Application Security
Coverage-Guided Fuzzing
Also known as: Greybox fuzzing, Feedback-driven fuzzing
Definition
A fuzzing technique that instruments the target to measure code coverage and evolves inputs that explore previously unseen paths, dramatically improving bug-finding efficiency.
Examples
- Compiling a C parser with AFL++ instrumentation and using afl-fuzz to grow a coverage-driven corpus.
- libFuzzer using SanitizerCoverage to evolve inputs for a Rust crate.
Related terms
Fuzz Testing
An automated testing technique that feeds a program large amounts of malformed, random or unexpected input to uncover crashes, memory corruption and security vulnerabilities.
Mutation Fuzzing
A fuzz testing strategy that derives new test inputs by randomly mutating existing valid samples, such as flipping bits, inserting bytes or splicing files.
Symbolic Execution
A program analysis technique that executes code with symbolic inputs rather than concrete values, building path constraints solved by an SMT solver to find bugs.
Buffer Overflow
A memory-safety flaw where a program writes past the end of an allocated buffer, corrupting adjacent memory and often enabling code execution.
Memory Corruption
An umbrella term for vulnerabilities where a program writes outside the bounds of intended memory, undermining type-safety, control flow, or data integrity.
Secure Coding
Secure Coding — definition coming soon.