ANTLR4 grammar -> fuzzer generator?
469 views
Skip to first unread message
Daniel Halperin
Jul 26, 2018, 12:30:56 PM7/26/18
to antlr-di...@googlegroups.com
Are there any examples out there of folks taking ANTLR4 grammars and generating fuzzers out of them? We use ANTLR4 heavily for parsing, but it would be cool to be able to flip this around and fuzz our processing too...
Thanks!
Dan
Mike Lischke
Jul 26, 2018, 2:09:40 PM7/26/18
to antlr-discussion
>
> Are there any examples out there of folks taking ANTLR4 grammars and generating fuzzers out of them? We use ANTLR4 heavily for parsing, but it would be cool to be able to flip this around and fuzz our processing too...
Reversing the parsing process leads to source code generators. What is a fuzzer actually?
> Are there any examples out there of folks taking ANTLR4 grammars and generating fuzzers out of them? We use ANTLR4 heavily for parsing, but it would be cool to be able to flip this around and fuzz our processing too...
Mike
--
www.soft-gems.net
Daniel Halperin
Jul 26, 2018, 9:14:58 PM7/26/18
to antlr-di...@googlegroups.com
On Thu, Jul 26, 2018 at 11:09 AM 'Mike Lischke' via antlr-discussion <antlr-di...@googlegroups.com> wrote:
>
> Are there any examples out there of folks taking ANTLR4 grammars and generating fuzzers out of them? We use ANTLR4 heavily for parsing, but it would be cool to be able to flip this around and fuzz our processing too...
Reversing the parsing process leads to source code generators. What is a fuzzer actually?
I meant this definition of fuzzer [wikipedia]. I want to generate legal (according to the grammar) but randomly-driven input. This will find bugs in the code we have that parses that input.
Mike Lischke
Jul 27, 2018, 3:11:51 AM7/27/18
to antlr-di...@googlegroups.com
> Are there any examples out there of folks taking ANTLR4 grammars and generating fuzzers out of them? We use ANTLR4 heavily for parsing, but it would be cool to be able to flip this around and fuzz our processing too...
Reversing the parsing process leads to source code generators. What is a fuzzer actually?I meant this definition of fuzzer [wikipedia]. I want to generate legal (according to the grammar) but randomly-driven input. This will find bugs in the code we have that parses that input.
However, that Wikipedia article says fuzz testing is about generating *invalid* input. You don't need a parser for that - just write a random words generator :-)
When it comes to generate valid input however, you might be interested in the sentence generator I've written in my vscode extension (https://github.com/mike-lischke/vscode-antlr4/blob/master/src/backend/SentenceGenerator.ts). However, this generator is currently not enabled in the extension, because it can too easily get out of hand and crashes the entire application (OOM or freeze) if not used with great care. You have to copy the code and embed this in an own application.
Steve Vinoski
Jul 27, 2018, 7:56:49 AM7/27/18
to antlr-di...@googlegroups.com
On Thu, Jul 26, 2018 at 9:14 PM, Daniel Halperin <dan...@halper.in> wrote:
On Thu, Jul 26, 2018 at 11:09 AM 'Mike Lischke' via antlr-discussion <antlr-discussion@googlegroups.com> wrote:>
> Are there any examples out there of folks taking ANTLR4 grammars and generating fuzzers out of them? We use ANTLR4 heavily for parsing, but it would be cool to be able to flip this around and fuzz our processing too...
Reversing the parsing process leads to source code generators. What is a fuzzer actually?I meant this definition of fuzzer [wikipedia]. I want to generate legal (according to the grammar) but randomly-driven input. This will find bugs in the code we have that parses that input.
Reply all
Reply to author
Forward
0 new messages