GLADE is a tool for automatically synthesizing program input grammars, i.e., a context-free grammar encoding the language of valid inputs for a target program. GLADE requires two inputs: (i) an query oracle that responds whether a given input is valid for the target program, and (ii) a set of examples of valid inputs, known as seed inputs. From these inputs, GLADE produces a grammar that can be sampled to produce new program inputs.
For a detailed introduction to GLADE, see:
First of all, clone this repository:
git clone 'https://github.com/kuhy/glade'Then you can build and execute GLADE using provided Gradle wrapper:
./gradlew run --args='some arguments'Or if you have GraalVM Native Image installed, you can build a standalone executable using:
./gradlew nativeImageYou will find generated executable in build/native-image/glade.
GLADE is split into three subcommands — learn, fuzz and print.
To learn an input grammar, you need two things — oracle (command that
returns non-zero code on invalid input) and seed inputs (examples of valid
inputs). GLADE expects seed inputs in a folder called inputs. To learn an
input grammar, you need to run the following command:
glade learn <command>If <command> contains {}, then inputs will be passed to oracle as
arguments (each {} in <command> will be substituted with input).
Each {/} in command will be substituted with path to file containing input.
Whenever {} or {/} is not in command, inputs are send to the oracle on standard input.
For instance, if you want to learn a grammar of sed’s valid inputs,
then create a folder called inputs with some valid seed inputs.
echo -n 's/abcd/bc/p' > inputs/seed1
echo -n 's/a[bc]d/bc/p' > inputs/seed2sed also needs some file to operate on. So create an empty file:
touch empty_fileThen learn the grammar using the following command:
glade learn 'sed {} empty_file'Grammar will be saved in the current working directory.
GLADE can also use bytes as an input alphabet. You will need to pass
--alphabet=BYTE as a GLADE’s argument.
You can use learned grammar for fuzzing:
glade fuzz -i <path_to_grammar> <command>Additional arguments can be used to specify things like recursion probability.
Learned grammar is saved in a machine-readable format. In order to print grammar in human-readable form, you can run the following command:
glade print <path_to_grammar>Grammar is printed as a regular expression. Recursive properties of grammar are omitted.
This is an unofficial fork of GLADE. The main purpose of this fork is to provide a more user friendly user-interface for GLADE. Pull requests are welcome.
For questions about the original project, feel free to contact [email protected].