Google open sources ClusterFuzz – TechCrunch


Google today announced that it is open sourcing ClusterFuzz, a scalable fuzzing tool that can run on clusters with over 25,000 machines.

The company has long used the tool internally and if you’ve paid particular attention to Google’s fuzzing efforts (and you have, right?), then this may all seem a bit familiar. That’s because Google launched the OSS-Fuzz service a couple of years ago and that service actually used ClusterFuzz. OSS-Fuzz was only available to open source projects, though, while ClusterFuzz is now available for anyone to use.

The overall concept behind fuzzing is pretty straightforward: you basically throw lots of data (including random inputs) at your application and see how it reacts. Often, it’ll crash, but sometimes you’ll be able to find memory leaks and security flaws. Once you start anything at scale, though, it becomes more complicated and you’ll need tools like ClusterFuzz to manage that complexity.

ClusterFuzz automates the fuzzing process all the way from bug detection to reporting — and then retesting the fix. The tool itself also uses open source libraries like the libFuzzer fuzzing engine and the AFL fuzzer to power some of the core fuzzing features that generate the test cases for the tool.

Google says it has used the tool to find over 16,000 bugs in Chrome and 11,000 bugs in over 160 open source projects that used OSS-Fuzz. Since so much of the software testing and deployment toolchain is now generally automated, its no surprise that fuzzing is also becoming a hot topic these days (I’ve seen references to “continuous fuzzing” pop up quite a bit recently).


Like it? Share with your friends!

841
22133 shares, 841 points

What's Your Reaction?

Fake Fake
0
Fake
Epic Epic
0
Epic
Dislike
0
Dislike
Like Like
0
Like

Comments 0

Your email address will not be published. Required fields are marked *

Google open sources ClusterFuzz – TechCrunch

MainStreet Econ

Join the MSE Community

reset password

Back to
MainStreet Econ
Choose A Format
Trivia quiz
Series of questions with right and wrong answers that intends to check knowledge
Poll
Voting to make decisions or determine opinions
Story
Formatted Text with Embeds and Visuals
List
The Classic Internet Listicles
Open List
Open List
Ranked List
Ranked List
Video
Youtube, Vimeo or Vine Embeds
Image
Photo or GIF
Gif
GIF format

Send this to a friend