Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A browser testing method, device and computer equipment

A testing method and browser technology, applied in computer security devices, computing, software testing/debugging, etc., can solve problems affecting browser testing results, unable to simulate user-browser interaction in normal usage scenarios, and affecting testing results, etc.

Active Publication Date: 2021-05-14
TENCENT TECH (SHENZHEN) CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The above two test tools all need to perform browser testing in the same process (single process), that is, introduce the browser function module code to be tested into the test tool, and run and test the browser function module code in the process started by the test tool. Code (Although AFL is a multi-process model, it just keeps starting itself, which is essentially equivalent to testing the browser based on a single process), so, on the one hand, when AFL and libfuzzer are testing the browser, the tested module It will run in isolation from the overall environment of the browser, which will affect the test effect accordingly; on the other hand, AFL and libfuzzer can only simulate the operation in a single process, and cannot simulate the interaction between the user and the browser in normal usage scenarios, which will also affect The test results of the browser cannot accurately and comprehensively dig out the potential vulnerabilities of the browser

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A browser testing method, device and computer equipment
  • A browser testing method, device and computer equipment
  • A browser testing method, device and computer equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] The following will clearly and completely describe the technical solutions in the embodiments of the application with reference to the drawings in the embodiments of the application. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0043] As an aspect of the embodiment of the application, the application provides a browser testing method, which is used to test the browser by simulating the interaction between the user and the browser in a normal usage scenario based on a cross-process and cross-authority test framework. Test, correspondingly achieve the purpose of improving the test effect, more accurately and comprehensively mining browser vulnerabilities.

[0044] Optionally, the above-mentioned browser test...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present application relates to a browser testing method, device and computer equipment. The browser testing method, device and computer equipment maintain a complete browser environment and run the overall browser during browser testing. On this basis, by isolating the test tool and the object under test, that is, the browser, on the process, the test tool runs in the low-privilege test process, and the browser code to be tested that has completed the instrumentation runs in the high-privilege browser. The browser process simulates the normal user access to the browser, and realizes the cross-process and cross-authority testing of the browser under the simulation of normal interaction scenarios. This kind of test is more in line with the actual situation of the user's daily operation of the browser, and it is easier to mine Common and easy-to-reproduce security vulnerabilities of browsers can be found, so that browser vulnerabilities can be further accurately and comprehensively mined.

Description

technical field [0001] The application belongs to the technical field of browser vulnerability mining, and in particular relates to a browser testing method, device and computer equipment. Background technique [0002] Browser vulnerability mining is an important link in the browser security mechanism. At present, when conducting browser testing to mine browser vulnerabilities, the main testing tools used are AFL or LibFuzzer, two open source software. [0003] AFL, or American fuzzy lop, is a security-oriented fuzz testing tool that uses genetic algorithms to effectively increase the code coverage of test cases. AFL is open source and developed by Zalewski hosts on his website. LibFuzzer is an open source software developed by Google. It is an in-process, coverage-oriented, mutation testing fuzzing engine. ) feeds the fuzzed input to the library, the Fuzzer then tracks which regions of the code are reached and generates mutations on the corpus of input data in order to m...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/36G06F21/57
CPCG06F11/3684G06F11/3688G06F21/577
Inventor 钱文祥李宇翔
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com