Fuzz Revisited: A Re-examination of the Reliability of UNIX Utilities and Services
Author
Barton P. Miller,David Koski,Cjin Pheow lee,Vivekananda Maganty,Ravi Murthy,Ajitkumar Natarajan,Jeff Steidl
Abstract
We have tested the reliability of a large collection of basic UNIX utility
programs, X-Window applications and servers, and network services. We used
a simple testing method of subjecting these programs to a random input stream.
Our testing methods and tools are largely automatic and simple to use. We
tested programs on nine versions of the UNIX operating system, including
seven commercial systems and freely-available GNU untilites and Linux. We
report which programs failed on which systems, and identify and categorize
the causes of these failures.
The results of our testing is that we can crash (with core dump) or hang
(infinite loop) over 40 (in the worst case) of the basic programs and over
25 of the X-Window applications. We were not able to crash any of the network
services that we tested nor any of the X-Window servers. This study parallels
our 1990 study (that tested only the basic UNIX utilities); all systems that
we compared between 1990 and 1995 noticeably improved in reliability, but
still had significant rates of failure. The reliability of the basic utilities
from GNU and Linux were noticeably better than those of the commercial systems.
We also tested how utility-programs checked their return codes from the memory
allocation library routines by simulating the unavailability of virtual memory.
We could crash almost half of the programs that we tested in this way.
Address
Madison, WI 53706-168
Institution
University of Wisconsin - Computer Science Dept.
Publication Date
2001-01-01