python |
Pythonタグが付けられた新着投稿 - Qiita |
Pyinstaller で実行ファイル化する時にやったこと |
https://qiita.com/takavfx/items/52e455be85a31e1f663e
|
pyinstaller |
2022-11-06 21:44:25 |
python |
Pythonタグが付けられた新着投稿 - Qiita |
ABC276をPythonとC++で |
https://qiita.com/MoroeTachibana-oh/items/7083f8bd2634d70846da
|
atcoderbeginnercontest |
2022-11-06 21:28:35 |
Ruby |
Rubyタグが付けられた新着投稿 - Qiita |
Rubyで参照渡しができなくても悲観する必要はなかった |
https://qiita.com/pyon_kiti_jp/items/2c01dc2333ddfbabb50d
|
byref |
2022-11-06 21:54:41 |
AWS |
AWSタグが付けられた新着投稿 - Qiita |
【IaC】AWS CloudFormationとは? |
https://qiita.com/akkii__/items/c8f0116044a2b14847f2
|
awscloudformation |
2022-11-06 21:23:57 |
技術ブログ |
Developers.IO |
[レポート]偽プレスリリースの背後に「認知作戦」の影 サイバー情報戦の謎に迫る – CODE BLUE 2022 #codeblue_jp |
https://dev.classmethod.jp/articles/codeblue-2022-day2-track1-1050-2/
|
codeblue |
2022-11-06 12:31:23 |
海外TECH |
DEV Community |
Finding bugs by fuzzing your code |
https://dev.to/superfola/finding-bugs-by-fuzzing-your-code-1b0e
|
Finding bugs by fuzzing your codeIf you have ever worked on a large scale project you know that finding and tracking bugs can be very tedious and lengthy Did you know it could be automated There are multiple ways to achieve this starting with unit amp integration tests run regularly to detect regressions end to end tests to ensure a functionality is behaving as intended and much more However writing those tests is also a lengthy process and you miss some hard to find bugs We are going to focus on fuzzing an automated crash detection process What is fuzzing According to wikipedia fuzzing is an automated software testing technique that involves providing invalid unexpected or random data as inputs to a computer program Given a set of inputs your program can work on a fuzzer will generate as much diverging data as possible and feed it to your program recording each crash Fuzzing in practiceIf you don t know me yet I am the developper of ArkScript an easy to embed scripting language and I have worked on dozen of new functionalities this past year However this can and it has introduce bugs sometimes quite tricky to find Fuzzing comes to the rescue here I didn t want nor had time to write thousands of tests by hand so I just wrote the basic tests checking that every good input leads to the expected output What was missing was the bad input leads to bad output kind of tests Introducing AFL AFL is a superior fork of AFL American Fuzzy Lop a fuzzer originally developed by Google Here is how it operates It is very easy to use you have to recompile your project using afl cc and or afl c give it an input corpus and let it work for you until you are satisfied Generating an input corpusSince I wanted to fuzz a programming language my input corpus was easy to put together code samples parts of the standard library some tests files The process is as follows given the corpus we want to generate an unique corpus to remove inputs from the corpus that do not produce a new path coverage in the target minimizing the corpus the shorter the input files that still traverse the same path within the target the better the fuzzing will be step afl cmin i fuzzing corpus o fuzzing unique buildFolder arkscript L libmkdir p fuzzing inputcd fuzzing unique step for i in do afl tmin i i o input i buildFolder arkscript L libdoneYou may have noticed the buildFolder arkscript L lib bit this is the command to run the inputs against with being the filename of the input generated by AFL Then we can run the fuzzer as follows and get crashes afl fuzz i fuzzing input o fuzzing output s buildFolder arkscript L libThe s is here to set the RNG seed to to be able to reproduce RNG based crashes more easily every crash will be stored under fuzzing output And here we are the fuzzer is running and finding bugs for us Analysing crashesNow