tessl/pypi-atheris

A coverage-guided fuzzer for Python and Python extensions based on libFuzzer

1.28x

Overview

Eval results

Files

{
  "context": "This criteria evaluates how well the engineer uses Atheris's string method hooking capability to enable effective fuzzing of string comparison operations. The focus is on proper usage of the enabled_hooks interface and FuzzedDataProvider to discover magic string prefixes and suffixes.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "String hook enabled",
      "description": "Uses atheris.enabled_hooks.add() to enable the \"String\" hook for tracking string comparison operations like startswith() and endswith()",
      "max_score": 25
    },
    {
      "name": "FuzzedDataProvider usage",
      "description": "Uses atheris.FuzzedDataProvider to convert raw fuzzing bytes into structured string data for testing",
      "max_score": 15
    },
    {
      "name": "Setup() called correctly",
      "description": "Calls atheris.Setup() with sys.argv and the TestOneInput callback to initialize the fuzzer",
      "max_score": 15
    },
    {
      "name": "Fuzz() called",
      "description": "Calls atheris.Fuzz() to start the fuzzing loop after setup is complete",
      "max_score": 10
    },
    {
      "name": "String comparison operations",
      "description": "The validate_input function uses str.startswith() and str.endswith() methods which are instrumented by the String hook",
      "max_score": 20
    },
    {
      "name": "Proper data flow",
      "description": "TestOneInput properly creates FuzzedDataProvider from input bytes, generates strings, and passes them to validate_input",
      "max_score": 15
    }
  ]
}

Install with Tessl CLI

npx tessl i tessl/pypi-atheris

tessl/pypi-atheris

rubric.json.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}evals/scenario-7/

rubric.jsonevals/scenario-7/