Hacker News new | past | comments | ask | show | jobs | submit login
How to Fuzz an ADT Implementation (2013) (regehr.org)
64 points by luu on April 17, 2020 | hide | past | favorite | 6 comments



https://blog.trailofbits.com/2019/01/22/fuzzing-an-api-with-... provides a little more friendly way (with delta-debugging and save/replay, and ability to use more fuzzers) to do this, via DeepState


Yet another article that uses an acronym and then doesn't bother cluing us in to what it stands for.

I build healthcare interfaces; ADT means demographics. What's it mean here?


even in a programming context i thought it was going to be 'algebraic datatype'


Abstract data type.


This is how rax (https://github.com/antirez/rax) and most of Redis is tested. Indeed this is the only way to be confident about a complex data structure implementation sanity.


> Testing is necessarily incomplete but if you beat the crap out of the subset of the API that you actually intend to use, it’s possible to become reasonably confident that it will work in practice.

This is the kicker for me. I'm not a C++ expert, but knowing that a coverage-guided fuzzer has been running against my code for the past few months gives me a lot of confidence.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: