michal Zalewski. 2014. American Fuzzy Lob. http://lcamtuf.coredump.cx/afl/
[36]
Michal Zalewski. 2015. american fuzzy lop technical whitepaper. http://lcamtuf.coredump.cx/afl/technical_details.txt (2015).

Cited By

View all
  • (2024)Applying Fuzz Driver Generation to Native C/C++ Libraries of OEM Android Framework: Obstacles and SolutionsProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695266(2035-2040)Online publication date: 27-Oct-2024
  • (2023)UTopia: Automatic Generation of Fuzz Driver using Unit Tests2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179394(2676-2692)Online publication date: May-2023
  • (2022)Automatically Seed Corpus and Fuzzing Executables Generation Using Test FrameworkIEEE Access10.1109/ACCESS.2022.320200510(90408-90428)Online publication date: 2022

Index Terms

  1. FuzzBuilder: automated building greybox fuzzing environment for C/C++ library

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    ACSAC '19: Proceedings of the 35th Annual Computer Security Applications Conference
    December 2019
    821 pages
    ISBN:9781450376280
    DOI:10.1145/3359789
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 09 December 2019

    Permissions

    Request permissions for this article.

    Check for updates

    Badges

    Author Tags

    1. greybox fuzzing
    2. library fuzzing
    3. software development
    4. unit test

    Qualifiers

    • Research-article

    Funding Sources

    • National Research Foundation of Korea

    Conference

    ACSAC '19
    ACSAC '19: 2019 Annual Computer Security Applications Conference
    December 9 - 13, 2019
    Puerto Rico, San Juan, USA

    Acceptance Rates

    ACSAC '19 Paper Acceptance Rate 60 of 266 submissions, 23%;
    Overall Acceptance Rate 104 of 497 submissions, 21%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)73
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 01 Mar 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)Applying Fuzz Driver Generation to Native C/C++ Libraries of OEM Android Framework: Obstacles and SolutionsProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695266(2035-2040)Online publication date: 27-Oct-2024
    • (2023)UTopia: Automatic Generation of Fuzz Driver using Unit Tests2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179394(2676-2692)Online publication date: May-2023
    • (2022)Automatically Seed Corpus and Fuzzing Executables Generation Using Test FrameworkIEEE Access10.1109/ACCESS.2022.320200510(90408-90428)Online publication date: 2022

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media