-scaled.png)
AIにより推定されたラベル
自動化ペネトレーションテスト モデルDoS プロンプトインジェクション
※ こちらのラベルはAIによって自動的に追加されました。そのため、正確でないことがあります。
詳細は文献データベースについてをご覧ください。
Abstract
Large language model (LLM)-based techniques have achieved notable progress in generating harnesses for program fuzzing. However, applying them to arbitrary functions (especially internal functions) at scale remains challenging due to the requirement of sophisticated contextual information, such as specification, dependencies, and usage examples. State-of-the-art methods heavily rely on static or incomplete context provisioning, causing failure of generating functional harnesses. Furthermore, LLMs tend to exploit harness validation metrics, producing plausible yet logically useless code. To address these challenges, we present HarnessAgent, a tool-augmented agentic framework that achieves fully automated, scalable harness construction over hundreds of OSS-Fuzz targets. HarnessAgent introduces three key innovations: 1) a rule-based strategy to identify and minimize various compilation errors; 2) a hybrid tool pool for precise and robust symbol source code retrieval; and 3) an enhanced harness validation pipeline that detects fake definitions. We evaluate HarnessAgent on 243 target functions from OSS-Fuzz projects (65 C projects and 178 C++ projects). It improves the three-shot success rate by approximately 20% compared to state-of-the-art techniques, reaching 87% for C and 81% for C++. Our one-hour fuzzing results show that more than 75% of the harnesses generated by HarnessAgent increase the target function coverage, surpassing the baselines by over 10%. In addition, the hybrid tool-pool system of HarnessAgent achieves a response rate of over 90% for source code retrieval, outperforming Fuzz Introspector by more than 30%.