The behavior of command-line utilities can be very much influenced by passing command-line options and arguments - configuration settings that enable, disable, or otherwise influence parts of the code to be executed. Hence, systematic testing of command-line utilities requires testing them with diverse configurations of supported command-line options.
We introduce CLIfuzzer, a tool that takes an executable program and, using dynamic analysis to track input processing, automatically extract a full set of its options, arguments, and argument types. This set forms a grammar that represents the valid sequences of valid options and arguments. Producing invocations from this grammar, we can fuzz the program with an endless list of random configurations, covering the related code. This leads to increased coverage and new bugs.
Tue 15 NovDisplayed time zone: Beijing, Chongqing, Hong Kong, Urumqi change
10:45 - 12:15 | Software Testing IIResearch Papers / Demonstrations at SRC LT 50 Chair(s): Baishakhi Ray Columbia University | ||
10:45 15mTalk | Online Testing of RESTful APIs: Promises and ChallengesDistinguished Paper Award Research Papers Alberto Martin-Lopez University of Seville, Sergio Segura University of Seville, Antonio Ruiz-Cortés University of Seville DOI Pre-print | ||
11:00 15mTalk | Avgust: Automating Usage-Based Test Generation from Videos of App Executions Research Papers Yixue Zhao University of Massachusetts at Amherst, Saghar Talebipour University of Southern California, Kesina Baral George Mason University, Hyojae Park Sharon High School, Leon Yee Valley Christian High School, Safwat Ali Khan George Mason University, Yuriy Brun University of Massachusetts, Nenad Medvidović University of Southern California, Kevin Moran George Mason University DOI Pre-print Media Attached | ||
11:15 15mTalk | RoboFuzz: Fuzzing Robotic Systems over Robot Operating System (ROS) for Finding Correctness Bugs Research Papers DOI | ||
11:30 7mTalk | CLIFuzzer: Mining Grammars for Command-Line Invocations Demonstrations Abhilash Gupta CISPA Helmholtz Center for Information Security, Rahul Gopinath University of Sydney, Andreas Zeller CISPA Helmholtz Center for Information Security Link to publication DOI Pre-print Media Attached | ||
11:38 7mTalk | RecipeGen++: An Automated Trigger Action Programs Generator Demonstrations Imam Nur Bani Yusuf Singapore Management University, Singapore, Diyanah Binte Abdul Jamal Singapore Management University, Lingxiao Jiang Singapore Management University, David Lo Singapore Management University | ||