CN103853650A - Test case generating method and device for fuzz testing - Google Patents

Test case generating method and device for fuzz testing Download PDF

Info

Publication number
CN103853650A
CN103853650A CN201210496983.3A CN201210496983A CN103853650A CN 103853650 A CN103853650 A CN 103853650A CN 201210496983 A CN201210496983 A CN 201210496983A CN 103853650 A CN103853650 A CN 103853650A
Authority
CN
China
Prior art keywords
case
abnormal use
input field
grammar construct
special character
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201210496983.3A
Other languages
Chinese (zh)
Other versions
CN103853650B (en
Inventor
唐文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Siemens AG
Original Assignee
Siemens AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens AG filed Critical Siemens AG
Priority to CN201210496983.3A priority Critical patent/CN103853650B/en
Priority to PCT/EP2013/074304 priority patent/WO2014082908A1/en
Publication of CN103853650A publication Critical patent/CN103853650A/en
Application granted granted Critical
Publication of CN103853650B publication Critical patent/CN103853650B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3684Test management for test design, e.g. generating new test cases

Abstract

The invention provides a test case generating method and device for fuzz testing. The test case generating method comprises the steps of confirming grammatical structures of input fields according to legal contents of input fields of a tested system, wherein the grammatical structures of the input fields comprise special characters in the fields and positions of the special characters; generating abnormal use cases by adopting a set generating method and confirming grammatical structures of the abnormal use cases, wherein the grammatical structures of the abnormal use cases comprise special characters in the abnormal use cases and positions of the abnormal use cases; comparing the grammatical structures of the abnormal use cases with the grammatical structures of the input fields; if the grammatical structures of the abnormal use cases are identical to at least one special field in the grammatical structures of the input fields in position, the abnormal use cases are used as test cases of the tested system. By adopting the test case generating method and device for fuzz testing, the test cases for fuzz testing and input data of the tested system can have high similarity, and accordingly high-efficiency and comprehensive safe testing is achieved.

Description

A kind of method for generating test case of fuzz testing and device
Technical field
The present invention relates to software security technical field of measurement and test, particularly a kind of method for generating test case of fuzz testing and device.
Background technology
Black box (Black-box) test is a kind of conventional software security method of testing, its test does not rely on the source code of tested software program, and always can detect the security breaches that tested personnel ignore, thereby obtain a wide range of applications in software security test.
Fuzz testing (fuzz testing) is a kind of Black-box Testing technology occurring in the nineties, some random or semirandom data (being called fuzz) of this technical construction are as the input of tested software, and monitor response and/or the state of tested software, to determine whether there are security breaches in tested software.As a kind of Black-box Testing instrument, fuzz testing is generally used for large-scale software development project, it is advantageous that: the cost of testing is relatively low, and can automatically realize completely; And fuzz testing often can be found out security breaches relatively serious and that can victim be used.
Due to the fast development of network and the communication technology be widely used, a current important topic of software security field tests is that the agreements such as communication protocol, industry control agreement are realized and carry out safety test.In agreement realizes, causing one of major reason of security breaches is the abnormality processing to input data, and the safety problem causing due to abnormality processing for example comprises buffer overflow attack, format string attack and code injection attack etc.
The fuzz testing realized for agreement is normally based on character, even if some input field of tested agreement is based on binary bit stream, the data stream that also this binary bit stream can be converted to character style is tested, therefore, be generally random or semirandom character string to the test case of inputting in tested agreement.Because the legal content difference of this character string and protocol compliant specification is larger, tested agreement cannot correctly be resolved it, maybe may check out that it is illegal input, thereby refuse this test case.Therefore, not only testing efficiency is low to adopt this test case to carry out fuzz testing, and is difficult to the security breaches of the deep layer that detects tested agreement inside.
A kind of fuzz testing method has been proposed in U.S. Patent application US20090164975A1.Consider that some input data of system under test (SUT) are through the coding of ad hoc fashion, for example this part input data may be through Base64 coding or forward error correction coding (FEC), this part input data after randomization (fuzz) may be decoded by system under test (SUT), even can be decoded, decoded data also may be lost original form and maybe cannot be resolved.For this reason, method in this patented claim comprises: receive the formatted data by system under test (SUT) processing, determine the coded system that this formatted data adopts and select partial data wherein to carry out randomization, determine that according to described coding method corresponding demoder is to the decoding data of selecting, decoded data are carried out to randomization, determine that according to described coding method the data after corresponding scrambler is to randomization encode, use the randomization data after coding to test system under test (SUT).Although the method has been considered the specific coding mode of some input data of system under test (SUT), the input data after randomization still may be inputted data on form and normally larger difference, thereby can face the problem of being refused by system under test (SUT) equally.
Summary of the invention
For the problems referred to above, in order to make the test case of fuzz testing and the input data of system under test (SUT) have higher similarity, the embodiment of the present invention has proposed a kind of method for generating test case and device of fuzz testing.
According to the method for generating test case of the fuzz testing of the embodiment of the present invention, comprising:
According to the legal content of the input field of system under test (SUT), determine the grammar construct of this input field, the grammar construct of described input field comprises special character and the position thereof in this field;
Generate abnormal use-case according to the generation method of setting, and determine the grammar construct of the abnormal use-case generating, the grammar construct of described abnormal use-case comprises special character and the position thereof in this abnormal use-case;
The grammar construct of more described abnormal use-case and the grammar construct of described input field;
If there is the position of at least one special character identical in the grammar construct of the grammar construct of described abnormal use-case and described input field, the test case as described system under test (SUT) by described abnormal use-case.
According to the test case generating apparatus of a kind of fuzz testing of the embodiment of the present invention, comprising:
Input field grammar construct determining unit, for according to the legal content of the input field of system under test (SUT), determines the grammar construct of this input field, and the grammar construct of described input field comprises special character and the position thereof in this field;
Abnormal use-case generates and grammar construct determining unit, for generating abnormal use-case according to the generation method of setting, and determines the grammar construct of the abnormal use-case generating, and the grammar construct of described abnormal use-case comprises special character and the position thereof in this abnormal use-case;
Comparing unit, for the grammar construct of more described abnormal use-case and the grammar construct of described input field;
Screening unit, when have the position of at least one special character identical when the grammar construct of described abnormal use-case and the grammar construct of described input field, is used as described abnormal use-case the test case of described system under test (SUT).
In the method and apparatus providing at the invention described above embodiment, selected test case with in the legal content of input field, have the position of at least one special character identical, and special character and position thereof can determine the grammar construct of test case and input field, therefore, selected test case and the legal content of input field have certain similarity on form, syntax check by system under test (SUT) after such test case is input in system under test (SUT) or the possibility that can successfully be resolved are larger, thereby can reduce the situation that test case is refused by system under test (SUT), to realize more high-level efficiency and more fully safety test.
Brief description of the drawings
To, by describe exemplary embodiment of the present invention in detail with reference to accompanying drawing, the person of ordinary skill in the art is more clear that above-mentioned and other feature and advantage of the present invention below, in accompanying drawing:
Fig. 1 is according to the schematic flow sheet of the method for generating test case of the embodiment of the present invention;
Fig. 2 is the schematic diagram of the prefix trees automat of input field in the embodiment of the present invention;
Fig. 3 is the schematic diagram of the prefix trees automat of input field in another embodiment of the present invention;
Fig. 4 is the schematic diagram of the prefix trees automat of abnormal use-case in the embodiment of the present invention;
Fig. 5 is the schematic diagram of the prefix trees automat of abnormal use-case in another embodiment of the present invention;
Fig. 6 is according to the structural representation of the test case generating apparatus of the embodiment of the present invention;
Fig. 7 is the structural representation that generates equipment according to the test case of the embodiment of the present invention.
