dg.txt <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html class="dj_gecko dj_contentbox" xmlns="http://www.w3.

org/1999/xhtml" xml:lang="en" lang="en"><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Fuzz testing</title> <link rel="schema.DC" href="http://purl.org/DC/elements/1.0/"> <link rel="SHORTCUT ICON" href="http://www.ibm.com/favicon.ico"> <meta name="DC.Rights" content=" Copyright&nbsp;IBM Corporation&nbsp;2006"> <meta name="Keywords" content="Fuzz testing, fuzzing, attack, cracking, data corruption, test-first, program, application, code quality, corrupted file, checksums, algorithms, SHA, MD5, XML, data storage, verification, parser, parsing, DTD, schema, validation, Java, C#, C+, automation, grammar-based formats, blackbox, automated, manual, Randomizer, Elliotte Rusty Harold, tttjca"> <meta name="DC.Date" scheme="iso8601" content="2006-09-26"> <meta name="Source" content="v17 delivery:developerWorks"> <meta name="Security" content="Public"> <meta name="Abstract" content="Fuzz testing is a simple technique that can have a profound effect on your code quality. In this article, Elliotte Rusty Harold shows what happens when he deliberately injects random bad data into an application to see what breaks. He also explains how to use defensive coding techniques such as checksums, XML data storage, and code verification to harden your programs against random data. He concludes with an exercise in thinking like a code cracker -- a crucial technique for defending your code."> <meta name="Description" content="Fuzz testing is a simple technique that can have a profound effect on your code quality. In this article, Elliotte Rusty Harold shows what happens when he deliberately injects random bad data into an application to see what breaks. He also explains how to use defensive coding techniques such as checksums, XML data storage, and code verification to harden your programs against random data. He concludes with an exercise in thinking like a code cracker -- a crucial technique for defending your code."> <meta name="IBM.Effective" scheme="W3CDTF" content="2006-09-26"> <meta name="Owner" content="developerWorks Content/Raleigh/IBM"> <meta name="DC.Language" scheme="rfc1766" content="en"> <meta name="IBM.SpecialPurpose" content="SP001"> <meta name="IBM.Country" content="ZZ"> <meta name="Robots" content="index,follow"> <meta name="DC.Type" scheme="IBM_ContentClassTaxonomy" content="CT316">