Abstract
Documents on popular libraries such as pyOpenSSL do not specify parameters’ domains precisely. Inexact domains hinder efficiently generating valid test cases. In order to solve this problem, an approach for inferring exact domains, namely IED, is put forward. IED starts from crawling parameters’ data types from online official documents. Then, IED conducts exception testing to find tight domains based on slack domains of data types. Finally, IED attempts to detect the extensibility of tight bounds and outputs exact domains. Based on IED, experiments have been conducted on 29 basic parameters of application programming interfaces of pyOpenSSL. Experimental results show that the inferred exact domains vary dramatically even for the same data type and reduce the original domains of data types significantly. Thus, IED is effective and helpful in efficiently generating valid test cases.
Supported by Shandong Provincial Natural Science Foundation under Grant ZR2020MF030 and ZR2018PF007. Also, this work is supported by CERNET Innovation Project under Grant NGII20190407, Fundamental Research Funds for the Central Universities under Grant XJS210305, Natural Science Basic Research Program of Shaanxi under Grant 2021JQ-208, and Natural Science Foundation of Xi’an University of Technology under Grant 413619001.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Boeyen, S., Santesson, S., Polk, T., Housley, R., Farrell, S., Cooper, D.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 (2008)
Brubaker, C., Jana, S., Ray, B., Khurshid, S., Shmatikov, V.: Using frankencerts for automated adversarial testing of certificate validation in SSL/TLS implementations. In: 2014 IEEE Symposium on Security and Privacy, pp. 114–129 (2014)
Chen, C., Tian, C., Duan, Z., Zhao, L.: RFC-directed differential testing of certificate validation in SSL/TLS implementations. In: 2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE), pp. 859–870 (2018)
Chen, Y., Su, Z.: Guided differential testing of certificate validation in SSL/TLS implementations. In: Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, ESEC/FSE 2015, pp. 793–804. Association for Computing Machinery, New York, NY, USA (2015)
Freier, A.O., Karlton, P., Kocher, P.C.: The Secure Sockets Layer (SSL) Protocol Version 3.0. RFC 6101 (2011)
Petsios, T., Tang, A., Stolfo, S., Keromytis, A.D., Jana, S.: NEZHA: efficient domain-independent differential testing. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 615–632 (2017)
Quan, L., Guo, Q., Chen, H., Xie, X., Li, X., Liu, Y., Hu, J.: SADT: syntax-aware differential testing of certificate validation in SSL/TLS implementations. In: 2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE), pp. 524–535 (2020)
Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446 (2018)
Rothermel, G., Untch, R.H., Chu, C., Harrold, M.J.: Test case prioritization: an empirical study. In: Proceedings IEEE International Conference on Software Maintenance - 1999 (ICSM’99). ’Software Maintenance for Business Change’ (Cat. No.99CB36360), pp. 179–188 (1999)
Tian, C., Chen, C., Duan, Z., Zhao, L.: Differential testing of certificate validation in SSL/TLS implementations: an RFC-guided approach. ACM Trans. Softw. Eng. Methodol. 28(4) (2019)
Acknowledgements
All authors would like to express our thanks to anonymous reviewers for their comments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Chen, C. et al. (2023). Inferring Exact Domains to Efficiently Generate Valid Test Cases via Testing. In: Liu, S., Duan, Z., Liu, A. (eds) Structured Object-Oriented Formal Language and Method. SOFL+MSVL 2022. Lecture Notes in Computer Science, vol 13854. Springer, Cham. https://doi.org/10.1007/978-3-031-29476-1_9
Download citation
DOI: https://doi.org/10.1007/978-3-031-29476-1_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-29475-4
Online ISBN: 978-3-031-29476-1
eBook Packages: Computer ScienceComputer Science (R0)