What is meant by Fuzz testing?

  • Interview Candidate
  • 3
  • 1915

Showing Answers 1 - 3 of 3 Answers

abhishek upadhyay

  • Mar 3rd, 2006
 

Fuzz testing a simple technique for feeding random input to applications.

  Was this answer useful?  Yes

ggkmca

  • Apr 25th, 2006
 

Fuzz testing a simple technique for feeding random input to applications. While random testing is a time-honored technique, our approach has three characteristics that, when taken together, makes it somewhat different from other approaches. 1. The input is random. We do not use any model of program behavior, application type, or system description. This is sometimes called black box testing. In the command-line studies (1990, 1995, and 2006), the random input was simply random ASCII character streams. For our X-Window study (1995), Windows NT study (2000), and Mac OS X study (2006), the random input included cases that had only valid keyboard and mouse events. 2. Our reliability criteria is simple: if the application crashes or hangs, it is considerd to fail the test, otherwise it passes. Note that the application does not have to respond in a sensible manner to the input, and it can even quietly exit. 3. As a result of the first two characteristics, fuzz testing can be automated to a high degree and results can be compared across applications, operating systems, and vendors. Fuzz testing is often used in large software development projects that perform black box testing. These usually have a budget to develop test tools, and fuzz testing is one of the techniques which offers a high benefit to cost ratio.Fuzz testing is also used as a gross measurement of a large software system's quality. The advantage here is that the cost of generating the tests is relatively low. For example, third party testers have used fuzz testing to evaluate the relative merits of different operating systems and application programs.Fuzz testing is thought to enhance software security and software safety because it often finds odd oversights and defects which human testers would fail to find, and even careful human test designers would fail to create tests for.However, fuzz testing is not a substitute for exhaustive testing or formal methods: it can only provide a random sample of the system's behavior, and in many cases passing a fuzz test may only demonstrate that a piece of software handles exceptions without crashing, rather than behaving correctly. Thus, fuzz testing can only be regarded as a proxy for program correctness, rather than a direct measure, with fuzz test failures actually being more useful as a bug-finding tool than fuzz test passes as an assurance of quality.

  Was this answer useful?  Yes

G.D.S.Prasad

  • Dec 22nd, 2006
 

Hi,

Fuzz Testing:

Fuzz testing is a software testing technique. The basic idea is to attach the inputs of a program to a source of random data ("fuzz"). If the program fails (for example, by crashing, or by failing built-in code assertions), then there are defects to correct.

Regards

Prasad

  Was this answer useful?  Yes

Give your answer:

If you think the above answer is not correct, Please select a reason and add your answer below.

 

Related Answered Questions

 

Related Open Questions