DatAFLow: Toward a Data-flow-guided Fuzzer

This Replicating Computational Report (RCR) describes (a) our datAFLow fuzzer and (b) how to replicate the results in "datAFLow: Toward a Data-Flow-Guided Fuzzer." Our primary artifact is the datAFLow fuzzer. Unlike traditional coverage-guided greybox fuzzers-which use control-flow coverage to drive program exploration-datAFLow uses data-flow coverage to drive exploration. This is achieved through a set of LLVM-based analyses and transformations. In addition to datAFLow, we also provide a set of tools, scripts, and patches for (a) statically analyzing data flows in a target program, (b) compiling a target program with the datAFLow instrumentation, (c) evaluating datAFLow on the Magma benchmark suite, and (d) evaluating datAFLow on the DDFuzz dataset. datAFLow is available at https://github.com/HexHive/datAFLow.

DatAFLow: Toward a Data-flow-guided Fuzzer

To Infinity, and Beyond (Coverage)

DatAFLow: Toward a Data-Flow-Guided Fuzzer

Arvin: Greybox Fuzzing Using Approximate Dynamic CFG Analysis

To Infinity, and Beyond (Coverage)

DatAFLow: Toward a Data-Flow-Guided Fuzzer

Arvin: Greybox Fuzzing Using Approximate Dynamic CFG Analysis