I am implementing a fuzzer that generates specially crafted nasty payloads based on a method's API spec.
The idea would be to pass these payloads as arguments to a method and test if it is rejected as expected or not.
The issue I am encountering is the case of methods where arguments have a real impact like:
- specifying Buffer length
e.g: What happens if 2^64 is specified by the fuzzer ?
- filenames to delete
e.g: What happens if '*' is specified by the fuzzer ?
The targeted language is JavaScript (Node.js) but how do kernel fuzzers safely fuzz commands without corrupting the environment every few seconds ?
The goal of this testing is really only to check if a method's argument checking follows the API correctly, throws errors as expected and doesn't hang or fail silently. The processing and result themselves don't matter.
I thought about various solutions like Docker and Vagrant VMs that would make it easy to setup in case of a crash. But I feel like both are a little too high level and not enough portable to be added to a software's testing suite.
Maybe there's a way to intercept the relevant syscalls ?
What are your thoughts ?
Thanks in advance !
Aucun commentaire:
Enregistrer un commentaire