|
|
|
|
|
|
by r0s
806 days ago
|
|
|
According to these reports, the effectiveness of fuzzing decreased over that time period. The majority of bugs reported are explained as poorly designed code, which could then be tested without fuzzing. For example: A primary class of bugs is unbound inputs, which could easily be found with static analysis. There's no reason to toss random strings at it until it breaks, you can know it will break simply because that input is unbound. The lack of adequate traditional testing for each utility is specifically mentioned as a limitation of the studies. All fuzzing proves here, is the value of traditional testing. Of course fuzzing is going to find bugs where there are inadequate tests, but there really should be tests. |
|
|