Code Monkey home page Code Monkey logo

squirrel's Introduction

Squirrel

Squirrel is a fuzzer that aims at finding memory corruption issues in database managment systems (DBMSs). It is built on AFL. More details can be found in our CCS 2020 paper. And the bugs found by Squirrel can be found in here.

Currently supported DBMSs:

  1. SQLite
  2. PostgreSQL
  3. MySQL
  4. MariaDB

Build Instruction

Currently we test Squirrel on Ubuntu 16 and Ubuntu 18.

  1. Prerequisites:

    sudo apt-get -y update && apt-get -y upgrade
sudo apt-get -y install gdb bison flex git make cmake build-essential gcc-multilib g++-multilib xinetd libreadline-dev zlib1g-dev
sudo apt-get -y install clang libssl-dev libncurses5-dev

# Compile AFL, which is used for instrumenting the DBMSs
cd ~
git clone https://github.com/google/AFL.git
cd AFL
sed -i  's/#define MAP_SIZE_POW2       16/#define MAP_SIZE_POW2       18/' config.h
make
cd llvm_mode/
make

  2. DBMS-specific requirements: Headers and libary of MySQL, PostgreSQL and MariaDB if you want to test them. The most direct way is to compile the DBMSs.

  3. Compile Squirrel:

    git clone 
cd Squirrel/DBNAME/AFL
make afl-fuzz # You need to set the path in the Makefile

  4. Instrument DBMS:

    # SQLite:
git clone https://github.com/sqlite/sqlite.git
cd sqlite
mkdir bld
cd bld
CC=/path/to/afl-gcc CXX=/path/to/afl-g++ ../configure # You can also turn on debug flag if you want to find assertion
make

# MySQL/PostgreSQL/MariaDB
cd Squirrel/DBNAME/docker/
cp ../AFL/afl-fuzz .
sudo docker build -t IMAGE_ID .

Run

# SQLite:
cd Squirrel/SQLite/fuzz_root
./afl-fuzz -i input -o output -- /path/to/sqlite3 --bail

# MySQL, PostgreSQL, MySQL, MariaDB
docker run -it IMAGE_ID bash
python run.py # wait for a few minutes
tmux a -t fuzzing

Since the input has been well-tested. It is more likely to find new bugs if you use your own seeds.

Publications

SQUIRREL: Testing Database Management Systems with Language Validity and Coverage Feedback

@inproceedings{zhong:squirrel,
  title        = {{SQUIRREL: Testing Database Management Systems with Language Validity and Coverage Feedback}},
  author       = {Rui Zhong and Yongheng Chen and Hong Hu and Hangfan Zhang and Wenke Lee and Dinghao Wu},
  booktitle    = {Proceedings of the 27th ACM Conference on Computer and Communications Security (CCS)},
  month        = nov,
  year         = 2020,
  address      = {Orlando, USA},
}

squirrel's People

Contributors

changochen avatar huhong789 avatar zr950624 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.