Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
…the other side of the party<br />
• On the server side there are a bunch of applications, implementing http and WS servers<br />
• For every request:<br />
1. A random delay is applied before generating the response this affect timing on client side<br />
2. A fragment of valid js is composed and returnet as text/html or…<br />
3. ...a reference to a function declared on the client side is returned<br />
• Fuzzing with code fragments has been an<br />
approach used in the past by langfuzz, but<br />
here the goal is to target specific borderline<br />
execution scenarios race conditions<br />
Create<br />
xhr/WS<br />
object<br />
Open<br />
xhr/WS<br />
Eval<br />
(JS)<br />
Send<br />
xhr/WS<br />
Execute<br />
callback<br />
js<br />
Nodejs<br />
app<br />
• This evaluation of the js fragment is influenced by:<br />
• synch DOM mutations that occurred in the middle of call processing<br />
• xhr/ws references not disposed when client location page is navigated away<br />
• race conditions in request/response management