Nix + Automated Fuzz Testing Finds Bug in PDF Parser

[Michael Lynch]’s adventures in configuring Nix to automate fuzz testing is a lot of things all rolled into one. It’s not only a primer on fuzz testing (a method of ...read more

featured-image

[Michael Lynch]’s adventures in is a lot of things all rolled into one. It’s not only a primer on fuzz testing (a method of finding bugs) but it’s also a how-to on automating the setup using Nix (which is a lot of things, including a kind of package manager) as well as useful info on effectively automating software processes. [Michael] not only walks through how he got it all up and running in a simplified and usefully-portable way, but he actually found a buffer overflow in in the process! (Turns out someone else had reported the same bug a few weeks before he found it, but it demonstrates everything regardless.

) [Michael] chose fuzz testing because using it to find security vulnerabilities is conceptually simple, actually doing it tends to require setting up a test environment with a complex workflow and a lot of dependencies. The result has a high degree of task specificity, and isn’t very portable or reusable. Nix allowed him to really simplify the process while also making it more adaptable.



Be sure to check out , which goes into detail about how exactly one goes from discovering an input that crashes a program to tracking down (and patching) the reason it happened. Making fuzz testing easier (and in a sense, cheaper) is something people have been interested in for a long time, even going so far as to see whether made economic sense..