Automatic Testing for Robustness Violations
Research output: Contribution to book/Conference proceedings/Anthology/Report › Chapter in book/Anthology/Report › Contributed › peer-review
Contributors
Abstract
As our reliance on computers increases, so does the need
for robust software. Previous studies have shown that many
C libraries exhibit robustness problems due to exceptional
inputs. This paper describes the HEALERS system that uses
an automated approach to increasing the robustness of C li-
braries without source code access. The system extracts the
C type information for a shared library using header files
and manual pages. Then it generates for each global func-
tion a fault-injector to determine a “robust” argument type
for each argument. Based on this information and option-
ally, some manual editing, the system generates a robust-
ness wrapper that performs careful argument checking be-
fore invoking C library functions. A robustness evaluation
using Ballista tests has shown that our wrapper can prevent
crash, hang, and abort failures. Moreover, the wrapper gen-
eration process is highly automated and can easily adapt to
new library releases.
for robust software. Previous studies have shown that many
C libraries exhibit robustness problems due to exceptional
inputs. This paper describes the HEALERS system that uses
an automated approach to increasing the robustness of C li-
braries without source code access. The system extracts the
C type information for a shared library using header files
and manual pages. Then it generates for each global func-
tion a fault-injector to determine a “robust” argument type
for each argument. Based on this information and option-
ally, some manual editing, the system generates a robust-
ness wrapper that performs careful argument checking be-
fore invoking C library functions. A robustness evaluation
using Ballista tests has shown that our wrapper can prevent
crash, hang, and abort failures. Moreover, the wrapper gen-
eration process is highly automated and can easily adapt to
new library releases.
Details
Original language | English |
---|---|
Title of host publication | Testing Commercial-off-the-Shelf Components and Systems |
Number of pages | 10 |
Publication status | Published - 2005 |
Peer-reviewed | Yes |
External IDs
Scopus | 84891385276 |
---|
Keywords
Research priority areas of TU Dresden
DFG Classification of Subject Areas according to Review Boards
Keywords
- Automatic Test, Test Case Generator, Library Function, Programming Error, Security Vulnerability