Posted Sep 21, 2006 9:48 UTC (Thu) by nix
Parent article: Fuzz testing
Of course fuzzing is useful elsewhere as well. In general it's useful whenever you've written something with an interface complex enough that a total-coverage test is impractical: in some cases there are so many edge cases that you can't even test all of those: but you surely can fuzz them.
I'd say that 30--40% of the testcases I write for code I've written are fuzz tests of some description, but almost none of them are looking for potential security holes per se: just plain old bugs.
to post comments)