Embodiment
Below the mode with clearly understandable is also come the above-mentioned characteristic of the present invention, technical characterictic, advantage and implementation thereof to be further described by description of a preferred embodiment by reference to the accompanying drawings.
The embodiment of the present invention has proposed a kind of method for generating test case for fuzz testing, and as shown in Figure 1, the method comprises the steps:
Step 101: according to the legal content of the input field of system under test (SUT), determine the grammar construct of this input field, the grammar construct of described input field comprises special character and the position thereof in this field.
In embodiments of the present invention, system under test (SUT) can be the software that the use computer code such as application program, agreement realization is write, and is referred to as hereinafter system under test (SUT).
According to concrete application scenarios or protocol specification, the legal content of the input field of system under test (SUT) need to meet certain grammar construct.So-called grammar construct refer to this input field legal content should be satisfied syntax rule, in embodiments of the present invention, this syntax rule comprises special character and the position thereof in this field.At this, special character can be any symbol for specific use except lowercase, capitalization and numeral.The difference of operating system, protocol specification and/or the programming language adopting with system under test (SUT), the special character in the legal content of its input field can be different.For example, in C/C++ programming language, " % " represents the beginning of format string; In data exchange standard (PADIS, the Passenger and Airport Data InterchangeStandards) agreement on passenger and airport, the separator of "+" representative data item.
Step 102: generate abnormal use-case according to the generation method of setting, and determine the grammar construct of the abnormal use-case generating, the grammar construct of described abnormal use-case comprises special character and the position thereof in this abnormal use-case.
In this step, can adopt the generation method of setting to generate abnormal use-case.For example the most simply, can adopt random mode to generate abnormal use-case, can also adopt existing method further to filter the abnormal use-case of random generation, to remove similar abnormal use-case, make test case can more fully cover the input space of system under test (SUT), thereby improve the efficiency of fuzz testing.Or, also can adopt the more intelligent modes such as the fuzz testing method in patented claim as described above to generate abnormal use-case.In an embodiment of the present invention, be not restricted for the generation method of abnormal use-case.
For the abnormal use-case generating, equally its grammar construct is analyzed, determine special character and position thereof in abnormal use-case.
Step 103: the grammar construct of more abnormal use-case and the grammar construct of input field.
Next, the each special character and the position thereof that in abnormal use-case and input field, occur are compared.
Step 104: if having the position of at least one special character identical in the abnormal grammar construct of use-case and the grammar construct of input field, the test case as described system under test (SUT) by described abnormal use-case.
After comparing, if existed, in the grammar construct of abnormal use-case and the grammar construct of input field, to have the position of one or more special characters identical, the test case using this abnormal use-case as fuzz testing.
In the method providing at the invention described above embodiment, selected test case with in the legal content of input field, have the position of at least one special character identical, and special character and position thereof can determine the grammar construct of test case and input field, therefore, selected test case and the legal content of input field have certain similarity on form, syntax check by system under test (SUT) after such test case is input in system under test (SUT) or the possibility that can successfully be resolved are larger, thereby can reduce the situation that test case is refused by system under test (SUT), to realize more high-level efficiency and more fully safety test.
According to another embodiment of the present invention, can priority be set for test case, in the time that the position of special character identical in the grammar construct of test case and input field is more, the priority of test case is higher.The position of identical special character is more, shows that the form similarity between test case and the legal content of input field is larger, and the unaccepted possibility of this test case is less, therefore, can preferentially test this test case.
In the specific implementation, can be according to required priority, correspondence arranges several threshold ranges.For example corresponding priority 1,2,3, arranges respectively threshold range n<A, A≤n≤B, n>B, and n represents the quantity of the position of identical special character, and A and B are setting value; In the time that the position of special character identical in the grammar construct of test case and input field is less than threshold value A, the priority of this test case is 1, and the like.The test case that priority is higher will preferentially be used in fuzz testing.
According to still another embodiment of the invention, if compared with the grammar construct of abnormal use-case and the grammar construct of input field of test case, the position of at least one special character and special character itself is all identical, can be the higher priority of this test case setting.Particularly, for example can be first according to the quantity of the position of special character identical in the grammar construct of test case and input field, master-priority be set; Then, under same master-priority condition, further according to the quantity of identical special character, auxiliary priority is set, the quantity of identical special character is more, and auxiliary priority is higher.
In addition, also can be according to the legal content of input field, determine phrase and value thereof in this input field; And, determine phrase and value thereof in the abnormal use-case generating; Described phrase is separated by special character, and at this, described phrase can be lowercase, capitalization or numeral, the character string that also can be made up of lowercase, capitalization and/or numeral.
If the grammar construct of the abnormal use-case generating is with to have the position of at least one special character in the grammar construct of input field identical, also when this abnormal use-case will be used as test case, can be further the value taking described at least one special character as the phrase of prefix/postfix in the legal content of this test case and input field relatively.If taking described at least one special character as the value of the phrase of prefix/postfix is identical, can be the higher priority of this test case setting, preferentially to use in fuzz testing.Particularly, for example can be first according to the quantity of the position of special character identical in the grammar construct of test case and input field, master-priority be set; Then, under same master-priority condition, further according to the quantity of the phrase of identical value, auxiliary priority is set, the quantity of the phrase of identical value is more, and auxiliary priority is higher.
System under test (SUT) input field generally comprise two classes: the input field of regular length and the input field of variable-length.Wherein, the length of the input field of variable-length can be characterized by length field or specific end mark etc.Special character has more in the input field of present variable-length, and in the different input data of system under test (SUT), the length of the input field of variable-length and the content comprising may be different.The all possible legal content that the input field of variable-length comprises can be by prefix trees automat (PTA, Prefix Tree Automata), deterministic finite automaton (DFA, Deterministic Finite Automata) or regular expression represent.
For example, represent all possible legal content that input field was comprised of a variable-length with PTA, wherein each state (being node) represents the phrase occurring in the legal content of this field, and the transfer between state represents to separate the special character of phrase.Original state by PTA is set out, and along a bar state transfer path of PTA, the Output rusults that arrives an end-state is a kind of possible legal content of input field.The input field of supposing a variable-length may have three kinds of legal inputs, is respectively: " A/B/C ", " A/C ", " A/B/D ", the PTA generating for this input field so can be expressed as shown in Figure 2.
Wherein, node " A ", " B ", " C ", " D " are exactly each state of PTA, are illustrated in the phrase that may occur in the legal content of this field, and the transfer between the represented state of arrow is the special character of separating phrase.Original state " A " by PTA is set out, along a bar state transfer path of PTA, the Output rusults that arrives end-state " D " is a kind of possible legal input " A/B/D ", in like manner, also can obtain all the other two kinds possible legal input " A/B/C ", " A/C ".
Again taking the format string input field in C language as example, at this taking three kinds of possible legal content of this input field as example, be respectively " %s%d ", " %.16x ", " %*x ", the special character occurring in these three kinds of possible legal content is " % ", ". " and " * ", the PTA that these legal content is analyzed to this input field of rear acquisition can be expressed as shown in Fig. 3
Wherein, " O " node represents that the phrase of this node representative is null character string.
As mentioned before, the input field of system under test (SUT) can character style represent conventionally.Accordingly, the abnormal use-case generating can comprise wherein one or more of overlength character string, format string and code/script character string, corresponds respectively to that buffer overflow attack, format string are attacked and the security breaches such as code injection attack.
Below will be taking abnormal use-case as overlength character string and format string come further specific embodiments of the invention to be described as example.
First, taking the abnormal use-case of overlength character string as example:
The abnormal use-case of overlength character string class attempt with (considerably beyond) character string of the length that allows of legal content causes system under test (SUT) in the process of processing input data, to occur the abnormal of buffer overflow, supposes that the abnormal use-case that generated is in the present embodiment as follows:
AAA…AAA/EEEE…EEEE
AAA…AAA/BBB…BBB/CCC…CCC
AAA…AAA@DDD…DDD
Wherein, the very long character string (being far longer than 1 character) that the expression such as " AAA ... AAA " is made up of capitalization ' A ' etc., can be expressed as shown in Fig. 4 the PTA that these abnormal use-cases are analyzed the abnormal use-case of rear acquisition so.
Suppose the PTA of input field in the present embodiment as shown in Figure 2, comparison diagram 2 is known with Fig. 4, in abnormal use-case " AAA ... AAA/BBB ... BBB/CCC ... CCC " and legal content " A/B/D ", include three phrases, between two adjacent phrases, separate by special character "/", therefore, abnormal use-case " AAA ... AAA/BBB ... BBB/CCC ... CCC " is identical with the grammar construct of legal content " A/B/D ", and the special character and the position thereof that wherein occur are identical; Equally, extremely, use-case " AAA ... AAA/EEEE ... EEEE " is also identical with the grammar construct of legal content " A/C ".Because these abnormal use-cases are identical on form with corresponding legal content, the syntax check of abnormal use-case like this by system under test (SUT) or the possibility that can successfully be resolved are larger, thereby can reduce the situation of being refused by system under test (SUT), therefore, these abnormal use-cases are easy to by system under test (SUT) as normal input data.But overlength character strings such as " AAA ... AAA " may cause the input data of system under test (SUT) to occur buffer overflow, use these abnormal use-cases, as test case, system under test (SUT) is carried out to fuzz testing, may find the buffer-overflow vulnerability existing in system under test (SUT), thereby can improve the validity of fuzzy safety test, and make test process more efficient.
Because test case " AAA ... AAA/BBB ... BBB/CCC ... CCC " and " AAA ... AAA/EEEE ... EEEE " are identical with the special character and the position thereof that occur in corresponding legal content, in fuzz testing process, can preferentially use these two test cases to test.
Abnormal use-case " AAA ... AAA@DDD ... DDD " is different from the special character occurring in legal input data " A/C ", be respectively "@" and "/", but its position is identical, that is to say, abnormal use-case " AAA ... AAA@DDD ... DDD " is similar to the grammar construct of legal content " A/C ", therefore, this abnormal use-case also can be used as test case for fuzz testing, but its priority can be lower than above-mentioned two test cases " AAA ... AAA/BBB ... BBB/CCC ... CCC " and " AAA ... AAA/EEEE ... EEEE ".
Next, taking the abnormal use-case of format string as example:
The object of the abnormal use-case of format string class is to the input field of specified format character string not, as the input data of the functions such as printf are carried out safety test by abnormal format string.Suppose that the abnormal use-case that generated is in the present embodiment as follows:
AAAA
“%s%d%s%d”
“%.4096d”
“%****d”
The PTA that so these abnormal use-cases is analyzed to rear acquisition can be expressed as shown in Fig. 5.
Suppose the PTA of input field in the present embodiment as shown in Figure 3, comparison diagram 3 is known with Fig. 5, abnormal use-case " %.4096d " is identical with the grammar construct of legal content " %.16x ", the special character and the position thereof that wherein occur are identical, but in the phrase at the two taking special character ". " as prefix, 4096 value is far longer than 16, the memory abnormal that this may cause the functions such as printf to distribute.Therefore, use this abnormal use-case, as test case, system under test (SUT) is carried out to fuzz testing, can reduce the situation that test case is refused by system under test (SUT), and can find the format string leak existing in system under test (SUT), make test process more effective.
Abnormality test use-case " %s%d%s%d " is identical with the grammar construct of legal content " %s%d " and " %*x " with the prefix (" %s%d ", " %* ") in " %****d ", the special character and the position thereof that wherein occur are identical, therefore, abnormality test use-case " %s%d%s%d " and " %****d " also can be for fuzz testings.
The abnormal grammar construct of use-case " AAAA " and the grammar construct of all possible legal content be without any similarity, in order to save test duration and test resource, can be abandoned and be not used in fuzz testing.
Above the specific embodiment of the inventive method is had been described in detail.
The embodiment of the present invention has also proposed a kind of test case generating apparatus for fuzz testing, and as shown in Figure 6, this device 60 can utilize the mode of software, hardware or software and hardware combining to realize, and specifically can comprise:
Input field grammar construct determining unit 601, for according to the legal content of the input field of system under test (SUT), determines the grammar construct of this input field, and the grammar construct of described input field comprises special character and the position thereof in this field;
Abnormal use-case generates and grammar construct determining unit 602, for generating abnormal use-case according to the generation method of setting, and the grammar construct of definite abnormal use-case generating, the grammar construct of described abnormal use-case comprises special character and the position thereof in this abnormal use-case;
Comparing unit 603, for the grammar construct of more abnormal use-case and the grammar construct of input field;
Screening unit 604, when have the position of at least one special character identical when the grammar construct of abnormal use-case and the grammar construct of input field, is used as abnormal use-case the test case of system under test (SUT).
In a specific embodiment of apparatus of the present invention, screening unit 604, can be further used for, for test case, priority is set, wherein, compared with the grammar construct of abnormal use-case and the grammar construct of input field of test case, when the position of identical special character is more, the priority of test case is higher.
In another embodiment of apparatus of the present invention, screening unit 604, also can be used for when compared with the abnormal use-case of test case and the grammar construct of input field, the own homogeneous phase of the position of at least one special character and special character simultaneously, is the higher priority of this test case setting.
In another embodiment of apparatus of the present invention, input field grammar construct determining unit 601, also can be used for the legal content according to input field, determines phrase and value thereof in this input field, and described phrase is separated by the special character in input field.
Abnormal use-case generates and grammar construct determining unit 602, also can be used for determining phrase and the value thereof in generated abnormal use-case, and described phrase is separated by the special character in abnormal use-case.
Comparing unit 603, also can be used in the time having the position of at least one special character identical in the grammar construct of abnormal use-case and the grammar construct of input field the further value taking described at least one special character as the phrase of prefix/postfix in more abnormal use-case and legal content.
Screening unit 604, also can be used in the time that the value taking described at least one special character as the phrase of prefix/postfix is identical, is the higher priority of this test case setting.
Owing to the specific embodiment of the inventive method being had been described in detail above, the specific embodiment of apparatus of the present invention can, with reference to the respective description for the inventive method, not repeat them here.
The embodiment of the present invention also provides a kind of test case for fuzz testing to generate equipment, and as shown in Figure 7, this equipment can be realized by independent physical entity, or conduct is for a part for any physical entity of fuzz testing.
As shown in Figure 7, this test case generation equipment 70 that is used for fuzz testing can comprise storer 701 and processor 702.Wherein, storer 701 can be for stores executable instructions.Processor 702 can, for the executable instruction of storing according to storer 701, be carried out following steps:
According to the legal content of the input field of system under test (SUT), determine the grammar construct of this input field, the grammar construct of described input field comprises special character and the position thereof in this field;
Generate abnormal use-case according to the generation method of setting, and determine the grammar construct of the abnormal use-case generating, the grammar construct of described abnormal use-case comprises special character and the position thereof in this abnormal use-case;
The grammar construct of more abnormal use-case and the grammar construct of input field;
In the time having the position of at least one special character identical in the grammar construct of abnormal use-case and the grammar construct of input field, the test case by abnormal use-case as system under test (SUT).
Further, can be test case priority is set, wherein, compared with the grammar construct of abnormal use-case and the grammar construct of input field of test case, when the position of identical special character is more, the priority of test case is higher.
If compared with the grammar construct of abnormal use-case and the grammar construct of input field of test case, the position of at least one special character and special character itself is all identical, can be the higher priority of this test case setting.
In addition, also can be according to the legal content of input field, determine phrase and value thereof in this input field, described phrase is separated by the special character in input field; And, determine phrase and value thereof in the abnormal use-case generating, described phrase is separated by the special character in abnormal use-case.In the time having the position of at least one special character identical in the grammar construct of abnormal use-case and the grammar construct of input field, the further value taking described at least one special character as the phrase of prefix/postfix in more abnormal use-case and legal content.In the time that the value taking described at least one special character as the phrase of prefix/postfix is identical, be the higher priority of this test case setting.
The embodiment of the present invention also provides a kind of machine readable media, stores executable instruction on it, in the time that this executable instruction is performed, makes a machine carry out the performed step of aforementioned processing device 702.Particularly, system or the device of being furnished with storage medium can be provided, on this storage medium, storing the software program code of the function of arbitrary embodiment in realizing above-described embodiment, and making the computing machine (or CPU or MPU) of this system or device read and carry out the program code being stored in storage medium.
In this case, the program code reading from storage medium itself can be realized the function of any one embodiment above-described embodiment, and therefore program code and program code stored medium have formed a part of the present invention.
For providing the machine readable media embodiment of program code to comprise floppy disk, hard disk, magneto-optic disk, CD (as CD-ROM, CD-R, CD-RW, DVD-ROM, DVD-RAM, DVD-RW, DVD+RW), tape, Nonvolatile memory card and ROM.Selectively, can be by communication network download program code from server computer.
In addition, be noted that, the program code that not only can read by object computer, and can make operating system of calculating hands-operation etc. complete practical operation partly or completely by the instruction based on program code, thereby realize the function of any one embodiment in above-described embodiment.
In addition, be understandable that, the program code of being read by storage medium write in storer set in the expansion board of inserting in computing machine or write in the storer arranging in the expanding element being connected with computing machine, instruction based on program code subsequently makes to be arranged on the CPU on expansion board or expanding element etc. and comes operating part and all practical operations, thereby realizes the function of arbitrary embodiment in above-described embodiment.
It should be noted that, in above-mentioned schematic diagram, be not all step and modules be all necessary, can ignore according to the actual needs some step or module.The execution sequence of each step is not fixed, and can adjust as required.The modular structure of describing in the various embodiments described above can be physical arrangement, can be also logical organization,, some module may be realized by Same Physical entity, or some module may be divided by multiple physical entities and realized, or, can jointly be realized by some parts in multiple autonomous devices.
By drawings and Examples, the present invention has been carried out to detail display and explanation above, but the invention is not restricted to the embodiment that these have disclosed, other schemes that those skilled in the art therefrom derive are also within protection scope of the present invention.Therefore, protection scope of the present invention should be defined by appending claims.

Claims (16)

1. a method for generating test case for fuzz testing, comprising:
According to the legal content of the input field of system under test (SUT), determine the grammar construct of this input field, the grammar construct of described input field comprises special character and the position thereof in this field;
Generate abnormal use-case according to the generation method of setting, and determine the grammar construct of the abnormal use-case generating, the grammar construct of described abnormal use-case comprises special character and the position thereof in this abnormal use-case;
The grammar construct of more described abnormal use-case and the grammar construct of described input field;
If there is the position of at least one special character identical in the grammar construct of the grammar construct of described abnormal use-case and described input field, the test case as described system under test (SUT) by described abnormal use-case.
2. method according to claim 1, is characterized in that, also comprises:
For described test case arranges priority, wherein, compared with the grammar construct of abnormal use-case and the grammar construct of described input field of described test case, when the position of identical special character is more, the priority of described test case is higher.
3. method according to claim 2, is characterized in that, also comprises:
If compared with the grammar construct of abnormal use-case and the grammar construct of described input field of described test case, the position of at least one special character and special character itself is all identical, is the higher priority of this test case setting.
4. method according to claim 2, is characterized in that, also comprises:
According to the legal content of described input field, determine phrase and value thereof in this input field, described phrase is separated by the special character in described input field;
Determine phrase and value thereof in the abnormal use-case generating, described phrase is separated by the special character in described abnormal use-case;
If there is the position of at least one special character identical in the grammar construct of the grammar construct of described abnormal use-case and described input field, the further value taking described at least one special character as the phrase of prefix/postfix in more described abnormal use-case and described legal content;
If taking described at least one special character as the value of the phrase of prefix/postfix is identical, be the higher priority of this test case setting.
5. method according to claim 4, is characterized in that, described grammar construct and described phrase and value thereof are described by following any mode:
Prefix trees automat, deterministic finite automaton and regular expression.
6. according to the arbitrary described method of claim 1 to 5, it is characterized in that,
Described input field is variable length.
7. method according to claim 6, is characterized in that, the abnormal use-case generating comprises following one or more:
Overlength character string, format string and code/script character string.
8. a test case generating apparatus for fuzz testing, comprising:
Input field grammar construct determining unit, for according to the legal content of the input field of system under test (SUT), determines the grammar construct of this input field, and the grammar construct of described input field comprises special character and the position thereof in this field;
Abnormal use-case generates and grammar construct determining unit, for generating abnormal use-case according to the generation method of setting, and determines the grammar construct of the abnormal use-case generating, and the grammar construct of described abnormal use-case comprises special character and the position thereof in this abnormal use-case;
Comparing unit, for the grammar construct of more described abnormal use-case and the grammar construct of described input field;
Screening unit, when have the position of at least one special character identical when the grammar construct of described abnormal use-case and the grammar construct of described input field, is used as described abnormal use-case the test case of described system under test (SUT).
9. device according to claim 8, is characterized in that,
Described screening unit, be further used for as described test case arranges priority, wherein, compared with the grammar construct of abnormal use-case and the grammar construct of described input field of described test case, when the position of identical special character is more, the priority of described test case is higher.
10. device according to claim 9, is characterized in that,
Described screening unit, also for when as compared with the grammar construct of abnormal use-case and the grammar construct of described input field of described test case, the own homogeneous phase of the position of at least one special character and special character simultaneously, is the higher priority of this test case setting.
11. devices according to claim 9, is characterized in that,
Described input field grammar construct determining unit, also, for according to the legal content of described input field, determines phrase and value thereof in this input field, and described phrase is separated by the special character in described input field;
Described abnormal use-case generates and grammar construct determining unit, and also, for determining phrase and the value thereof of the abnormal use-case generating, described phrase is separated by the special character in described abnormal use-case;
Described comparing unit, also when have the position of at least one special character identical when the grammar construct of described abnormal use-case and the grammar construct of described input field, the further value taking described at least one special character as the phrase of prefix/postfix in more described abnormal use-case and described legal content;
Described screening unit, also in the time that the value taking described at least one special character as the phrase of prefix/postfix is identical, is the higher priority of this test case setting.
12. devices according to claim 11, is characterized in that, described grammar construct and described phrase and value thereof are described by following any mode:
Prefix trees automat, deterministic finite automaton and regular expression.
Device described in 13. according to Claim 8 to 12 are arbitrary, is characterized in that,
Described input field is variable length.
14. devices according to claim 13, is characterized in that, the abnormal use-case generating comprises following one or more:
Overlength character string, format string and code/script character string.
The test case of 15. 1 kinds of fuzz testings generates equipment, comprising:
Storer, for stores executable instructions;
Processor, for according to stored executable instruction, carries out the method as described in any one claim in claim 1-7.
16. 1 kinds of machine readable medias, store executable instruction on it, in the time that described executable instruction is performed, make machine carry out the method as described in any one claim in claim 1-7.
CN201210496983.3A 2012-11-28 2012-11-28 A kind of method for generating test case of fuzz testing and device Expired - Fee Related CN103853650B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201210496983.3A CN103853650B (en) 2012-11-28 2012-11-28 A kind of method for generating test case of fuzz testing and device
PCT/EP2013/074304 WO2014082908A1 (en) 2012-11-28 2013-11-20 Method and apparatus for generating test case for fuzz test

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210496983.3A CN103853650B (en) 2012-11-28 2012-11-28 A kind of method for generating test case of fuzz testing and device

Publications (2)

Publication Number Publication Date
CN103853650A true CN103853650A (en) 2014-06-11
CN103853650B CN103853650B (en) 2017-03-01

Family

ID=49683695

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210496983.3A Expired - Fee Related CN103853650B (en) 2012-11-28 2012-11-28 A kind of method for generating test case of fuzz testing and device

Country Status (2)

Country Link
CN (1) CN103853650B (en)
WO (1) WO2014082908A1 (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104320312A (en) * 2014-11-20 2015-01-28 国家电网公司 Network application safety test tool and fuzz test case generation method and system
CN105335657A (en) * 2015-12-07 2016-02-17 珠海市君天电子科技有限公司 Program bug detection method and device
CN105512562A (en) * 2015-12-01 2016-04-20 珠海市君天电子科技有限公司 Vulnerability mining method and device and electronic equipment
CN105868095A (en) * 2015-01-22 2016-08-17 阿里巴巴集团控股有限公司 Method for generating testing data and device thereof
CN106506280A (en) * 2016-11-24 2017-03-15 工业和信息化部电信研究院 The communication protocol method of testing of intelligent home device and system
CN106610899A (en) * 2016-12-30 2017-05-03 中国科学院长春光学精密机械与物理研究所 Test case generation method and device
CN109145609A (en) * 2018-09-06 2019-01-04 平安科技(深圳)有限公司 A kind of data processing method and device
CN109597767A (en) * 2018-12-19 2019-04-09 中国人民解放军国防科技大学 Genetic variation-based fuzzy test case generation method and system
CN110401581A (en) * 2019-07-22 2019-11-01 杭州电子科技大学 Industry control agreement fuzz testing case generation method based on flow retrospect
CN110427328A (en) * 2019-08-07 2019-11-08 北京字节跳动网络技术有限公司 Text handling method, device, equipment and storage medium
CN111813653A (en) * 2020-05-28 2020-10-23 杭州览众数据科技有限公司 Data anomaly testing method and automatic testing tool related to field content
CN115396332A (en) * 2022-06-20 2022-11-25 内蒙古电力(集团)有限责任公司内蒙古超高压供电分公司 Fuzzy test method of power communication protocol, terminal equipment and storage medium

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10108536B2 (en) * 2014-12-10 2018-10-23 General Electric Company Integrated automated test case generation for safety-critical software
CN105512025B (en) * 2014-12-31 2019-01-15 哈尔滨安天科技股份有限公司 Fuzz engine optimization method and system based on simulation message
CN106294102B (en) * 2015-05-20 2021-04-09 腾讯科技(深圳)有限公司 Application program testing method, client, server and system
CN106067893A (en) * 2016-09-14 2016-11-02 中山大学 A kind of data interactive method based on Web
US10983853B2 (en) 2017-03-31 2021-04-20 Microsoft Technology Licensing, Llc Machine learning for input fuzzing
CN110196804B (en) * 2018-04-24 2022-03-11 腾讯科技(深圳)有限公司 Service testing method and device, storage medium and electronic device
CN109739755B (en) * 2018-12-27 2020-07-10 北京理工大学 Fuzzy test system based on program tracking and mixed execution
US10831646B2 (en) 2019-01-02 2020-11-10 International Business Machines Corporation Resources usage for fuzz testing applications
CN110059010B (en) * 2019-04-12 2023-01-31 西北工业大学 Buffer overflow detection method based on dynamic symbol execution and fuzzy test
CN110113227B (en) * 2019-04-18 2022-08-02 上海大学 Variational self-coding fuzzy test case generation method
CN112055003B (en) * 2020-08-26 2022-12-23 上海电力大学 Method for generating private protocol fuzzy test case based on byte length classification
CN112506795A (en) * 2020-12-18 2021-03-16 国家工业信息安全发展研究中心 Method, system, terminal and storage medium for testing security vulnerability of industrial control equipment
CN112905493B (en) * 2021-04-07 2023-07-18 南京大学 Structured fuzzy test method based on conversion test
CN116881058A (en) * 2023-07-19 2023-10-13 凯云联创(北京)科技有限公司 Fuzzy test method for embedded equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090319832A1 (en) * 2008-06-23 2009-12-24 International Business Machines Corporation Method and apparatus of effective functional test data generation for web service testing
CN101833503A (en) * 2010-04-14 2010-09-15 武汉大学 Test system for trusted software stack based on fuzzy technology
CN101901183A (en) * 2009-05-31 2010-12-01 西门子(中国)有限公司 Method and device of test case for filtering

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8286133B2 (en) 2007-12-19 2012-10-09 Microsoft Corporation Fuzzing encoded data

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090319832A1 (en) * 2008-06-23 2009-12-24 International Business Machines Corporation Method and apparatus of effective functional test data generation for web service testing
CN101901183A (en) * 2009-05-31 2010-12-01 西门子(中国)有限公司 Method and device of test case for filtering
CN101833503A (en) * 2010-04-14 2010-09-15 武汉大学 Test system for trusted software stack based on fuzzy technology

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104320312B (en) * 2014-11-20 2018-01-02 国家电网公司 Network application safe test tool and fuzz testing case generation method and system
CN104320312A (en) * 2014-11-20 2015-01-28 国家电网公司 Network application safety test tool and fuzz test case generation method and system
CN105868095A (en) * 2015-01-22 2016-08-17 阿里巴巴集团控股有限公司 Method for generating testing data and device thereof
CN105512562A (en) * 2015-12-01 2016-04-20 珠海市君天电子科技有限公司 Vulnerability mining method and device and electronic equipment
CN105512562B (en) * 2015-12-01 2018-12-25 珠海市君天电子科技有限公司 Vulnerability mining method and device and electronic equipment
CN105335657B (en) * 2015-12-07 2019-04-05 珠海豹趣科技有限公司 A kind of program bug detection method and device
CN105335657A (en) * 2015-12-07 2016-02-17 珠海市君天电子科技有限公司 Program bug detection method and device
CN106506280A (en) * 2016-11-24 2017-03-15 工业和信息化部电信研究院 The communication protocol method of testing of intelligent home device and system
CN106506280B (en) * 2016-11-24 2019-10-01 工业和信息化部电信研究院 The communication protocol test method and system of smart home device
CN106610899B (en) * 2016-12-30 2020-01-14 中国科学院长春光学精密机械与物理研究所 Test case generation method and device
CN106610899A (en) * 2016-12-30 2017-05-03 中国科学院长春光学精密机械与物理研究所 Test case generation method and device
CN109145609A (en) * 2018-09-06 2019-01-04 平安科技(深圳)有限公司 A kind of data processing method and device
CN109145609B (en) * 2018-09-06 2023-06-23 平安科技(深圳)有限公司 Data processing method and device
CN109597767A (en) * 2018-12-19 2019-04-09 中国人民解放军国防科技大学 Genetic variation-based fuzzy test case generation method and system
CN109597767B (en) * 2018-12-19 2021-11-12 中国人民解放军国防科技大学 Genetic variation-based fuzzy test case generation method and system
CN110401581A (en) * 2019-07-22 2019-11-01 杭州电子科技大学 Industry control agreement fuzz testing case generation method based on flow retrospect
CN110427328A (en) * 2019-08-07 2019-11-08 北京字节跳动网络技术有限公司 Text handling method, device, equipment and storage medium
CN111813653A (en) * 2020-05-28 2020-10-23 杭州览众数据科技有限公司 Data anomaly testing method and automatic testing tool related to field content
CN111813653B (en) * 2020-05-28 2023-07-04 杭州览众数据科技有限公司 Data exception testing method and automatic testing tool related to field content
CN115396332A (en) * 2022-06-20 2022-11-25 内蒙古电力(集团)有限责任公司内蒙古超高压供电分公司 Fuzzy test method of power communication protocol, terminal equipment and storage medium
CN115396332B (en) * 2022-06-20 2024-03-15 内蒙古电力(集团)有限责任公司内蒙古超高压供电分公司 Fuzzy test method for power communication protocol, terminal equipment and storage medium

Also Published As

Publication number Publication date
CN103853650B (en) 2017-03-01
WO2014082908A1 (en) 2014-06-05

Similar Documents

Publication Publication Date Title
CN103853650A (en) Test case generating method and device for fuzz testing
US10831826B2 (en) Validation of schema and schema conformance verification
CN103036730B (en) A kind of method and device protocol realization being carried out to safety test
US10325097B2 (en) Static detection of context-sensitive cross-site scripting vulnerabilities
JP6616774B2 (en) Anti-malware type mobile content data management apparatus and method
CN106970820A (en) Code storage method and code storage
Alkhalaf et al. Verifying client-side input validation functions using string analysis
CN111124479B (en) Method and system for analyzing configuration file and electronic equipment
CN103038762B (en) Natural language processing device and method
CN104965781A (en) Method and apparatus for generating test case
KR101696694B1 (en) Method And Apparatus For Analysing Source Code Vulnerability By Using TraceBack
KR102273135B1 (en) Apparatus and method for generating test input a software using symbolic execution
KR20060094851A (en) System and method for testing a data format using targeted variant input
CN113254023B (en) Object reading method and device and electronic equipment
WO2016046223A1 (en) Efficient pattern matching
TWI746520B (en) Method and device for compiling computer language
CN112363939A (en) Method, system and equipment for quickly generating fuzzy test network protocol template
US20140359258A1 (en) Declarative Configuration Elements
US8819645B2 (en) Application analysis device
CN110286912A (en) Code detection method, device and electronic equipment
Lavorato et al. LL (k) optimization of a network protocol parser generator.
CN102609249A (en) Configurable menu implementation method based on extensible markup language
JP5516277B2 (en) Test case relation extraction method, test case relation extraction device, and test case relation extraction program
CN112182470A (en) Webpage construction method, device and equipment
KR101900813B1 (en) Apparatus and method for dynamic control-flow analysis for prescribing control-flow with Inputs generated from grammar

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20170301

Termination date: 20171128

CF01 Termination of patent right due to non-payment of annual fee