comes the hard part reducing the input to find the smallest input sample which still generates the bug Oftentimes this has to be done by hand and it is a tedious process but finding those buggy inputs by hand would have taken much more time so it s still a win AFL has tools to minimize the crashes helping you to find the bugs afl tmin i fuzzing output main crashes id o fuzzing minimized result build arkscript L libOnce you have your smallest input possible for a given crash and you have fixed it it is a good idea to keep it somewhere to be able to run the next version s of your program on it and see if it is still fixed This has personally helped me starting a collection of bad inputs to check in my tests if they are correctly handled Some things to note about fuzzing a lot of crashes can be very similar when the AFL fuzzer finds a bugs it will use it and derive it to find othersbecause of you might want to run multiple fuzzers at the same time it will find more bugs plus it was designed to work that way one master instance and multiple variants you don t have to limit the memory allocated to each fuzzer but if you don t you might exhaust all your RAMa fuzzer can run for a very long time and not find anything that doesn t mean your program is bug free Because fuzzing can require a lot of time and ressources you might want to run those tests once in a while for example for every new release instead of for every commit or test added |
2022-11-06 12:12:59 |
海外科学 |
NYT > Science |
At COP27, Developing Nations Have a Message for Polluters: Pay Up |
https://www.nytimes.com/2022/11/06/climate/loss-and-damage-climate-cop27.html
|
At COP Developing Nations Have a Message for Polluters Pay UpPoor countries facing climate hazards want the United States and other industrialized nations to compensate them for the harm caused by greenhouse gases |
2022-11-06 12:24:01 |
海外科学 |
BBC News - Science & Environment |
COP27: 'Climate chaos' as UN climate summit begins |
https://www.bbc.co.uk/news/science-environment-63517078?at_medium=RSS&at_campaign=KARANGA
|
conference |
2022-11-06 12:18:36 |
ニュース |
BBC News - Home |
Williamson text messages were not acceptable, says minister |
https://www.bbc.co.uk/news/uk-politics-63530070?at_medium=RSS&at_campaign=KARANGA
|
dowden |
2022-11-06 12:06:18 |
ニュース |
BBC News - Home |
COP27: 'Climate chaos' as UN climate summit begins |
https://www.bbc.co.uk/news/science-environment-63517078?at_medium=RSS&at_campaign=KARANGA
|
conference |
2022-11-06 12:18:36 |
ニュース |
BBC News - Home |
Tanzanian Precision Air plane crashes into Lake Victoria |
https://www.bbc.co.uk/news/world-africa-63532896?at_medium=RSS&at_campaign=KARANGA
|
africa |
2022-11-06 12:33:34 |
ニュース |
BBC News - Home |
Glastonbury Festival ticket sale hit by technical issue |
https://www.bbc.co.uk/news/uk-england-bristol-63533949?at_medium=RSS&at_campaign=KARANGA
|
resale |
2022-11-06 12:26:17 |
ニュース |
BBC News - Home |
T20 World Cup: India set up England semi-final with 71-run win over Zimbabwe |
https://www.bbc.co.uk/sport/cricket/63533507?at_medium=RSS&at_campaign=KARANGA
|
zimbabwe |
2022-11-06 12:54:22 |
北海道 |
北海道新聞 |
釧路・春採湖のヒブナ 金魚と交雑して誕生 市立博物館など共同研究 |
https://www.hokkaido-np.co.jp/article/756508/
|
共同研究 |
2022-11-06 21:21:50 |
北海道 |
北海道新聞 |
後志管内213人感染 小樽は152人 新型コロナ |
https://www.hokkaido-np.co.jp/article/756493/
|
新型コロナウイルス |
2022-11-06 21:18:07 |
海外TECH |
reddit |
[Match Thread] Chelsea vs Arsenal - Premier League |
https://www.reddit.com/r/chelseafc/comments/yno4to/match_thread_chelsea_vs_arsenal_premier_league/
|
Match Thread Chelsea vs Arsenal Premier League Premier League Chelsea Arsenal Match Info Date November Time Europe London Venue Stamford Bridge Events submitted by u YIIZWL to r chelseafc link comments |
2022-11-06 12:00:58 |
コメント
コメントを投稿