ISSTA 2024
Mon 16 - Fri 20 September 2024 Vienna, Austria
co-located with ISSTA/ECOOP 2024
Thu 19 Sep 2024 13:30 - 13:50 at EI 10 Fritz Paschke - WebAssembly and Browsers Chair(s): Stefan Brunthaler

Browsers are responsible for managing and interpreting the diverse data coming from the web. Despite the considerable efforts of developers, however, it is nearly impossible to completely eliminate potential vulnerabilities in such complicated software. While a family of fuzzing techniques has been proposed to detect flaws in web browsers, they still face the inherent challenge of generating test inputs with low semantic correctness and poor diversity.

In this paper, we propose Tacoma, a novel fuzzing framework tailored for web browsers. Tacoma comprises three main modules: a semantic parser, a semantic aligner, and an input generator. By taking advantage of fine-grained semantic alignment techniques, Tacoma is capable of generating semantically correct test inputs, which significantly improve the probability of a fuzzer in triggering a deep browser state. In particular, by integrating a scope-aware strategy into input generation, Tacoma is able to deal with asynchronous code generation, thereby substantially increasing the diversity of the generated test inputs. We conduct extensive experiments to evaluate Tacoma on three production-level browsers, i.e., Chromium, Safari, and Firefox. Empirical results demonstrate that Tacoma outperforms state-of-the-art browser fuzzers in both achieving code coverage and detecting unique crashes. So far, Tacoma has identified 32 previously unknown bugs, 10 of which have been assigned CVEs. It is worth noting that Tacoma unearthed two bugs in Chromium that have remained undetected for ten years.

Thu 19 Sep

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

13:30 - 14:50
WebAssembly and BrowsersTechnical Papers at EI 10 Fritz Paschke
Chair(s): Stefan Brunthaler μCSRL, CODE Research Institute, University of the Bundeswehr Munich
13:30
20m
Talk
Tacoma: Enhanced Browser Fuzzing with Fine-Grained Semantic Alignment
Technical Papers
Jiashui Wang Zhejiang University, Peng Qian Zhejiang University, Xilin Huang Ant Group, Xinlei Ying Ant Group, Yan Chen Northwestern University, Shouling Ji Zhejiang University, Jianhai Chen Zhejiang University, Jundong Xie Ant Group, Long Liu Ant Group
DOI
13:50
20m
Talk
WASMaker: Differential Testing of WebAssembly Runtimes via Semantic-Aware Binary Generation
Technical Papers
Shangtong Cao Beijing University of Posts and Telecommunications, Ningyu He Peking University, Xinyu She Huazhong University of Science and Technology, Yixuan Zhang Peking University, Mu Zhang University of Utah, Haoyu Wang Huazhong University of Science and Technology
DOI
14:10
20m
Talk
Wapplique: Testing WebAssembly Runtime via Execution Context-Aware Bytecode Mutation
Technical Papers
Wenxuan Zhao Fudan University, Ruiying Zeng Fudan University, Yangfan Zhou Fudan University
DOI

Information for Participants
Thu 19 Sep 2024 13:30 - 14:50 at EI 10 Fritz Paschke - WebAssembly and Browsers Chair(s): Stefan Brunthaler
Info for room EI 10 Fritz Paschke:

Map: https://tuw-maps.tuwien.ac.at/?q=CAEG31

Room tech: https://raumkatalog.tiss.tuwien.ac.at/room/13948