Pedro Goncalves-Mokarzel

"Software Engineer Internship at Google"

(Google)

Faculty Advisor: Dr. Min Chen

Abstract

In my internship at Google, I worked on creating a differential fuzzer helper library, and on implementing that library to differentially fuzz YAML parsing libraries. Looking at differential fuzzing requires understand of fuzzing. Fuzz testing is the process in which we test a fuzz target to see if it works as expected given input created by the fuzzer. It is an effective way to test for unexpected parameters for fuzz targets. Differential fuzzing is the process in which we take two fuzz targets, give them the fuzzer's input, and then later we check if their outputs match. This methodology is helpful for finding discrepancies for fuzz targets you expect will have the same output, or to check what fuzz targets are most robust. Our goal with the differential fuzzing tool was to create a tool that could be mutable to the implementation of whatever fuzz targets the user wants to do differential fuzzing to. This means the user can implement different fuzz targets and change what would be considered a discrepancy. After creating this tool, we implemented differential fuzzing between the libyaml and yaml-cpp libraries. For getting the best results possible, a significant amount of work went into the process of normalization between the two libraries. This required understanding how these libraries parse information, what types of structure information is going to, and what kind of interpretation do the different libraries make when parsing YAML.