Automatic functions exclusion in patch testing using chopped symbolic execution
DOI:
https://doi.org/10.54654/isj.v1i16.918Keywords:
security patch testing, symbolic execution, chopperTóm tắt
Abstract— Patch testing is the problem that the modified modules (a software update or patch) need to be checked to ensure that they work as expected (function testing) and do not have any vulnerabilities inside it (security testing). Security patch testing requires a lot of time and a professional security knowledge from the tester. In recent years, chopped symbolic execution was successfully applied in automatic or semi-automatic program testing to reduce the amount of testing work. Chopped symbolic execution (Chopper) allows users to specify “uninteresting” functions to ignore during analysis, therefore allows testing a module of software without running all functions of the program. Effectiveness of chopped symbolic execution method in patch testing depends on how good the ignored functions are chosen. In this paper, we proposed a novel method to automatically exclude functions for chopped symbolic execution in patch testing using control flow graph. Moreover, we used cyclomatic complexity to optimize the speed of testing process. Experimental result shows that our method can choose the ignored func-tions automatically with the testing time less than the Chopper in most cases.
Downloads
References
. Cadar, C., Dunbar, D., Engler, D.: KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs. Trong: Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation, OSDI’08, pp. 209–224. ACM, California (2008).
. Trabish, D., Mattavelli, A., Rinetzky, N., Cadar, C.: Chopped symbolic execution. Trong: Proceedings of the 40th International Conference on Software Engineering, ICSE 2018, pp. 350–360. ACM, New York (2018).
. Cadar, C., Ganesh, V., Pawlowski, P., Dill, D., Engler, D.: EXE: Automatically Generating Inputs of Death. Trong: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS’06, pp. 322–335. ACM, New York (2006).
. angr Homepage, http://angr.io, truy cập cuối vào 12/08/2021.
. BINSEC Homepage, https://binsec.github.io, truy cập cuối vào 12/08/2021.
. Marinescu, P.D., Cadar, C.: KATCH: High-Coverage Testing of Software Patches. Trong: Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering, ESEC/FSE 2013, pp. 235–245. ACM, New York (2013).
. Babic, D., Martignoni, L., McCamant, S., Song, D.: Statically-directed dynamic automated test generation. Trong: Proceedings of the 2011 International Symposium on Software Testing and Analysis, ISSTA’11, pp. 12–22. ACM, New York (2011).
. Godefoid, P., Levin, M.Y., Molnar, D.: SAGE: whitebox fuzzing for security testing. Communications of the ACM 55(3), 40-44 (2012).
. Chaudhuri, A., Foster, J.S.: Symbolic security analysis of ruby-on-rails web applications. Trong: Proceedings of the 17th ACM conference on Computer and communications security, CCS’10, pp. 585-594. ACM, New York (2010).
. Crameri, O., Knezevic, N., Kostic, D., Bianchini, R., Zwaenepoel, W.: Staged deployment in Mirage, anintegrated software upgrade testing and distribution system. Trong: Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles, SOSP’07, pp. 221-236. ACM, New York (2007).
. Gu, Z., Barr, E.T., Hamilton, D.J., Su, Z.: Has the bug really been fixed? Trong: Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering, ICSE’10, pp.55-64. ACM, New York (2010).
. Yin, Z., Yuan, D., Zhou, Y., Pasupathy, S., Bairavasundaram, L.: How do fixes become bugs? Trong: Proceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on Foundations of software engineering, ESEC/FSE '11, pp. 26-36. ACM, New York (2011).
. git Homepage, https://git-scm.com, truy cập cuối vào 12/08/2021.
. GitHub introduce page, https://github.com/about, truy cập cuối vào 12/08/2021.
. GitLab introduce page, https://about.gitlab.com, truy cập cuối vào 12/08/2021.
. SourceForge introduce page, https://sourceforge.net/about, truy cập cuối vào 12/08/2021.
. Bitbucket Homepage, https://bitbucket.org, truy cập cuối vào 12/08/2021.
. opt - LLVM optimizer documentation, https://llvm.org/docs/CommandGuide/opt.html, truy cập cuối vào 12/08/2021.
. Wallace, D., Watson, A., Mccabe, T.: Structured Testing: A Testing Methodology Using the Cyclomatic Complexity Metric, NIST Special Publication 500- 235, National Institute of Standards and Technology, Gaithersburg (1996).
. LLVM bitcode documentation, https://llvm.org/docs/BitCodeFormat.html, truy cập cuối vào 12/08/2021.
. LLVM 3.4 documentation, https://releases.llvm.org/3.4/docs/, truy cập cuối vào 12/08/2021
. Website: CMake overview, https://cmake.org/overview, truy cập cuối vào 12/08/2021.
. STP Homepage, https://stp.github.io, truy cập cuối vào 12/08/2021.
. Cadar, C., Godefroid, P., Khurshid, S., Păsăreanu, C.S., Sen, K.: Symbolic execution for software testing in practice: preliminary assessment. Trong: Proceedings of the 33rd International Conference on Software Engineering, ICSE’11, pp. 1066–1071, ACM, New York (2011).
Additional Files
Published
How to Cite
Issue
Section
License
Proposed Policy for Journals That Offer Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
Proposed Policy for Journals That Offer Delayed Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication, with the work [SPECIFY PERIOD OF TIME] after publication simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).