Database management systems(DBMS)are widely used in various fields and play an irreplace-able role.Therefore,it is crucial to discover bugs in DBMS and prevent them from being exploited by attack-ers.In order to detect hidden bugs in DBMS,researchers have proposed DBMS fuzzing.By using this tech-nology,Researchers have successfully discovered a large number of bugs in DBMS.However,existing DBMS fuzzing still have certain limitations.When mutating the Abstract Syntax Tree(AST)of SQL state-ments,existing DBMS fuzzing can't allocate computing resources based on the importance of different nodes and mutation results,but adopt an average allocation strategy.This reduces the efficiency of fuzzing.To ad-dress this issue,this article proposes an adaptive mutation strategy using a syntax-information-based mutation method.This mutation strategy can automatically calculate the importance of different nodes and mutation re-sults,and allocate more computing resources for more important operations based on their importance.Syntax-information-based mutation method can directly associate mutation operations with mutation results,and eliminates deviation between mutation operations and mutation results.The paper implement this muta-tion strategy in a new DBMS fuzzer,Pinecone,and test two widely used DBMS using Pinecone.The experi-ment showed that compared with Squirrel,Pinecone found 4.52%and 19.4%more paths,15%and 13.8%more bitmap coverage,and 26.7%and 75%more bugs in MariaDB and MySQL respectively.This proves that the proposed method can effectively improve the efficiency of DBMS fuzzing.
国家科技期刊平台
NSTL
万方数据
