Write a Blog >>
ICFP 2016
Sun 18 - Sat 24 September 2016 Nara, Japan
Thu 22 Sep 2016 09:50 - 10:15 at Noh Theater - Testing Chair(s): Stephanie Weirich

Fuzzing is a technique that involves testing programs using invalid
or erroneous inputs. Most fuzzers require a set of valid inputs as a
starting point, in which mutations are then introduced. QuickFuzz is a
fuzzer that leverages QuickCheck-style random test-case generationto automatically test programs that manipulate common file formats
by fuzzing. We rely on existing Haskell implementations of
file-format-handling libraries found on Hackage, the
community-driven Haskell code repository. We have tried QuickFuzz
in the wild and found that the approach is effective in
discovering vulnerabilities in real-world implementations of browsers,
image processing utilities and file compressors among others.
In addition, we introduce a mechanism to automatically derive random generators for the types
representing these formats. QuickFuzz handles most well-known image
and media formats, and can be used to test programs and libraries
written in any language.

Thu 22 Sep

Displayed time zone: Osaka, Sapporo, Tokyo change

09:15 - 10:15
TestingHaskell at Noh Theater
Chair(s): Stephanie Weirich University of Pennsylvania
09:15
10m
Day opening
Welcome
Haskell

09:25
25m
Talk
FitSpec: Refining Property Sets for Functional Testing
Haskell
DOI
09:50
25m
Talk
QuickFuzz: An Automatic Random Fuzzer for Common File Formats
Haskell
Gustavo Grieco , Martín Ceresa , Pablo Buiras Chalmers University of Technology
DOI