Fuzzingbook Release Notes

This book and its code use numbered versioning. The version numbers correspond to the version numbers in the Python pip package.

Version 1.1 (released 2022-05-18)

Changes since 1.0:

  • The book has lots of new material (videos, quizzes).
  • The code now has static type annotations (and is type checked).
  • Requirements and install procedures have been reworked.
  • Apart from code fixes, code semantics stays unchanged.

Changes and fixes since 1.0.7:

  • All videos are re-cut – thanks to Aman Roy!
  • Fuzzer.runs() now returns a list comprehension instead of a list (Issue #106)
  • Code using selenium has been updated to the latest version.
  • Fixed a problem in FasterGrammarFuzzer (Issue #130) - thanks to CuriousGeorgiy!

Version 1.0.7 (released 2022-01-25)

  • The WebFuzzer constructor now allows to use a subclass of HTMLGrammarMiner.
  • The GUIFuzzer constructor now allows to use a subclass of GUIGrammarMiner.
  • Class diagrams are now simplified, as we skip non-public methods defined in other chapters.

Version 1.0.6 (released 2022-01-18)

  • Fixed a major performance bug in grammar fuzzing (Issue #117)
  • We now work with recent versions of z3-solver (Issue #115)
  • In the chapter on configuration fuzzing, the OptionGrammarMiner will now capture args from external Python scripts that are protected by if __name__ == '__main__'
  • Various minor fixes and documentation improvements

Version 1.0.5 (released 2022-01-10)

  • This release increases compatibility with various Z3 versions for concolic fuzzing.
  • In the chapter on symbolic fuzzing, the AdvancedSymbolicFuzzer is now named SymbolicFuzzer plain and simple. (AdvancedSymbolicFuzzer still works as an alias).

Version 1.0.4 (released 2022-01-04)

Happy new year!

Version 1.0.3 (released 2021-12-14)

Version 1.0.2 (released 2021-12-08)

Version 1.0.1 (released 2021-11-23)

  • The code now passes mypy static type checks.
  • The Coverage class now supports function_names() and __repr__() methods. Its __exit__() method is no longer included in coverage.
  • Minor fixes across the board.

Version 1.0 (released 2021-11-04)

  • We now support (but also require) Python 3.9 or later. Earlier versions still required Python 3.6 due to some outdated modules such as astor and enforce we depended upon (and now don't anymore).
  • We added missing dependencies to the fuzzingbook pip package (Issue #44 in debuggingbook) such that pip install fuzzingbook also installs all the packages it depends upon. Thanks to @TheSilvus for reporting this!
  • We fixed a warning '.gitignore is a symbolic link' during git checkout (Issue #43) Thanks to @rjc for reporting this!
  • We identified some chapters that were using numpy.random rather than Python random, resulting in, well, random results every time we'd build the book. This is now fixed, and more consistent.
  • Under the hood, we have adopted several more improvements from our sister project "The Debugging Book". Notably, the build process is much streamlined, and we run continuous integration tests to ensure quality of changes and pull requests.

Version 0.9.5 (released 2021-06-08)

  • Lots of minor fixes in HTML generation, adopting new tools and tests from "The Debugging Book".
  • Code functionality should be unchanged.
  • The bookutils module is now shared with the debuggingbook project; some (hopefully neutral) fixes.
  • Several typos and other minor fixes throughout the book.

Version 0.9.0

  • In the Web version, some not-so-critical details (typically, long implementations and logs) are only shown on demand. This is still work in progress.
  • The fuzzingbook_utils module used by notebooks is now renamed to bookutils. Code and notebooks using fuzzingbook_utils may still work, but will issue a deprecation warning.
  • Several minor fixes to functionality in Parsing and Recombining Inputs, Concolic Fuzzing, Symbolic Fuzzing
  • Better style when printing from browser (colored text, smaller fonts)
  • Avoid tracking in YouTube videos
  • Several typos and other minor fixes throughout the book

Version 0.8.0 (released 2019-05-21)

First numbered fuzzingbook release.

Chapter Releases

Before switching to numbered releases, new chapters were coming out every Tuesday.

  1. Introduction to Software Testing – 2018-10-30
  2. Fuzzing: Breaking Things with Random Inputs – 2018-10-30
  3. Getting Coverage – 2018-11-06
  4. Mutation-Based Fuzzing – 2018-11-06
  5. Fuzzing with Grammars – 2018-11-13
  6. Efficient Grammar Fuzzing – 2018-11-20
  7. Grammar Coverage – 2018-11-27
  8. Testing Configurations – 2018-12-04
  9. Parsing and Recombining Inputs – 2018-12-11
  10. Probabilistic Grammar Fuzzing – 2018-12-18
  11. Fuzzing with Generators – 2019-01-08
  12. Fuzzing APIs – 2019-01-15
  13. Carving Unit Tests – 2019-01-22
  14. Reducing Failure-Inducing Inputs – 2019-01-29
  15. Web Testing – 2019-02-05
  16. GUI Testing – 2019-02-12
  17. Mining Input Grammars – 2019-02-19
  18. Tracking Information Flow – 2019-03-05
  19. Concolic Fuzzing – 2019-03-12
  20. Symbolic Fuzzing – 2019-03-19
  21. Mining Function Specifications – 2019-03-26
  22. Search-Based Fuzzing – 2019-04-02
  23. Evaluating Test Effectiveness with Mutation Analysis – 2019-04-09
  24. Greybox Fuzzing – 2019-04-16
  25. Greybox Fuzzing with Grammars – 2019-04-30
  26. Fuzzing in the Large – 2019-05-07
  27. When to Stop Fuzzing – 2019-05-14
  28. Tours through the Book - 2019-05-21

After all chapters were out, we switched to a release-based schedule, with numbered minor and major releases coming out when they are ready.

Creative Commons License The content of this project is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. The source code that is part of the content, as well as the source code used to format and display that content is licensed under the MIT License. Last change: 2022-05-18 11:57:49+02:00CiteImprint