FormatFuzzer – Efficiently Generate High-Quality Binary Inputs

Software has bugs, and catching bugs can involve lots of effort. Fuzzing addresses this problem by automating software testing, specifically by generating tests automatically. Effective fuzzing of programs that process structured binary inputs, such as multimedia files, is a challenging task, since those programs expect a very specific input format. Existing fuzzers, however, are mostly format-agnostic, which makes them versatile, but also ineffective when a specific format is required.

FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs. It takes a binary template that describes the format of a binary input and generates an executable that produces and parses the given binary format. From a binary template for GIF, for instance, FormatFuzzer produces a GIF generator - also known as GIF fuzzer.

FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs.

Generators produced by FormatFuzzer are highly efficient, producing thousands of valid test inputs per second - in sharp contrast to mutation-based fuzzers, where the large majority of inputs is invalid. By default, FormatFuzzer operates in black-box settings, but can also integrate with AFL++ to produce valid inputs that also aim for maximum coverage.