Login
Register
Submit a Paper
Propose a Special lssue
Open Access
ARTICLE
RBZZER: A Directed Fuzzing Technique for Efficient Detection of Memory Leaks via Risk Area Analysis
School of Cyber Science and Engineering, Sichuan University, Chengdu, 610065, China
* Corresponding Authors: Peng Jia. Email: ; Jiayong Liu. Email:
Computers, Materials & Continua 2025, 84(3), 4601-4625. https://doi.org/10.32604/cmc.2025.065162
Received 05 March 2025; Accepted 27 May 2025; Issue published 30 July 2025
View Full Text
Download PDFAbstract
Memory leak is a common software vulnerability that can decrease the reliability of an application and, in severe cases, even cause program crashes. If there are intentionally triggerable memory leak vulnerabilities in a program, attackers can exploit these bugs to launch denial-of-service attacks or induce the program to exhibit unexpected behaviors due to low memory conditions. Existing fuzzing techniques primarily focus on improving code coverage, and specialized fuzzing techniques for individual memory-related defects like uncontrolled memory allocation do not address memory leak vulnerabilities. MemLock is the first fuzzing technique to address memory consumption vulnerabilities including memory leakage. However, the coverage-centric guidance mechanism of MemLock introduces a degree of aimlessness in the testing process, that results in low seed quality and slow bug exposure speed. To address this issue, we propose a risk areas guidance-based fuzzing technique called RBZZER. First, RBZZER retains MemLock’s memory consumption-guided mechanism and introduces a novel distance-guided approach to expedite the arrival of fuzzing at the potential memory areas. Second, we introduce a new seed scheduling strategy called risk areas-based seed scheduling, which classifies seeds based on potential memory leak areas in the program and further schedules them, thereby effectively improving the efficiency of discovering memory leak vulnerabilities. Experiments demonstrate that RBZZER outperforms the state-of-the-art fuzzing techniques by finding 52% more program unique crashes than the second-best counterpart. In particular, RBZZER can discover the amount of memory leakage at least 112% more than the other baseline fuzzers. Besides, RBZZER detects memory leaks at an average speed that is 9.10x faster than MemLock.Keywords
System security; software testing; directed fuzzing; memory leak vulnerability
Cite This Article
APA Style
Peng, X., Jia, P., Fan, X., Liu, J. (2025). RBZZER: A Directed Fuzzing Technique for Efficient Detection of Memory Leaks via Risk Area Analysis. Computers, Materials & Continua, 84(3), 4601–4625. https://doi.org/10.32604/cmc.2025.065162
Vancouver Style
Peng X, Jia P, Fan X, Liu J. RBZZER: A Directed Fuzzing Technique for Efficient Detection of Memory Leaks via Risk Area Analysis. Comput Mater Contin. 2025;84(3):4601–4625. https://doi.org/10.32604/cmc.2025.065162
IEEE Style
X. Peng, P. Jia, X. Fan, and J. Liu, “RBZZER: A Directed Fuzzing Technique for Efficient Detection of Memory Leaks via Risk Area Analysis,” Comput. Mater. Contin., vol. 84, no. 3, pp. 4601–4625, 2025. https://doi.org/10.32604/cmc.2025.065162
Copyright © 2025 The Author(s). Published by Tech Science Press.This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Downloads
Citation Tools
