'%3e%3cpath%20d='M3.389%209.069c0-.009.043-.033.029-.044L.029%207.77l3.287-1.197L6.574%207.77l.106.083.005%204-3.297%201.185V9.068ZM13.582%209.32V2.74l3.405%201.238v4.104L13.583%209.32ZM10.253%2014.66l-3.476%201.268v-4.027l3.476-1.313v4.072ZM10.253%2010.558l-3.476%201.239V7.784l3.476-1.268v4.042ZM10.253%2014.719v3.968L6.777%2020v-3.998l3.476-1.283ZM17%208.139v4.042l-3.418%201.239V9.378L17%208.138ZM3.3%2017.168%200%2015.943v-4.027l3.3%201.224v4.028ZM6.69%2011.916v4.027l-3.302%201.225v-4.072l3.301-1.18ZM6.69%203.743v4.012l-3.33-1.21V2.564l3.33%201.18Z'/%3e%3cpath%20d='M3.3%2013.066%200%2011.842V7.844l3.3%201.224v3.998ZM13.524%209.334l-.175.088.175-.014v4.027l-3.152%201.183-.06-.032v-3.983l1.986-.767-.111.006-1.876.657V6.531l3.213-1.224v4.027Zm-.263.133c-.065.008-.198.023-.233.088.065-.008.198-.023.233-.088Zm-.321.118c-.065.008-.198.023-.233.088.065-.009.198-.023.233-.088Zm-.321.118c-.066.008-.199.023-.234.088.065-.008.199-.023.234-.088ZM13.524%201.266v3.968l-3.213%201.195V2.46l3.213-1.194ZM10.253%202.475v3.968L6.777%207.726V3.743l3.476-1.268ZM8.2%204.458c-.304.064-.627.5-.708.79-.27.963.636%201.081%201.091.364.277-.437.354-1.308-.383-1.154ZM13.524%2013.51v3.983l-3.17%201.177c-.011%200-.043-.067-.043-.07v-3.895l3.213-1.195Zm-.884%201.63c-.495.085-1.068%201.015-.676%201.435.483.517%201.502-.636%201.147-1.246-.098-.169-.286-.221-.47-.19ZM10.165%202.387l-.037.065-3.395%201.249-3.345-1.212L6.88%201.21l3.285%201.178ZM13.437%201.177l-.088.073-3.057%201.127-3.034-1.082-.277-.133L10.151%200l3.286%201.177Z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='a'%3e%3cpath%20fill='%23fff'%20d='M0%200h17v20H0z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
tessl/pypi-atheris
tessl install tessl/pypi-atheris@2.3.0A coverage-guided fuzzer for Python and Python extensions based on libFuzzer
Agent Success
Agent success rate when using this tile
91%
Improvement
Agent success rate improvement when using this tile compared to baseline
1.28x
Baseline
Agent success rate without this tile
71%
task.mdevals/scenario-7/
String Comparison Fuzzer
Build a fuzzing harness that tests a validation function capable of discovering magic string prefixes and suffixes through enhanced coverage guidance.
Problem Description
You need to create a fuzzing harness for a simple validation function that checks whether input strings start with specific prefixes or end with specific suffixes. The function should return True if the input satisfies the validation criteria, and False otherwise.
Your fuzzing harness must effectively discover the specific magic strings used in the validation through coverage-guided feedback. The harness should be capable of identifying both prefix and suffix patterns within a reasonable number of fuzzing iterations.
Requirements
Validation Function
Implement a function validate_input(data: str) -> bool that:
- Returns
Trueif the input starts with "AUTH:" and ends with ":VALID" - Returns
Falsefor all other inputs - Handles empty strings and edge cases appropriately
Fuzzing Harness
Implement a fuzzing harness that:
- Uses structured data generation to produce string inputs from raw fuzzing bytes
- Enables enhanced string comparison tracking to help the fuzzer discover magic strings
- Runs the validation function with generated inputs
- Properly initializes and starts the fuzzing engine
Test Cases
The following test cases verify your implementation works correctly:
- The validation function returns True for the string "AUTH:secret:VALID" @test
- The validation function returns False for the string "NOAUTH:secret:VALID" @test
- The validation function returns False for the string "AUTH:secret:INVALID" @test
- When fuzzing runs with the string hook enabled, the fuzzer discovers inputs that make
validate_inputreturn True within 10000 iterations @test
Implementation
@generates
API
def validate_input(data: str) -> bool:
"""
Validates whether the input string has the correct prefix and suffix.
Args:
data: Input string to validate
Returns:
True if the string starts with "AUTH:" and ends with ":VALID", False otherwise
"""
pass
def TestOneInput(data: bytes) -> None:
"""
Fuzzing entry point that tests the validation function.
Args:
data: Raw bytes from the fuzzer
"""
passDependencies { .dependencies }
atheris { .dependency }
Provides coverage-guided fuzzing capabilities with string comparison tracking.
@satisfied-by