Conference paper

MARHEFKA Matúš and MÜLLER Petr. Dfuzzer: A D-Bus Service Fuzzing Tool. In: Proceedings of IEEE Seventh International Conference on Software Testing, Verification and Validation Workshopsn. Cleveland: IEEE Computer Society, 2014, pp. 383-389. ISBN 978-0-7695-5194-4.
Publication language:english
Original title:Dfuzzer: A D-Bus Service Fuzzing Tool
Title (cs):Dfuzzer: Nástroj pro fuzz testování D-Bus služeb
Pages:383-389
Proceedings:Proceedings of IEEE Seventh International Conference on Software Testing, Verification and Validation Workshopsn
Conference:Seventh IEEE International Conference on Software Testing, Verification and Validation
Place:Cleveland, US
Year:2014
ISBN:978-0-7695-5194-4
Publisher:IEEE Computer Society
Keywords
D-Bus
fuzzer
fuzz testing
automated testing
pseudo-random data generation
IPC
Annotation
We present Dfuzzer, a fully automated tool for fuzz testing programs
communicating via D-Bus. D-Bus is the prevalent modern mechanism for an
inter-process communication in the GNU/Linux ecosystem. Using D-Bus introspection, Dfuzzer is able to
acquire the structure of the parameters expected by the target program. It can
then generate ballast data respecting this structure, so the target program
starts using such data incorrectly if it does not carefully validate it. We
have found numerous bugs in various parts of the GNU/Linux operating system,
including GNOME Shell and systemd.
BibTeX:
@INPROCEEDINGS{
   author = {Mat{\'{u}}{\v{s}} Marhefka and Petr M{\"{u}}ller},
   title = {Dfuzzer: A D-Bus Service Fuzzing Tool},
   pages = {383--389},
   booktitle = {Proceedings of IEEE Seventh International Conference on
	Software Testing, Verification and Validation Workshopsn},
   year = {2014},
   location = {Cleveland, US},
   publisher = {IEEE Computer Society},
   ISBN = {978-0-7695-5194-4},
   language = {english},
   url = {http://www.fit.vutbr.cz/research/view_pub.php?id=10534}
}

Your IPv4 address: 54.224.43.96
Switch to IPv6 connection

DNSSEC [dnssec]