![[Review] Squirrel: Testing Database Management Systems with Language Validity and Coverage Feedback](/blog/images/10/cover.png)
[Review] Squirrel: Testing Database Management Systems with Language Validity and Coverage Feedback
This paper proposes a new recipe to detect the DBMSs crash.
It’s difficult to ensure the syntactic and semantic correctness when fuzzing the DBMSs, and former methods(mutation-based fuzzers, generation-based fuzzers) are not eligible for it. Mutation-based fuzzers are not able to ensure the syntactic and semantic correctness, and generation-based fuzzers can guarantee the syntax correctness of the inputs, but it does utilize any feedback.
Implementation:
- Change the SQL query into IR(a representation methods proposed in the paper), using AST(Abstract Syntax Tree).
![[Review] GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis](/blog/images/40/cover.png)
![[Review] MoonShine: Optimizing OS Fuzzer Seed Selection with Trace Distillation](/blog/images/39/cover.png)
![[Review] One Simple API Can Cause Hundreds of Bugs: An Analysis of Refcounting Bugs in All Modern Linux Kernels](/blog/images/38/cover.png)
![[Review] HEALER: Relation Learning Guided Kernel Fuzzing](/blog/images/37/cover.png)
![[Review] Towards Precise Reporting of Cryptographic Misuses](/blog/images/36/cover.png)