Google introduced project clusterfuzzlite , allowing you to organize fuzzing-testing code for early detection of potential vulnerabilities at the stage of operation of continuous integration systems. Currently, CLUSTERFUZZ can be used to automate the FUZZing testing of Pull queries in GitHub Actions , in Google Cloud Build and in PROW , but further support for support and other CI systems is expected. The project is based on the Clusterfuzz platform created to coordinate the work of Fuzzing test clusters, and extends under the APACHE 2.0 license.
It is noted that after introducing in 2016 by Google Service Oss-Fuzz in the continuous FUZZing test program, more than 500 important open projects were adopted. Based on the inspections, more than 6,500 confirmed vulnerabilities were fixed and more than 21 thousand errors were corrected.
ClusterFuzzLite continues to develop the mechanisms of Fuzzing testing the possibility of earlier identification of problems at the review stage of the proposed changes. ClusterFuzzLite has already been implemented in the process of reviewing changes in SystemD and CURL projects, and allowed to identify errors missing by static analyzers and Linter-AMI used at the initial stage of checking a new code.
clusterfuzzlite supports testing of projects in C, C ++, Java (and other languages based on JVM), Go, Python, Rust and SWIFT. Fuzzing testing is carried out using the Libfuzzer . To identify memory errors and anomalies can also be caused tools AddressSanitizer , MemorySanitizer and ubsan (undefinedbehaviorsanitizer).
Casual capabilities of ClusterFuzzLite: Fast check of the proposed changes to find errors in step before accepting the code; Loading reports on the conditions for the occurrence of collars; the ability to transition to more advanced fuzzing testing to identify deeper errors that did not need to check the code change; Generation of Coverage reports to assess the coverage of code when testing; Modular architecture that allows you to choose the necessary functionality.
Recall that when Fuzzing testing is generated by the flow of all sorts of random combinations of input data close to real data (for example, HTML pages with random parameters of tags, archives or images with abnormal headlines, etc.), and fixation of possible Discharges in the process of their processing. If some sequence leads to a collapse or does not correspond to the expected reaction, then such behavior with a high probability indicates an error or vulnerability.