In the chapter on grammars, we have seen how to use grammars for very effective and efficient testing. In this chapter, we refine the previous string-based algorithm into a tree-based algorithm, which is much faster and allows for much more control over the production of fuzz inputs.The algorithm in this chapter serves as a foundation for several more techniques; this chapter thus is a "hub" in the book.Prerequisites You should know how grammar-based fuzzing works, e.g. from the chapter on gr...| www.fuzzingbook.org
In the chapter on "Mutation-Based Fuzzing", we have seen how to use extra hints – such as sample input files – to speed up test generation. In this chapter, we take this idea one step further, by providing a specification of the legal inputs to a program. Specifying inputs via a grammar allows for very systematic and efficient test generation, in particular for complex input formats. Grammars also serve as the base for configuration fuzzing, API fuzzing, GUI fuzzing, and many more.Prereq...| www.fuzzingbook.org
Research in Software Engineering from Rahul Gopinath| rahul.gopinath.org