Chapter 11, Automated Fuzzing with CMake
- Fuzzing is a testing technique that is based on feeding computer-generated data to a system or function to check whether the target behaves as expected.
- Corpus data is the set of all interesting inputs that persisted between fuzzing runs. The corpus can grow over time.
- Via passing
-fsanitize=fuzzerto both compiler and linker flags of the target (
- OpenSSL – Heartbleed, and Bash – Shellshock