LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fuzzig finds lots of problems

Fuzzig finds lots of problems

Posted Mar 17, 2009 16:45 UTC (Tue) by dps (subscriber, #5725)
Parent article: Fusil: a Python fuzzing library

That a lot of programs fail a fuzz test is not news. See ftp://ftp.cs.wisc.edu/pub/paradyn/technical_papers/fuzz-r... (1995), which is also easy to find as a PDF if you prefer that format. The original 1990 paper located many of bugs, and provided fixes for many of them. Lots of people downloaded the information. Despite that many of the bugs were unfixed.

GNU did best (failure rate 6%) followed by Linux (failure rate 9%). Miller et al failed to mention that most Linux utulities *are* the GNU utilities, usually as compiled by gcc.

There is a 2001 follow up at http://pages.cs.wisc.edu/~blbowers/fuzz-2001.pdf
The original 1990 paper was published in Communications of the ACM, so the easiest way to find a copy might be to button hole a friendly academic.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds