CN103853650B - A kind of method for generating test case of fuzz testing and device - Google Patents
A kind of method for generating test case of fuzz testing and device Download PDFInfo
- Publication number
- CN103853650B CN103853650B CN201210496983.3A CN201210496983A CN103853650B CN 103853650 B CN103853650 B CN 103853650B CN 201210496983 A CN201210496983 A CN 201210496983A CN 103853650 B CN103853650 B CN 103853650B
- Authority
- CN
- China
- Prior art keywords
- case
- abnormal use
- input field
- grammar construct
- spcial character
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3684—Test management for test design, e.g. generating new test cases
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
Abstract
The invention provides a kind of method for generating test case of fuzz testing and device, the method includes:The legal content of the input field according to system under test (SUT), determines the grammar construct of this input field, and the grammar construct of described input field includes the spcial character in this field and its position;Abnormal use-case is generated according to the generation method setting, and determines the grammar construct of the abnormal use-case being generated, the grammar construct of described abnormal use-case includes the spcial character in this abnormal use-case and its position;The relatively grammar construct of described abnormal use-case and the grammar construct of described input field;If the grammar construct of described abnormal use-case is identical with the position having at least one spcial character in the grammar construct of described input field, described abnormal use-case is used as the test case of described system under test (SUT).Using the present invention, the test case of fuzz testing and the input data of system under test (SUT) can be made to have higher similarity, thus realizing higher efficiency and more fully safety test.
Description
Technical field
The present invention relates to software security technical field of measurement and test, particularly to a kind of method for generating test case of fuzz testing
And device.
Background technology
Black box(Black-box)Test as a kind of conventional software security method of testing, its test does not rely on tested soft
The source code of part program, and always can detect the security breaches that tested personnel are ignored, thus in software security test
Obtain a wide range of applications.
Fuzz testing(fuzz testing)It is a kind of Black-box Testing technology occurring in the nineties, this technical construction one
Random a bit or semirandom data(Referred to as fuzz)As the input of tested software, and monitor tested software response and/
Or state, whether there is security breaches in tested software to determine.As a kind of Black-box Testing instrument, fuzz testing is generally used
In large-scale software development project, it is advantageous that:The advantage of lower cost tested, and can be automatically obtained completely;And
And, fuzz testing often can be found out than security breaches more serious and being used by attacker.
Due to the fast development of network and communication technology with widely use, current one of software security field tests is important
Problem is to carry out safety test to protocol realization such as communication protocol, industry control agreements.The weight of security breaches is caused in protocol realization
Want one of reason to be the abnormality processing to input data, overflow because the safety problem that abnormality processing is led to for example includes relief area
Go out attack, format string attack and code injection attack etc..
Fuzz testing for protocol realization is normally based on character, even if some input fields of tested agreement are bases
In binary bit stream it is also possible to the data flow that this binary bit stream is converted to character style is tested, therefore, to
In tested agreement, the test case of input is usually random or semirandom character string.Because this character string is advised with meeting agreement
The legal content difference of model is larger, and tested agreement to its correct parsing, or cannot may check that it is illegal input, thus refusing
This test case absolutely.Therefore, not only testing efficiency is low to carry out fuzz testing using this test case, and be difficult to detect by
Survey the security breaches of the deep layer within agreement.
A kind of fuzz testing method is proposed in U.S. Patent application US20090164975A1.In view of system under test (SUT)
Some input datas may be compiled through Base64 coding or forward error correction through the coding of ad hoc fashion, such as this part input data
Code(FEC), through randomization(fuzz)This part input data afterwards may be decoded by system under test (SUT), even if can be solved
Code, decoded data is likely to lose original form or cannot be resolved.For this reason, the method bag in this patent application
Include:Receive the format data that processed by system under test (SUT), determine coded system that this format data adopted and select wherein
Partial data to carry out randomization, according to described coded method determine corresponding decoder to select decoding data,
Randomization is carried out to decoded data, determines that corresponding encoder is carried out to the data after randomization according to described coded method
Coding, is tested to system under test (SUT) using the randomization data after coding.The method although it is contemplated that system under test (SUT) some
The specific coding mode of input data, but the input data after randomization still may be on form and normal input data
There is larger difference, thus equally can face the problem refused by system under test (SUT).
Content of the invention
For the problems referred to above, in order that the test case of fuzz testing has higher phase with the input data of system under test (SUT)
Like property, the embodiment of the present invention proposes a kind of method for generating test case of fuzz testing and device.
The method for generating test case of fuzz testing according to embodiments of the present invention, including:
The legal content of the input field according to system under test (SUT), determines the grammar construct of this input field, described input word
The grammar construct of section includes the spcial character in this field and its position;
Abnormal use-case is generated according to the generation method setting, and determines the grammar construct of the abnormal use-case being generated, described
The grammar construct of abnormal use-case includes spcial character and its position in this abnormal use-case;
The relatively grammar construct of described abnormal use-case and the grammar construct of described input field;
If there being at least one special word in the grammar construct of the grammar construct of described abnormal use-case and described input field
The position of symbol is identical, then described abnormal use-case is used as the test case of described system under test (SUT).
A kind of Test cases technology device of fuzz testing according to embodiments of the present invention, including:
Input field grammar construct determining unit, for the legal content of the input field according to system under test (SUT), determining should
The grammar construct of input field, the grammar construct of described input field includes the spcial character in this field and its position;
Abnormal use-case generates and grammar construct determining unit, for abnormal use-case is generated according to the generation method setting, and
Determine the grammar construct of the abnormal use-case being generated, the grammar construct of described abnormal use-case includes the special word in this abnormal use-case
Symbol and its position;
Comparing unit, for the relatively grammar construct of described abnormal use-case and the grammar construct of described input field;
Screening unit, for when having at least in the grammar construct of described abnormal use-case and the grammar construct of described input field
When the position of one spcial character is identical, then described abnormal use-case is used as the test case of described system under test (SUT).
In the method and apparatus that the embodiments of the present invention provide, selected test case is legal with input field
There is the position of at least one spcial character identical in content, and spcial character and its position can determine test case and input field
Grammar construct, therefore, selected test case has certain similarity with the legal content of input field on form,
Such test case is input to after in system under test (SUT) passes through the syntax check of system under test (SUT) or the possibility that can be successfully parsed
Property is bigger, such that it is able to reduce the situation that test case is refused by system under test (SUT), to realize higher efficiency and more fully safe
Test.
Brief description
The exemplary embodiment of the present invention will be described in detail by referring to accompanying drawing below, make those of ordinary skill in the art
Become apparent from the above and other feature and advantage of the present invention, in accompanying drawing:
Fig. 1 is the schematic flow sheet of the method for generating test case according to the embodiment of the present invention;
Fig. 2 is the schematic diagram of the prefix tree automaton of input field in the embodiment of the present invention;
Fig. 3 is the schematic diagram of the prefix tree automaton of input field in another embodiment of the present invention;
Fig. 4 is the schematic diagram of the prefix tree automaton of abnormal use-case in the embodiment of the present invention;
Fig. 5 is the schematic diagram of the prefix tree automaton of abnormal use-case in another embodiment of the present invention;
Fig. 6 is the structural representation of the Test cases technology device according to the embodiment of the present invention;
Fig. 7 is the structural representation of the Test cases technology equipment according to the embodiment of the present invention.
Specific embodiment
Hereafter by the way of clearly understandable by description of a preferred embodiment and combine accompanying drawing come above-mentioned to the present invention
Characteristic, technical characteristic, advantage and its implementation are further described.
The embodiment of the present invention proposes a kind of method for generating test case for fuzz testing, as shown in figure 1, the method
Comprise the steps:
Step 101:The legal content of the input field according to system under test (SUT), determines the grammar construct of this input field, institute
The grammar construct stating input field includes the spcial character in this field and its position.
In embodiments of the present invention, system under test (SUT) can be that application program, protocol realization etc. are write using computer code
Software, hereinafter collectively referred to as system under test (SUT).
According to specific application scenarios or protocol specification, the legal content of the input field of system under test (SUT) needs to meet necessarily
Grammar construct.So-called grammar construct refers to the grammatical ruless that the legal content of this input field should meet, in the present invention
In embodiment, this grammatical rules includes spcial character and its position in this field.Here, spcial character can be except small letter
Any symbol for specific use beyond letter, capitalization and numeral.The operating system that adopted with system under test (SUT), association
View specification and/or the difference of programming language, the spcial character in the legal content of its input field can be different.For example, exist
In C/C++ programming language, " % " represents the beginning of format string;Data exchange standard in passenger and airport(PADIS,
Passenger and Airport Data InterchangeStandards)In agreement, "+" represent the separator of data item.
Step 102:Abnormal use-case is generated according to the generation method setting, and determines the syntax knot of the abnormal use-case being generated
Structure, the grammar construct of described abnormal use-case includes the spcial character in this abnormal use-case and its position.
In this step, abnormal use-case can be generated using the generation method setting.For example the most simply, can adopt
Random manner generates abnormal use-case, using existing method, the random abnormal use-case generating can also be carried out further
Filter, to remove similar abnormal use-case so that test case can more fully cover the input space of system under test (SUT), thus carry
The efficiency of high fuzz testing.Or, fuzz testing method in patent application as described above etc. may also be employed more intelligent
Mode generating abnormal use-case.In an embodiment of the present invention, the generation method for abnormal use-case is not restricted.
For the abnormal use-case generating, equally its grammar construct is analyzed, determines the spcial character in abnormal use-case
And its position.
Step 103:The relatively grammar construct of abnormal use-case and the grammar construct of input field.
Next, each spcial character occurring and its position in abnormal use-case and input field are compared.
Step 104:If having at least one special word in the abnormal grammar construct of use-case and the grammar construct of input field
The position of symbol is identical, then described abnormal use-case is used as the test case of described system under test (SUT).
After being compared, in grammar construct if there is abnormal use-case and the grammar construct of input field, there is one
Or the position of multiple spcial character is identical, then using this abnormal use-case as fuzz testing test case.
In the method that the embodiments of the present invention provide, in the legal content of selected test case and input field
There is the position of at least one spcial character identical, and spcial character and its position can determine the syntax of test case and input field
Structure, therefore, selected test case has certain similarity with the legal content of input field on form, such
Test case be input in system under test (SUT) after the syntax check passing through system under test (SUT) or the probability that can be successfully parsed bigger,
Such that it is able to reduce the situation that test case is refused by system under test (SUT), to realize higher efficiency and more fully safety test.
In another embodiment in accordance with the invention, priority can be set for test case, when test case and input
When in the grammar construct of field, the position of identical spcial character is more, the priority of test case is higher.The special word of identical
The position of symbol is more, shows that the form similarity between test case and the legal content of input field is bigger, this test case
Unaccepted probability is less, therefore, it can this test case is preferentially tested.
In the specific implementation, several threshold ranges can be correspondingly arranged according to required priority.For example corresponding preferential
Level 1,2,3, is respectively provided with threshold range n<A、A≤n≤B、n>B, n represent the quantity of the position of identical spcial character, A and B
For setting value;When the position of identical spcial character in the grammar construct with input field for the test case is less than threshold value A, this survey
The priority of example on probation is 1, and the like.The higher test case of priority preferentially will be used in fuzz testing.
According to still another embodiment of the invention, used as test case abnormal use-case grammar construct with defeated
The grammar construct entering field is compared, the position of at least one spcial character and spcial character all same itself, then can be this test
The higher priority of use-case setting.Specifically, for example can be first according to test case and phase in the grammar construct of input field
The quantity setting master-priority of the same position of spcial character;Then, under the conditions of same master-priority, further according to phase
The quantity of same spcial character arranges auxiliary priority, and the quantity of identical spcial character is more, and auxiliary priority is higher.
Additionally, also the phrase in this input field and its value can be determined according to the legal content of input field;And,
Determine the phrase in the abnormal use-case being generated and its value;Described phrase is separated by spcial character, here, described phrase is permissible
It is lower case, capitalization or numeral or the character string being made up of lower case, capitalization and/or numeral.
If there being at least one special word in the grammar construct of abnormal use-case being generated and the grammar construct of input field
The position of symbol is identical, namely when this abnormal use-case will be used as test case, can compare this test case and input further
The value of the phrase with least one spcial character described as prefix/postfix in the legal content of field.If with described at least
One spcial character is that the value of the phrase of prefix/postfix is identical, then can arrange higher priority for this test case, with
Preferentially use in fuzz testing.Specifically, for example can be identical with the grammar construct of input field according to test case first
The position of spcial character quantity setting master-priority;Then, under the conditions of same master-priority, further according to identical
The quantity of the phrase of value arranges auxiliary priority, and the quantity of the phrase of identical value is more, and auxiliary priority is higher.
System under test (SUT) input field generally comprise two classes:The input word of the input field of regular length and variable-length
Section.Wherein, the length of the input field of variable-length can be characterized by length field or specific end mark etc..Spcial character is many
Occur in the input field of variable-length, in the different input data of system under test (SUT), the length of the input field of variable-length
Degree and the content being comprised may be different.The all possible legal content that the input field of variable-length is comprised can be by front
Sew tree automaton(PTA, Prefix Tree Automata), deterministic finite automaton(DFA, Deterministic
Finite Automata)Or regular expression is representing.
For example, to represent all possible legal content that the input field of a variable-length is comprised with PTA, wherein often
Individual state(I.e. node)Represent the phrase occurring in the legal content of this field, the transfer between state represents the spy separating phrase
Different character.By the original state of PTA, along a bar state transfer path of PTA, reach the output knot of an end-state
Fruit is a kind of possible legal content of input field.It is assumed that the input field of a variable-length may have three kinds legal defeated
Enter, respectively:" A/B/C ", " A/C ", " A/B/D ", then the PTA generating for this input field is represented by as shown in Figure 2.
Wherein, node " A ", " B ", " C ", " D " are exactly each state of PTA, and representing can in the legal content of this field
The phrase that can occur, the transfer between the state represented by arrow is for separating the spcial character of phrase.Original state " A " by PTA
Set out, along a bar state transfer path of PTA, the output result reaching end-state " D " is a kind of possible legal defeated
Enter " A/B/D ", in the same manner, also can get remaining two kinds possible legal inputs " A/B/C ", " A/C ".
Again taking the format string input field in C language as a example, here is with possible legal of three kinds of this input field
As a example content, respectively " %s%d ", " %.16x ", " %*x ", in these three possible legal content, the spcial character of appearance is
" % ", ". " and " * ", then the PTA of this input field obtaining after these legal content being analyzed is represented by shown in Fig. 3,
Wherein, " O " node represents that the phrase representated by this node is null character string.
As it was noted above, the input field of system under test (SUT) generally can be represented with character style.Accordingly, the exception being generated
Use-case can include overlength character string, format string and code/one or more therein of script character string, corresponds to respectively
In security breaches such as buffer overflow attack, format string attack and code injection attacks.
Below by by abnormal use-case for overlength character string and format string as a example come concrete to the present invention further
Embodiment illustrates.
First, taking the abnormal use-case of overlength character string as a example:
The abnormal use-case of overlength character string class attempts to use(Considerably beyond)The character string of the length that legal content is allowed is led
System under test (SUT) is caused the exception of buffer overflow to occur it is assumed that being generated in the present embodiment during processing input data
Abnormal use-case is as follows:
AAA…AAA/EEEE…EEEE
AAA…AAA/BBB…BBB/CCC…CCC
AAA…AAA@DDD…DDD
Wherein, the very long character string that the expression such as " AAA ... AAA " is made up of capitalization ' A ' etc.(It is far longer than 1 word
Symbol), then the PTA of the abnormal use-case obtaining after these abnormal use-cases are analyzed is represented by shown in Fig. 4.
It is assumed that the PTA of input field understands as shown in Fig. 2 comparing Fig. 2 and Fig. 4 in the present embodiment, abnormal use-case
Three phrases are all included, adjacent two phrases in " AAA ... AAA/BBB ... BBB/CCC ... CCC " and legal content " A/B/D "
Between be separated by spcial character "/", therefore, abnormal use-case " AAA ... AAA/BBB ... BBB/CCC ... CCC " is interior with legal
The grammar construct holding " A/B/D " is identical, and that is, wherein the spcial character of appearance and its position are identical;Equally, abnormal use-case
" AAA ... AAA/EEEE ... EEEE " is also identical with the grammar construct of legal content " A/C ".Due to these abnormal use-cases with corresponding
Legal content is identical on form, and such abnormal use-case passes through the syntax check of system under test (SUT) or can be successfully parsed
Probability bigger, thus the situation refused by system under test (SUT) can be reduced, therefore, these abnormal use-cases are easy to by tested system
System regards normal input data.But overlength character strings such as " AAA ... AAA " may lead to the input data of system under test (SUT) buffering
Area overflows, and is used these abnormal use-cases to carry out fuzz testing as test case to system under test (SUT) it would be possible to find system under test (SUT)
Present in buffer-overflow vulnerability, thus the effectiveness of obfuscation security test can be improved, and make test process more high
Effect.
Due to test case " AAA ... AAA/BBB ... BBB/CCC ... CCC " and " AAA ... AAA/EEEE ... EEEE " with corresponding
Legal content in occur spcial character and its position identical, can be preferentially using this two during fuzz testing
Test case is tested.
Abnormal use-case " AAA ... AAA@DDD ... DDD " is different from the spcial character occurring in legal input data " A/C ", point
Not Wei "@" and "/", but its position identical that is to say, that abnormal use-case " AAA ... AAA@DDD ... DDD " and legal content " A/C "
Grammar construct similar, therefore, this abnormal use-case can also be used for fuzz testing as test case, but its priority can be less than
Above-mentioned two test case " AAA ... AAA/BBB ... BBB/CCC ... CCC " and " AAA ... AAA/EEEE ... EEEE ".
Next, taking the abnormal use-case of format string as a example:
The purpose of the abnormal use-case of format string class is to not specified formatting by abnormal format string
The input field of character string, the input data of the such as function such as printf carries out safety test.It is assumed that being generated in the present embodiment
Abnormal use-case as follows:
AAAA
“%s%d%s%d”
“%.4096d”
“%****d”
The PTA obtaining after so these abnormal use-cases being analyzed is represented by shown in Fig. 5.
It is assumed that the PTA of input field understands as shown in figure 3, comparing Fig. 3 and Fig. 5 in the present embodiment, abnormal use-case " %
.4096d " identical with the grammar construct of legal content " %.16x ", that is, wherein the spcial character of appearance and its position are identical,
But in both phrase with spcial character ". " as prefix, 4096 value is far longer than 16, and this may lead to printf etc.
The memory abnormal of function distribution.Therefore, it is used this abnormal use-case to carry out fuzz testing as test case to system under test (SUT), permissible
Reduce the situation that test case is refused by system under test (SUT), and it can be found that format string leakage present in system under test (SUT)
Hole so that test process more effectively.
Prefix in abnormality test use-case " %s%d%s%d " and " %****d "(“%s%d”、“%*”)With legal content " %s%d "
The grammar construct of " %*x " is identical, and that is, wherein the spcial character of appearance and its position are identical, therefore, abnormality test use-case " %s%
D%s%d " and " %****d " can be used for fuzz testing.
The abnormal grammar construct of use-case " AAAA " and the grammar construct of all possible legal content do not have any similarity,
In order to save testing time and test resource, can be discarded without in fuzz testing.
Above the specific embodiment of the inventive method is described in detail.
The embodiment of the present invention also proposed a kind of Test cases technology device for fuzz testing, as shown in fig. 6, this dress
Put 60 to realize in the way of using software, hardware or software and hardware combining, specifically can include:
Input field grammar construct determining unit 601, for the legal content of the input field according to system under test (SUT), determines
The grammar construct of this input field, the grammar construct of described input field includes the spcial character in this field and its position;
Abnormal use-case generates and grammar construct determining unit 602, for abnormal use-case is generated according to the generation method setting,
And determining the grammar construct of the abnormal use-case being generated, it is special in this abnormal use-case that the grammar construct of described abnormal use-case includes
Character and its position;
Comparing unit 603, for the relatively grammar construct of abnormal use-case and the grammar construct of input field;
Screening unit 604, has at least one for working as in the abnormal grammar construct of use-case and the grammar construct of input field
When the position of spcial character is identical, abnormal use-case is used as the test case of system under test (SUT).
In a specific embodiment of apparatus of the present invention, screening unit 604, can be further used for arranging for test case
Priority, wherein, compared with the grammar construct of input field, identical is special for the grammar construct of the abnormal use-case as test case
When the position of different character is more, the priority of test case is higher.
In another embodiment of apparatus of the present invention, screening unit 604, it may also be used for when the exception as test case
Use-case, compared with the grammar construct of input field, when the position of at least one spcial character and spcial character all same itself, is
The higher priority of this test case setting.
In another embodiment of apparatus of the present invention, input field grammar construct determining unit 601, it may also be used for according to
The legal content of input field, determines the phrase in this input field and its value, described phrase is by special in input field
Character separates.
Abnormal use-case generates and grammar construct determining unit 602, it may also be used for determine short in the abnormal use-case being generated
Language and its value, described phrase is separated by the spcial character in abnormal use-case.
Comparing unit 603, it may also be used for when having at least in the grammar construct of abnormal use-case and the grammar construct of input field
When the position of one spcial character is identical, further with least one spcial character described in more abnormal use-case and legal content
Value for the phrase of prefix/postfix.
Screening unit 604, it may also be used for when the value phase of the phrase with least one spcial character described as prefix/postfix
Meanwhile, higher priority is set for this test case.
Due to being described in detail to the specific embodiment of the inventive method above, being embodied as of apparatus of the present invention
Example is referred to the respective description for the inventive method, will not be described here.
The embodiment of the present invention additionally provides a kind of Test cases technology equipment for fuzz testing, as shown in fig. 7, this sets
Standby can be realized by single physical entity, or the part as any physical entity for fuzz testing.
As shown in fig. 7, this Test cases technology equipment 70 being used for fuzz testing can include memorizer 701 and processor
702.Wherein, memorizer 701 can be used for storing executable instruction.Processor 702 can be used for being stored according to memorizer 701
Executable instruction, execute following steps:
The legal content of the input field according to system under test (SUT), determines the grammar construct of this input field, described input word
The grammar construct of section includes the spcial character in this field and its position;
Abnormal use-case is generated according to the generation method setting, and determines the grammar construct of the abnormal use-case being generated, described
The grammar construct of abnormal use-case includes spcial character and its position in this abnormal use-case;
The relatively grammar construct of abnormal use-case and the grammar construct of input field;
When the position phase having at least one spcial character in the grammar construct of abnormal use-case and the grammar construct of input field
Meanwhile, abnormal use-case is used as the test case of system under test (SUT).
Further, priority, wherein, the grammar construct of the abnormal use-case as test case can be set for test case
Compared with the grammar construct of input field, when the position of identical spcial character is more, the priority of test case is higher.
Used as test case abnormal use-case grammar construct compared with the grammar construct of input field, at least one
The position of spcial character and spcial character all same itself, then can be the higher priority of this test case setting.
Additionally, also the phrase in this input field and its value can be determined according to the legal content of input field, described short
Language is separated by the spcial character in input field;And, determine the phrase in the abnormal use-case being generated and its value, described short
Language is separated by the spcial character in abnormal use-case.When having at least in the grammar construct of abnormal use-case and the grammar construct of input field
When the position of one spcial character is identical, can compare further in abnormal use-case and legal content with least one special word described
Accord with the value of the phrase for prefix/postfix.When the value of the phrase with least one spcial character described as prefix/postfix is identical
When, for the higher priority of this test case setting.
The embodiment of the present invention additionally provides a kind of machine readable media, is stored thereon with executable instruction, when this is executable
So that a machine executes the step performed by aforementioned processor 702 when instruction is performed.Specifically it is provided that being furnished with storage
The system of medium or device, store the software realizing the function of any embodiment in above-described embodiment on the storage medium
Program code, and make the computer of this system or device(Or CPU or MPU)Read and execute the journey being stored in storage medium
Sequence code.
In this case, can achieve that above-described embodiment, any one is real from the program code itself that storage medium reads
The medium applying the function of example, therefore program code and store program codes constitutes the part of the present invention.
Machine readable media embodiment for providing program code includes floppy disk, hard disk, magneto-optic disk, CD(As CD-
ROM、CD-R、CD-RW、DVD-ROM、DVD-RAM、DVD-RW、DVD+RW), tape, Nonvolatile memory card and ROM.May be selected
Ground, can by communication network from server computer download program code.
Further, it should be apparent that, not only by the program code read-out by execution computer, and can pass through
Make operating system of calculating hands- operation etc. complete partly or completely practical operation based on the instruction of program code, thus
Realize the function of any one embodiment in above-described embodiment.
Further, it is to be appreciated that the program code being read by storage medium is write the expansion board in insertion computer
In in set memorizer or write in the memorizer of setting in the expanding element being connected with computer, be subsequently based on journey
The instruction of sequence code makes CPU being arranged on expansion board or expanding element etc. come executable portion and whole practical operation, thus
Realize the function of any embodiment in above-described embodiment.
It should be noted that not all of step and module are all necessary in above-mentioned schematic diagram, can be according to reality
The needing of border ignores some steps or module.The execution sequence of each step is not fixing, can be adjusted as needed.On
Stating the modular structure described in each embodiment can be physical arrangement or logical structure, i.e. some modules may be by same
One physical entity is realized, or, some modules may be divided and realized by multiple physical entities, or, can be by multiple autonomous devices
In some parts jointly realize.
Above by drawings and Examples, the present invention is carried out with detailed displaying and illustrated, but the invention is not restricted to these
The embodiment having revealed that, other schemes that those skilled in the art therefrom derive are also within protection scope of the present invention.
Therefore, protection scope of the present invention should be defined by appending claims.
Claims (15)
1. a kind of method for generating test case of fuzz testing, including:
The legal content of the input field according to system under test (SUT), determines the grammar construct of this input field, described input field
Grammar construct includes spcial character and its position in this field;
Abnormal use-case is generated according to the generation method setting, and determines the grammar construct of the abnormal use-case being generated, described exception
The grammar construct of use-case includes spcial character and its position in this abnormal use-case;
The relatively grammar construct of described abnormal use-case and the grammar construct of described input field;
If having at least one spcial character in the grammar construct of the grammar construct of described abnormal use-case and described input field
Position is identical, then described abnormal use-case is used as the test case of described system under test (SUT).
2. method according to claim 1 is it is characterised in that also include:
For described test case arrange priority, wherein, the grammar construct of the abnormal use-case as described test case with described
The grammar construct of input field is compared, and when the position of identical spcial character is more, the priority of described test case is higher.
3. method according to claim 2 is it is characterised in that also include:
Used as described test case abnormal use-case grammar construct compared with the grammar construct of described input field, at least
The position of one spcial character and spcial character all same itself, then arrange higher priority for this test case.
4. method according to claim 2 is it is characterised in that also include:
According to the legal content of described input field, determine the phrase in this input field and its value, described phrase is by described
Spcial character in input field separates;
Determine the phrase in the abnormal use-case being generated and its value, described phrase is divided by the spcial character in described abnormal use-case
Every;
If having at least one spcial character in the grammar construct of the grammar construct of described abnormal use-case and described input field
Position is identical, then compare further in described abnormal use-case and described legal content with least one spcial character described be front
Sew/the value of the phrase of suffix;
If the value of the phrase with least one spcial character described as prefix/postfix is identical, for the setting of this test case
Higher priority.
5. method according to claim 4 it is characterised in that described grammar construct and described phrase and its value pass through with
Any one mode lower is described:
Prefix tree automaton, deterministic finite automaton and regular expression.
6. according to the arbitrary described method of claim 1 to 5 it is characterised in that
Described input field is variable length.
7. method according to claim 6 is it is characterised in that the abnormal use-case being generated includes following one kind or many
Kind:
Overlength character string, format string and code/script character string.
8. the Test cases technology device of a kind of fuzz testing, including:
Input field grammar construct determining unit, for the legal content of the input field according to system under test (SUT), determines this input
The grammar construct of field, the grammar construct of described input field includes the spcial character in this field and its position;
Abnormal use-case generates and grammar construct determining unit, for generating abnormal use-case according to the generation method setting, and determines
The grammar construct of the abnormal use-case being generated, the grammar construct of described abnormal use-case include spcial character in this abnormal use-case and
Its position;
Comparing unit, for the relatively grammar construct of described abnormal use-case and the grammar construct of described input field;
Screening unit, for when having at least one in the grammar construct of described abnormal use-case and the grammar construct of described input field
When the position of spcial character is identical, then described abnormal use-case is used as the test case of described system under test (SUT).
9. device according to claim 8 it is characterised in that
Described screening unit, is further used for arranging priority for described test case, wherein, different as described test case
The grammar construct of conventional example is compared with the grammar construct of described input field, when the position of identical spcial character is more, described
The priority of test case is higher.
10. device according to claim 9 it is characterised in that
Described screening unit, is additionally operable to when the grammar construct of abnormal use-case as described test case and described input field
Grammar construct is compared, and when the position of at least one spcial character and spcial character all same itself, arranges more for this test case
High priority.
11. devices according to claim 9 it is characterised in that
Described input field grammar construct determining unit, is additionally operable to the legal content according to described input field, determines this input
Phrase in field and its value, described phrase is separated by the spcial character in described input field;
Described abnormal use-case generates and grammar construct determining unit, be additionally operable to determine phrase in the abnormal use-case being generated and its
Value, described phrase is separated by the spcial character in described abnormal use-case;
Described comparing unit, be additionally operable to when have in the grammar construct of described abnormal use-case and the grammar construct of described input field to
When the position of a few spcial character is identical, further with described at least one in more described abnormal use-case and described legal content
Individual spcial character is the value of the phrase of prefix/postfix;
Described screening unit, is additionally operable to when the value of the phrase with least one spcial character described as prefix/postfix is identical,
For the higher priority of this test case setting.
12. devices according to claim 11 are it is characterised in that described grammar construct and described phrase and its value pass through
Any one mode is described below:
Prefix tree automaton, deterministic finite automaton and regular expression.
13. according to Claim 8 to 12 arbitrary described devices it is characterised in that
Described input field is variable length.
14. devices according to claim 13 are it is characterised in that the abnormal use-case being generated includes following one kind or many
Kind:
Overlength character string, format string and code/script character string.
A kind of Test cases technology equipment of 15. fuzz testings, including:
Memorizer, for storing executable instruction;
Processor, for according to the executable instruction being stored, execution is as any one the claim institute in claim 1-7
The method stated.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210496983.3A CN103853650B (en) | 2012-11-28 | 2012-11-28 | A kind of method for generating test case of fuzz testing and device |
PCT/EP2013/074304 WO2014082908A1 (en) | 2012-11-28 | 2013-11-20 | Method and apparatus for generating test case for fuzz test |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210496983.3A CN103853650B (en) | 2012-11-28 | 2012-11-28 | A kind of method for generating test case of fuzz testing and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103853650A CN103853650A (en) | 2014-06-11 |
CN103853650B true CN103853650B (en) | 2017-03-01 |
Family
ID=49683695
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210496983.3A Expired - Fee Related CN103853650B (en) | 2012-11-28 | 2012-11-28 | A kind of method for generating test case of fuzz testing and device |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN103853650B (en) |
WO (1) | WO2014082908A1 (en) |
Families Citing this family (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104320312B (en) * | 2014-11-20 | 2018-01-02 | 国家电网公司 | Network application safe test tool and fuzz testing case generation method and system |
US10108536B2 (en) * | 2014-12-10 | 2018-10-23 | General Electric Company | Integrated automated test case generation for safety-critical software |
CN105512025B (en) * | 2014-12-31 | 2019-01-15 | 哈尔滨安天科技股份有限公司 | Fuzz engine optimization method and system based on simulation message |
CN105868095B (en) * | 2015-01-22 | 2018-11-13 | 阿里巴巴集团控股有限公司 | Generate the method and apparatus of test data |
CN106294102B (en) * | 2015-05-20 | 2021-04-09 | 腾讯科技(深圳)有限公司 | Application program testing method, client, server and system |
CN105512562B (en) * | 2015-12-01 | 2018-12-25 | 珠海市君天电子科技有限公司 | Vulnerability mining method and device and electronic equipment |
CN105335657B (en) * | 2015-12-07 | 2019-04-05 | 珠海豹趣科技有限公司 | A kind of program bug detection method and device |
CN106330601A (en) * | 2016-08-19 | 2017-01-11 | 北京匡恩网络科技有限责任公司 | Test case generating method and device |
CN106067893A (en) * | 2016-09-14 | 2016-11-02 | 中山大学 | A kind of data interactive method based on Web |
CN106506280B (en) * | 2016-11-24 | 2019-10-01 | 工业和信息化部电信研究院 | The communication protocol test method and system of smart home device |
CN106610899B (en) * | 2016-12-30 | 2020-01-14 | 中国科学院长春光学精密机械与物理研究所 | Test case generation method and device |
US10983853B2 (en) | 2017-03-31 | 2021-04-20 | Microsoft Technology Licensing, Llc | Machine learning for input fuzzing |
CN110196804B (en) * | 2018-04-24 | 2022-03-11 | 腾讯科技(深圳)有限公司 | Service testing method and device, storage medium and electronic device |
CN109145609B (en) * | 2018-09-06 | 2023-06-23 | 平安科技(深圳)有限公司 | Data processing method and device |
CN109597767B (en) * | 2018-12-19 | 2021-11-12 | 中国人民解放军国防科技大学 | Genetic variation-based fuzzy test case generation method and system |
CN109739755B (en) * | 2018-12-27 | 2020-07-10 | 北京理工大学 | Fuzzy test system based on program tracking and mixed execution |
US10831646B2 (en) | 2019-01-02 | 2020-11-10 | International Business Machines Corporation | Resources usage for fuzz testing applications |
CN110059010B (en) * | 2019-04-12 | 2023-01-31 | 西北工业大学 | Buffer overflow detection method based on dynamic symbol execution and fuzzy test |
CN110113227B (en) * | 2019-04-18 | 2022-08-02 | 上海大学 | Variational self-coding fuzzy test case generation method |
CN110401581B (en) * | 2019-07-22 | 2020-12-01 | 杭州电子科技大学 | Industrial control protocol fuzzy test case generation method based on flow tracing |
CN110427328A (en) * | 2019-08-07 | 2019-11-08 | 北京字节跳动网络技术有限公司 | Text handling method, device, equipment and storage medium |
CN111813653B (en) * | 2020-05-28 | 2023-07-04 | 杭州览众数据科技有限公司 | Data exception testing method and automatic testing tool related to field content |
CN112055003B (en) * | 2020-08-26 | 2022-12-23 | 上海电力大学 | Method for generating private protocol fuzzy test case based on byte length classification |
CN112506795A (en) * | 2020-12-18 | 2021-03-16 | 国家工业信息安全发展研究中心 | Method, system, terminal and storage medium for testing security vulnerability of industrial control equipment |
CN112905493B (en) * | 2021-04-07 | 2023-07-18 | 南京大学 | Structured fuzzy test method based on conversion test |
CN115396332B (en) * | 2022-06-20 | 2024-03-15 | 内蒙古电力(集团)有限责任公司内蒙古超高压供电分公司 | Fuzzy test method for power communication protocol, terminal equipment and storage medium |
CN116881058A (en) * | 2023-07-19 | 2023-10-13 | 凯云联创(北京)科技有限公司 | Fuzzy test method for embedded equipment |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101833503A (en) * | 2010-04-14 | 2010-09-15 | 武汉大学 | Test system for trusted software stack based on fuzzy technology |
CN101901183A (en) * | 2009-05-31 | 2010-12-01 | 西门子(中国)有限公司 | Method and device of test case for filtering |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8286133B2 (en) | 2007-12-19 | 2012-10-09 | Microsoft Corporation | Fuzzing encoded data |
US8429614B2 (en) * | 2008-06-23 | 2013-04-23 | International Business Machines Corporation | Method and apparatus of effective functional test data generation for web service testing |
-
2012
- 2012-11-28 CN CN201210496983.3A patent/CN103853650B/en not_active Expired - Fee Related
-
2013
- 2013-11-20 WO PCT/EP2013/074304 patent/WO2014082908A1/en active Application Filing
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101901183A (en) * | 2009-05-31 | 2010-12-01 | 西门子(中国)有限公司 | Method and device of test case for filtering |
CN101833503A (en) * | 2010-04-14 | 2010-09-15 | 武汉大学 | Test system for trusted software stack based on fuzzy technology |
Also Published As
Publication number | Publication date |
---|---|
WO2014082908A1 (en) | 2014-06-05 |
CN103853650A (en) | 2014-06-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103853650B (en) | A kind of method for generating test case of fuzz testing and device | |
Gupta et al. | Enhancing the browser-side context-aware sanitization of suspicious HTML5 code for halting the DOM-based XSS vulnerabilities in cloud | |
US8615804B2 (en) | Complementary character encoding for preventing input injection in web applications | |
US10387655B2 (en) | Method, system and product for using a predictive model to predict if inputs reach a vulnerability of a program | |
TWI498752B (en) | Extracting information from unstructured data and mapping the information to a structured schema using the naive bayesian probability model | |
US8286133B2 (en) | Fuzzing encoded data | |
Ganesh et al. | HAMPI: A string solver for testing, analysis and vulnerability detection | |
US10325097B2 (en) | Static detection of context-sensitive cross-site scripting vulnerabilities | |
US8635602B2 (en) | Verification of information-flow downgraders | |
US20100306285A1 (en) | Specifying a Parser Using a Properties File | |
US20040205411A1 (en) | Method of detecting malicious scripts using code insertion technique | |
US8701186B2 (en) | Formal analysis of the quality and conformance of information flow downgraders | |
CN103036730A (en) | Method and device for achieving safety testing on protocol implementation | |
WO2003067405A2 (en) | Automated security threat testing of web pages | |
KR101874373B1 (en) | A method and apparatus for detecting malicious scripts of obfuscated scripts | |
CN111124479B (en) | Method and system for analyzing configuration file and electronic equipment | |
KR101645019B1 (en) | Rule description language for software vulnerability detection | |
Zhao et al. | A new framework of security vulnerabilities detection in PHP web application | |
Leithner et al. | Hydra: Feedback-driven black-box exploitation of injection vulnerabilities | |
Mui et al. | Preventing web application injections with complementary character coding | |
Li et al. | Understanding and detecting performance bugs in markdown compilers | |
US9405916B2 (en) | Automatic correction of security downgraders | |
US20220021691A1 (en) | Creation of generalized code templates to protect web application components | |
US11088898B2 (en) | Updating logging behavior of a computer system using collaboration within interconnected systems | |
CN109218284B (en) | XSS vulnerability detection method and device, computer equipment and readable medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20170301 Termination date: 20171128 |
|
CF01 | Termination of patent right due to non-payment of annual fee |