Automatic Testing for Robustness Violations

Research output: Contribution to book/Conference proceedings/Anthology/ReportChapter in book/Anthology/ReportContributedpeer-review

Contributors

Abstract

As our reliance on computers increases, so does the need
for robust software. Previous studies have shown that many
C libraries exhibit robustness problems due to exceptional
inputs. This paper describes the HEALERS system that uses
an automated approach to increasing the robustness of C li-
braries without source code access. The system extracts the
C type information for a shared library using header files
and manual pages. Then it generates for each global func-
tion a fault-injector to determine a “robust” argument type
for each argument. Based on this information and option-
ally, some manual editing, the system generates a robust-
ness wrapper that performs careful argument checking be-
fore invoking C library functions. A robustness evaluation
using Ballista tests has shown that our wrapper can prevent
crash, hang, and abort failures. Moreover, the wrapper gen-
eration process is highly automated and can easily adapt to
new library releases.

Details

Original languageEnglish
Title of host publicationTesting Commercial-off-the-Shelf Components and Systems
Number of pages10
Publication statusPublished - 2005
Peer-reviewedYes

External IDs

Scopus 84891385276

Keywords

Research priority areas of TU Dresden

DFG Classification of Subject Areas according to Review Boards

Keywords

  • Automatic Test, Test Case Generator, Library Function, Programming Error, Security Vulnerability