[webkit-dev] Fuzzinator, a mutation based web fuzzer

Benjamin Poulain benjamin at webkit.org
Tue Jun 25 12:48:03 PDT 2013

On Tue, Jun 25, 2013 at 1:56 AM, Renáta Hodován <hodovan at inf.u-szeged.hu>wrote:

> as many of you know already I'm working on an universal web fuzzer, which
> is able to generate random test cases for both svg, html, css and js, and
> test them against any browser. With this method we can catch crashes,
> assertions, memory corruptions and all the funny things.
> A few words about it: Fuzzinator learns from existing test cases and based
> on this information it generates new tests that are syntactically correct.
> Beside this randomized step I also put some language specific knowledge
> into the tests too. Further details about the theoretical background will
> be shared in a blogpost soon.
> However the results are available in public already and they are collected
> under a metabug in bugzilla:
> https://bugs.webkit.org/show_bug.cgi?id=116980. So should any of you feel
> like browsing or fixing them, don't hesitate to start with it ;)

First, I would like to say welcome to our new fuzzing overlords. :)

What is your plan for the tool itself? Is it opensource? Will it be added
to webkit.org?
Experience shows our tools are the most useful when they are completely
automated behind maintained bots doing most of the jobs. Do you have any
long term plans like that?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-dev/attachments/20130625/b34fbdbe/attachment.html>

More information about the webkit-dev mailing list