Abstract:
Fuzzing of JavaScript engines is one of the most difficult areas in web-browser testing due to the complexity of input data generating. JavaScript engines process JavaScript code on a web page and require constant support for new language standards and increasing complexity in their architecture. The most common fuzzers today are not able to effectively mutate complexly structured input data during fuzzing. Generating JavaScript code from scratch does not allow encapsulating the necessary semantics, and current mutators quickly destroy the syntax and semantics of the input data language. This article presents a new mutation strategy that preserves the syntax and semantics of the input data by modifying the AST of JavaScript code fragments. This method allows you to efficiently generate diverse and correct input data, which can lead to the identification of errors and vulnerabilities in JavaScript engines. This method can be used to improve the security of web browsers and ensure reliable interpretation of JavaScript code.
Keywords:mutations of complex structured data, JavaScript engine, software vulnerabilities, fuzzing
Fulltext:
PDF file (1497 kB)