Dowser: A Guided Fuzzer for Finding Buffer Overflow Vulnerabilities
Istvan Haller, Asia Slowinska, Matthias Neugschwandtner, and Herbert Bos
Buffer overflows have long plagued existing software systems, making them vulnerable to attackers. Our tool, Dowser, aims to tackle this issue using efficient and scalable software testing. Dowser builds on a new software testing paradigm, which we call dowsing, that focuses the testing effort around relevant application components. This paradigm proved successful in practice, as Dowser found real bugs in complex applications such as the nginx Web server and the ffmpeg multimedia framework.