[Review] Squirrel: Testing Database Management Systems with Language Validity and Coverage Feedback

[Review] Squirrel: Testing Database Management Systems with Language Validity and Coverage Feedback

Link here

This paper proposes a new recipe to detect the DBMSs crash.

It’s difficult to ensure the syntactic and semantic correctness when fuzzing the DBMSs, and former methods(mutation-based fuzzers, generation-based fuzzers) are not eligible for it. Mutation-based fuzzers are not able to ensure the syntactic and semantic correctness, and generation-based fuzzers can guarantee the syntax correctness of the inputs, but it does utilize any feedback.

Implementation:

  • Change the SQL query into IR(a representation methods proposed in the paper), using AST(Abstract Syntax Tree).
Read more