Skip to content

Master project at VU Amsterdam by Prashanth varma dommaraju. This project focuses on the application of error fuzzing to Kubernetes structs, leveraging the strengths of protobuf-mutator for comprehensive error testing.

Notifications You must be signed in to change notification settings

cymtrick/kubefuzzthesis

Repository files navigation

KubeFuzzThesis - (kubechainsaw)

Master project at VU Amsterdam by Prashanth Varma Dommaraju. This project focuses on applying error fuzzing to Kubernetes structs, leveraging the strengths of protobuf-mutator for comprehensive error testing.

Structure Aware Fuzzing for Kubernetes

Introduction

As a complex container orchestration platform, Kubernetes requires thorough testing to identify errors and ensure robust operation. This discussion explores the application of cross-language fuzzing to Kubernetes structs, utilizing the strengths of Go and C++ for comprehensive error testing.

Background

Kubernetes relies heavily on structs and complex data structures to manage and orchestrate containerized applications. Fuzz testing these structs is crucial to uncovering potential errors that may lead to unexpected behavior. Integrating Go and C++ for fuzz testing provides a powerful strategy to evaluate Kubernetes components' robustness comprehensively.

Components

1. Go Fuzzer for Kubernetes

  • The Go component is the fuzzer target, processing Kubernetes structs. Go functions are designed to handle Kubernetes structs, often defined in the official Kubernetes Go client libraries. Go's native support for Kubernetes APIs and well-defined structs simplifies the processing of Kubernetes-specific data structures.

2. C++ Fuzzer with libprotobuf-mutator

  • The C++ component is the fuzzer, generating fuzzed data for Kubernetes structs. Libprotobuf-mutator mutates Kubernetes structs, creating diverse inputs for fuzz testing. C++'s efficient memory management and integration with libprotobuf-mutator enable sophisticated mutation strategies for Kubernetes structs.

Workflow

  1. Generating Fuzzed Data in C++:

    • The C++ fuzzier employs libprotobuf-mutator to generate fuzzed data for Kubernetes structs, simulating various real-world scenarios. Kubernetes struct definitions serve as the basis for creating mutated inputs.
  2. Calling Go Functions from C++:

    • The C++ fuzzer utilizes a foreign function interface (FFI) or an interface mechanism to call Go functions that process Kubernetes structs. Fuzzed data, representing mutated Kubernetes structs, is securely passed from C++ to Go for processing.
  3. Processing Fuzzed Data in Go:

    • Go functions receive the fuzzed data, which includes Kubernetes structs, and process them using the Kubernetes client libraries. Customized processing logic in Go functions identifies errors or unexpected behavior in handling Kubernetes structs.

Fuzzing with libprotobuf-mutator and libFuzzer is a robust strategy for identifying errors within Kubernetes. This methodology provides a comprehensive approach to uncovering unexpected behavior by specifically targeting Kubernetes structs.

About

Master project at VU Amsterdam by Prashanth varma dommaraju. This project focuses on the application of error fuzzing to Kubernetes structs, leveraging the strengths of protobuf-mutator for comprehensive error testing.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published