Write a Blog >>
ICFP 2016
Sun 18 - Sat 24 September 2016 Nara, Japan
Thu 22 Sep 2016 09:50 - 10:15 at Noh Theater - Testing Chair(s): Stephanie Weirich

Fuzzing is a technique that involves testing programs using invalid
or erroneous inputs. Most fuzzers require a set of valid inputs as a
starting point, in which mutations are then introduced. QuickFuzz is a
fuzzer that leverages QuickCheck-style random test-case generationto automatically test programs that manipulate common file formats
by fuzzing. We rely on existing Haskell implementations of
file-format-handling libraries found on Hackage, the
community-driven Haskell code repository. We have tried QuickFuzz
in the wild and found that the approach is effective in
discovering vulnerabilities in real-world implementations of browsers,
image processing utilities and file compressors among others.
In addition, we introduce a mechanism to automatically derive random generators for the types
representing these formats. QuickFuzz handles most well-known image
and media formats, and can be used to test programs and libraries
written in any language.

Thu 22 Sep

09:15 - 10:15: Haskell - Testing at Noh Theater
Chair(s): Stephanie WeirichUniversity of Pennsylvania
haskellsymp-2016-papers09:15 - 09:25
Day opening
haskellsymp-2016-papers09:25 - 09:50
haskellsymp-2016-papers09:50 - 10:15
Gustavo Grieco, Martín Ceresa, Pablo BuirasChalmers University of Technology