Doc update

README.md

@@ -60,6 +60,6 @@ This work is designed as a _textbook_ for a course in software testing or securi
 
 ## News
 
-This book is _work in progress._  All chapters planned are out now, but we keep on refining text and code with [minor and major releases.](https://www.fuzzingbook.org/html/ReleaseNotes.html)  To get notified on updates, <a href="https://mastodon.social/invite/3CvrkW9t">follow us on Mastodon</a>.
+This book is _work in progress._  All chapters planned are out now, but we keep on refining text and code with [minor and major releases.](https://www.fuzzingbook.org/html/ReleaseNotes.html)  To get notified on updates, <a href="https://mastodon.social/@TheFuzzingBook">follow us on Mastodon</a>.
 
 <!--

docs/404.html

@@ -12069,7 +12069,7 @@
 <div class="input_markdown">
 <div class="cell border-box-sizing text_cell rendered">
 <div class="inner_cell">
-<div class="text_cell_render border-box-sizing rendered_html"><h2 id="Getting-Informed-About-New-Content">Getting Informed About New Content<a class="anchor-link" href="#Getting-Informed-About-New-Content">&#182;</a></h2><p>New chapters are coming out every week.  To get notified when a new chapter (or this one) comes out, <a href="https://mastodon.social/invite/3CvrkW9t">follow us on Mastodon</a>.</p>
+<div class="text_cell_render border-box-sizing rendered_html"><h2 id="Getting-Informed-About-New-Content">Getting Informed About New Content<a class="anchor-link" href="#Getting-Informed-About-New-Content">&#182;</a></h2><p>New chapters are coming out every week.  To get notified when a new chapter (or this one) comes out, <a href="https://mastodon.social/@TheFuzzingBook">follow us on Mastodon</a>.</p>
 <!--
 <iframe allowfullscreen sandbox="allow-top-navigation allow-scripts allow-popups allow-popups-to-escape-sandbox" width="400" height="400" frameBorder="0" src="https://mastofeed.com/apiv2/feed?userurl=https%3A%2F%2Fmastodon.social%2Fusers%2FTheFuzzingBook&theme=auto&size=80&header=false&replies=false&boosts=false"></iframe>
 --></div>
@@ -12153,7 +12153,7 @@
 
 <div class="output_subarea output_stream output_stderr output_text">
 <pre>Traceback (most recent call last):
-  File &#34;/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_79022/1830731544.py&#34;, line 4, in &lt;cell line: 3&gt;
+  File &#34;/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_14619/1830731544.py&#34;, line 4, in &lt;cell line: 3&gt;
     raise NotFoundError
 NotFoundError: &#39;404&#39; (expected)
 </pre>
@@ -12167,7 +12167,7 @@
 The content of this project is licensed under the
 <a href="https://creativecommons.org/licenses/by-nc-sa/4.0/" target=_blank>Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License</a>.
 The source code that is part of the content, as well as the source code used to format and display that content is licensed under the <a href="https://github.com/uds-se/fuzzingbook/blob/master/LICENSE.md#mit-license">MIT License</a>.
-<a href="https://github.com/uds-se/fuzzingbook/commits/master/notebooks/404.ipynb" target=_blank)>Last change: 2023-11-11 18:18:05+01:00</a> &bull; 
+<a href="https://github.com/uds-se/fuzzingbook/commits/master/notebooks/404.ipynb" target=_blank)>Last change: 2024-01-18 17:29:21+01:00</a> &bull; 
 <a href="#citation" id="cite" onclick="revealCitation()">Cite</a> &bull;
 <a href="https://cispa.de/en/impressum" target=_blank>Imprint</a>
 </p>
@@ -12183,18 +12183,18 @@
 <a name="citation"></a>
 <h2>How to Cite this Work</h2>
 <p>
-Andreas Zeller, Rahul Gopinath, Marcel Böhme, Gordon Fraser, and Christian Holler: "<a href="https://www.fuzzingbook.org/">The Fuzzing Book</a>".  Retrieved 2023-11-11 18:18:05+01:00.
+Andreas Zeller, Rahul Gopinath, Marcel Böhme, Gordon Fraser, and Christian Holler: "<a href="https://www.fuzzingbook.org/">The Fuzzing Book</a>".  Retrieved 2024-01-18 17:29:21+01:00.
 </p>
 <pre>
-@book{fuzzingbook2023,
+@book{fuzzingbook2024,
     author = {Andreas Zeller and Rahul Gopinath and Marcel B{\"o}hme and Gordon Fraser and Christian Holler},
     title = {The Fuzzing Book},
-    year = {2023},
+    year = {2024},
     publisher = {CISPA Helmholtz Center for Information Security},
     howpublished = {\url{https://www.fuzzingbook.org/}},
-    note = {Retrieved 2023-11-11 18:18:05+01:00},
+    note = {Retrieved 2024-01-18 17:29:21+01:00},
     url = {https://www.fuzzingbook.org/},
-    urldate = {2023-11-11 18:18:05+01:00}
+    urldate = {2024-01-18 17:29:21+01:00}
 }
 </pre>
 </div>

docs/code/01_Intro.py

@@ -3,7 +3,7 @@
 
 # "Part I: Whetting Your Appetite" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/01_Intro.html
-# Last change: 2024-01-17 17:49:08+01:00
+# Last change: 2024-01-18 17:27:49+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/02_Lexical_Fuzzing.py

@@ -3,7 +3,7 @@
 
 # "Part II: Lexical Fuzzing" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/02_Lexical_Fuzzing.html
-# Last change: 2024-01-17 17:49:31+01:00
+# Last change: 2024-01-18 17:28:06+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/03_Syntactical_Fuzzing.py

@@ -3,7 +3,7 @@
 
 # "Part III: Syntactic Fuzzing" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/03_Syntactical_Fuzzing.html
-# Last change: 2024-01-17 17:52:00+01:00
+# Last change: 2024-01-18 17:30:13+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/04_Semantical_Fuzzing.py

@@ -3,7 +3,7 @@
 
 # "Part IV: Semantic Fuzzing" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/04_Semantical_Fuzzing.html
-# Last change: 2024-01-17 17:54:58+01:00
+# Last change: 2024-01-18 17:33:17+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/05_Domain-Specific_Fuzzing.py

@@ -3,7 +3,7 @@
 
 # "Part V: Domain-Specific Fuzzing" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/05_Domain-Specific_Fuzzing.html
-# Last change: 2024-01-17 17:56:46+01:00
+# Last change: 2024-01-18 17:35:24+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/06_Managing_Fuzzing.py

@@ -3,7 +3,7 @@
 
 # "Part VI: Managing Fuzzing" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/06_Managing_Fuzzing.html
-# Last change: 2024-01-17 21:30:18+01:00
+# Last change: 2024-01-18 17:40:32+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/99_Appendices.py

@@ -3,7 +3,7 @@
 
 # "Appendices" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/99_Appendices.html
-# Last change: 2024-01-17 21:31:52+01:00
+# Last change: 2024-01-18 17:43:09+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/APIFuzzer.py

@@ -3,7 +3,7 @@
 
 # "Fuzzing APIs" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/APIFuzzer.html
-# Last change: 2024-01-17 17:57:01+01:00
+# Last change: 2024-01-18 17:35:43+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/AcademicPrototyping.py

@@ -3,7 +3,7 @@
 
 # "Academic Prototyping" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/AcademicPrototyping.html
-# Last change: 2024-01-17 21:31:58+01:00
+# Last change: 2024-01-18 17:43:14+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/Carver.py

@@ -3,7 +3,7 @@
 
 # "Carving Unit Tests" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/Carver.html
-# Last change: 2024-01-17 17:57:08+01:00
+# Last change: 2024-01-18 17:35:51+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/ClassDiagram.py

@@ -3,7 +3,7 @@
 
 # "Class Diagrams" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/ClassDiagram.html
-# Last change: 2024-01-17 21:32:43+01:00
+# Last change: 2024-01-18 17:43:59+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/ConcolicFuzzer.py

@@ -3,7 +3,7 @@
 
 # "Concolic Fuzzing" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/ConcolicFuzzer.html
-# Last change: 2024-01-17 17:56:24+01:00
+# Last change: 2024-01-18 17:34:53+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors
@@ -89,36 +89,31 @@
 >>>             _[cgi_decode](v)
 >>>     scf.add_trace(_, v)
 ' '
-''
-'%'
-'A'
 '%'
 'AB'
-'+'
-'A%'
-'%'
+''
+'ABC'
+'A'
+'AB+'
 'AB'
-'A%'
+'ABCD'
+'ABC+'
 
-IndexError: string index out of range (expected)
-IndexError: string index out of range (expected)
-IndexError: string index out of range (expected)
-IndexError: string index out of range (expected)
 IndexError: string index out of range (expected)
 
-'A+'
-'+'
-'A+B'
-'A+%'
-'%'
+'A'
+'ABC'
+'ABC%'
+'A%'
+'ABC+DE'
 'AB'
-'A+'
-'+A'
-'+%'
+'AB+'
+'A'
+'ABCD'
+'A'
 
 IndexError: string index out of range (expected)
 IndexError: string index out of range (expected)
-IndexError: string index out of range (expected)
 
 
 We see how the additional inputs generated explore additional paths.
@@ -143,15 +138,27 @@
 >>>                 print(e)
 >>>         cgf.update_grammar(_)
 >>>         print()
-select Z/W+_+b+L-e-. from AO where G!=M
-Table ('AO') was not found
+insert into W (Ru_2,.Wj186518W8) values ('@','}','h')
+Table ('W') was not found
+
+select S>R(j),A from C3 where U4==9249
+Table ('C3') was not found
+
+select I/I*U/n1(M),T/E*d(S) from months
+Invalid WHERE ('(I/I*U/n1(M),T/E*d(S))')
+
+select (v==X),t,h,E from vehicles where r8(w)B/P(g)
+
+select x/z+.(L)-h from vehicles where -9!=Y>G(A)
+
+delete from h4OB60J where K-w/MA) from months where B(e,R)>D
 
-select u/.+C+P!=f-.*h+W-o+c from Uok37
-Table ('Uok37') was not found
 
-delete from gi6 where Je*N,(r),F from vehicles where ((((t))))==o!=g
+TypeError: 'NotImplementedType' object is not callable (expected)
+TypeError: 'NotImplementedType' object is not callable (expected)
+TypeError: 'NotImplementedType' object is not callable (expected)
+TypeError: 'NotImplementedType' object is not callable (expected)
 
-select (z/E
 For more details, source, and documentation, see
 "The Fuzzing Book - Concolic Fuzzing"
 at https://www.fuzzingbook.org/html/ConcolicFuzzer.html

docs/code/ConfigurationFuzzer.py

@@ -3,7 +3,7 @@
 
 # "Testing Configurations" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/ConfigurationFuzzer.html
-# Last change: 2024-01-17 17:56:57+01:00
+# Last change: 2024-01-18 17:35:37+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/ControlFlow.py

@@ -3,7 +3,7 @@
 
 # "Control Flow Graph" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/ControlFlow.html
-# Last change: 2024-01-17 21:32:56+01:00
+# Last change: 2024-01-18 17:44:11+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/Coverage.py

@@ -3,7 +3,7 @@
 
 # "Code Coverage" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/Coverage.html
-# Last change: 2024-01-17 17:50:31+01:00
+# Last change: 2024-01-18 17:28:38+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/DynamicInvariants.py

@@ -3,7 +3,7 @@
 
 # "Mining Function Specifications" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/DynamicInvariants.html
-# Last change: 2024-01-17 17:56:43+01:00
+# Last change: 2024-01-18 17:35:19+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/ExpectError.py

@@ -3,7 +3,7 @@
 
 # "Error Handling" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/ExpectError.html
-# Last change: 2024-01-17 21:32:26+01:00
+# Last change: 2024-01-18 17:43:42+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors
@@ -47,7 +47,7 @@
 >>> with ExpectError():
 >>>     x = 1 / 0
 Traceback (most recent call last):
-  File "/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_76654/2664980466.py", line 2, in 
+  File "/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_12455/2664980466.py", line 2, in 
     x = 1 / 0
 ZeroDivisionError: division by zero (expected)
 
@@ -63,9 +63,9 @@
 3 seconds have passed
 
 Traceback (most recent call last):
-  File "/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_76654/1223755941.py", line 2, in 
+  File "/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_12455/1223755941.py", line 2, in 
     long_running_test()
-  File "/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_76654/3930412460.py", line 4, in long_running_test
+  File "/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_12455/3930412460.py", line 4, in long_running_test
     time.sleep(1)
   File "/Users/zeller/Projects/fuzzingbook/notebooks/Timeout.ipynb", line 43, in timeout_handler
     raise TimeoutError()

docs/code/Fuzzer.py

@@ -3,7 +3,7 @@
 
 # "Fuzzing: Breaking Things with Random Inputs" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/Fuzzer.html
-# Last change: 2024-01-17 17:50:02+01:00
+# Last change: 2024-01-18 17:28:27+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/FuzzingInTheLarge.py

@@ -3,7 +3,7 @@
 
 # "Fuzzing in the Large" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/FuzzingInTheLarge.html
-# Last change: 2024-01-17 22:06:58+01:00
+# Last change: 2024-01-18 17:42:17+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors

docs/code/FuzzingWithConstraints.py

@@ -3,7 +3,7 @@
 
 # "Fuzzing with Constraints" - a chapter of "The Fuzzing Book"
 # Web site: https://www.fuzzingbook.org/html/FuzzingWithConstraints.html
-# Last change: 2024-01-17 17:55:42+01:00
+# Last change: 2024-01-18 17:34:03+01:00
 #
 # Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
 # Copyright (c) 2018-2020 Saarland University, authors, and contributors
@@ -75,24 +75,24 @@
 With that, invoking `solver.solve()` returns a _solution_ for the constraints.
 
 >>> str(solver.solve())
-'(903)805-6934'
+'(907)849-5823'
 
 `solve()` returns a derivation tree, which typically is converted into a string using `str()` as above. The `print()` function does this implicitly.
 
 Subsequent calls of `solve()` return more solutions:
 
 >>> for _ in range(10):
 >>>     print(solver.solve())
-(903)671-8520
-(903)308-8044
-(903)737-2584
-(903)500-2834
-(903)429-5794
-(903)292-0499
-(903)977-9111
-(903)209-4775
-(903)565-2710
-(901)223-7794
+(907)660-7510
+(907)308-8044
+(907)737-2584
+(907)500-2834
+(907)429-5794
+(907)292-0499
+(907)977-9111
+(907)209-4775
+(907)565-2710
+(903)223-7794
 
 
 We see that the solver produces a number of inputs that all satisfy the constraint - the area code is always more than 900.