Generating Software Tests (Security Testing) Andreas Zeller + Rahul Gopinath


Project 3 - Small fix and Important Remarks

Written: 02.02.2020 09:51 Written By: Michael Mera

Dear students,


A new version of project 3 is available. It mainly fixes an erroneous SMTP response when several FRIEND commands are sent with different names during the same session.


I would like to take this opportunity to make a few remarks on questions that come up frequently:

  • Your submission should be a fuzzer. This means that you cannot hardcode all the behavior and  simply replay pre-defined (B)SMTP sessions. It should include a good degree of randomness.
  • The reachability challenges are NOT MANDATORY. The goal of the project is to make you write a fuzzer and demonstrate your understanding of the fuzzing techniques you learned. The reachability challenges are just a way for you to make sure you pass, in case you don't feel confident. They will not be included in the computation of the final grade, as explained in the project notebook.
  • You are allowed to use a few seeds for your fuzzer, but you should justify how you built and why you have chosen these particular seeds. Also, "I wanted to make sure I trigger all the reachability challenges" is NOT a good justification, since your goal should be to trigger bugs during the evaluation, not to trigger these challenges.
  • The project notebook states that in the final evaluation when a bug is triggered the bsmtp server will crash and return a value unique to each bug. Just to make it clear, this returned value is the exit code of the bsmtp server, NOT an SMTP response. With the BSMTPServer helper provided, the value can be retrieved using the exitcode() method.
  • The code that you are fuzzing includes all the sources contained in the bsmtp folder. This means in particular that the filtering of the emails using bleach is also part of your target and in the final evaluation, bugs will be included in that part of the code. Conversely, if the code for a particular functionality is not included in the folder (e.g. parsing multipart emails), there will be no bug introduced in that functionality during the final evaluation.
  • Please make sure that your fuzzer makes appropriate use of try...except, so that whatever happens in the communication with the BSMTP server, your fuzzer is able to recover and continue its work.


I hope this helps to clarify the questions you have, and as always if you are in doubt you can send me an email or post a question on the Askbot.

Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators