FairFuzz: Targeting Rare Branches to Rapidly Increase Greybox Fuzz Testing Coverage

In recent years, fuzz testing has proven itself to be one of the most effective techniques for finding correctness bugs and security vulnerabilities in practice. One particular fuzz testing tool, American Fuzzy Lop or AFL, has become popular thanks to its ease-of-use and bug-finding power. However, AFL remains limited in the depth of program coverage it achieves, in particular because it does not consider which parts of program inputs should not be mutated in order to maintain deep program coverage. We propose an approach, FairFuzz, that helps alleviate this limitation in two key steps. First, FairFuzz automatically prioritizes inputs exercising rare parts of the program under test. Second, it automatically adjusts the mutation of inputs so that the mutated inputs are more likely to exercise these same rare parts of the program. We conduct evaluation on real-world programs against state-of-the-art versions of AFL, thoroughly repeating experiments to get good measures of variability. We find that on certain benchmarks FairFuzz shows significant coverage increases after 24 hours compared to state-of-the-art versions of AFL, while on others it achieves high program coverage at a significantly faster rate

Cywilnoprawny status urządzeń przesyłowych (art. 49 Kodeksu cywilnego)

The article provides an analysis of the civil law status of transmission equipment (devices) referred to in Article 49 of the Civil Code (transmission devices). Conducting business activity by a transmission entrepreneur in the field of utility services and waste disposal requires the use of transmission devices. These devices are located on real estate which are not owned by the entrepreneur and in a typical situation they remain permanently connected to such real estate. According to Article 49 of the Polish Civil Code, such devices do not constitute component parts of real estate if they are part of an enterprise. The assessment of the entry of transmission equipment into the composition of the enterprise and their ownership status, especially after entering the composition of the enterprise raises interpretation doubts. Determining who is the owner of transmission equipment is important because the owner of the equipment may be granted (Article 3051 of the Civil Code) a transmission easement, which is a right related to the ownership of these devices. In this article, an attempt was made to resolve the aforementioned interpretation doubts.Artykuł obejmuje analizę statusu cywilnoprawnego urządzeń, o których mowa w art. 49 Kodeksu cywilnego (urządzeń przesyłowych). Prowadzenie przez przedsiębiorcę przesyłowego działalności w zakresie doprowadzania mediów i odprowadzania nieczystości wymaga korzystania z urządzeń przesyłowych. Są one zlokalizowane na nieruchomościach, które nie stanowią własności przedsiębiorcy i w typowej sytuacji pozostają trwale połączone z tymi nieruchomościami. Z uwagi na art. 49 Kodeksu cywilnego urządzenia takie nie stanowią części składowych nieruchomości, jeżeli wchodzą w skład przedsiębiorstwa. Wątpliwości interpretacyjne wzbudza ocena wejścia urządzeń przesyłowych w skład przedsiębiorstwa oraz ich statusu właścicielskiego, zwłaszcza po wejściu w skład przedsiębiorstwa. Ustalenie, kto jest właścicielem urządzeń przesyłowych, jest istotne z tego powodu, że na rzecz właściciela urządzeń może zostać ustanowiona służebność przesyłu (art. 3051 Kodeksu cywilnego), która jest prawem związanym z własnością tych urządzeń. W niniejszym artykule podjęto próbę rozstrzygnięcia wskazanych wyżej wątpliwości interpretacyjnych

The Crucified People and The Lynching Tree: Cross and Salvation as Historical Realities in the Theology of John Sobrino and James H. Cone

Thesis advisor: O. Ernesto ValienteThesis advisor: Benjamin ValentinThe thesis focuses on two historical forms of oppression: economic and racial, as well as two attempts to theologize these phenomena: one by Jon Sobrino, an author writing from the perspective of El Salvador and Latin America, and the other by James H. Cone, the founder of black liberation theology. Both theologians construct a link between the contemporary oppressed and the theological categories of cross and salvation. In Cone's and Sobrino's view, the perspective of historical victims allows for a better understanding of the biblical account of Jesus' death and resurrection. At the same time, the reality of oppression itself can only be fully understood in the light of Jesus' story, which creates a specific hermeneutical loop. At the center of this thesis lies the category of the crucified people, essential to Sobrino's theology, and the analogy between the cross and the lynching tree introduced by Cone. The proposed analysis juxtaposes some key elements of the two authors' writings and the historical contexts of their reflections. It shows where their interpretations meet, in what elements they differ, and how they can aid each other in constructing the perspective of historical soteriology.Thesis (STL) — Boston College, 2023.Submitted to: Boston College. School of Theology and Ministry.Discipline: Sacred Theology

Posiadanie służebności przesyłu

A utility easement was introduced into the Civil Code by virtue of the act of 30 April 2008amending the Civil Code and some other laws (Journal of Laws 2008, No. 116, item 731). It is recognisedas a type of easement that is separate from an easement appurtenant or easement in gross,the aim of which is to increase the utility of a utility service. A utility easement falls under the categoryof affirmative easements (involving the use of encumbered real estate). Thus, the provisions ofArticle 352 of the Civil Code, which regulate the holding of an easement, will apply here. Due to theregulations on an easement appurtenant (Article 3054 of the Civil Code) applying to a utility easement,part of observations made in the present article may also apply to an easement appurtenant.The article discusses the question of the capacity to hold a utility easement. It is assumed thata holder of a utility easement right may be an entrepreneur whose main activity involves the supplyor removal of fluids, or electric energy gases (the so-called utility entrepreneur). What a utilityeasement is considered to involve is the installment and exploitation of utility appliances situated onanother person’s real estate.In conclusion, a thesis is made that due to the specific features of possession of a utility easement,it may be recognised as a form separate from autonomous possession or dependent possessionmentioned in Article 336 of the Civil Code (in a similar manner part of the doctrine qualifies thetenure of perpetual usufruct).Artykuł nie zawiera abstraktu w języku polski

Grunty leśne jako składnik gospodarstwa rolnego

Recent statistical data has revealed that the share of private forests in the total area of forest in Poland is growing. Consequently, the tendency entails the need to undertake research on the substance and legal status of forestland as a farmstead component. Its results indicate that in the current legal status, a farmstead may include not only forestland constituting separate property with rights held by its owner, but also forestland with rights held by other entities. The condition to recognise forestland as an element of a farmstead is the existence of organisational and functional ties. The ties exist if the forest management within a farmstead aims at satisfying the needs of the farmstead, in particular, protecting or enhancing the usefulness of farmland. The contents of the law on the ownership right to forestland which composes a farmstead do not diff er from the contents of the ownership right to forestland which does not compose such a productive unit. Above all, it should be emphasised that the owner’s rights to undertake activities which result in deriving gains from forestland exceeding the objective scope of profi ts of a thing are excluded

Emergency healthcare providers perception of workplace dangers in the polish Emergency Medical Service: a multi-centre survey study

INTRODUCTION: There are many risk factors that account for hazards in paramedics’ and ambulance nurses’ profession. Driving a vehicle, having contact with patients, making difficult medical decisions, doing night shifts and working in a stressful environment, all of those features negatively affect their health. The aim of the study was to evaluate paramedics’ and ambulance nurses attitude towards personal safety, to assess their subjective feeling of danger, as well as identify types of hazards they experience. MATERIAL AND METHODS: The study was carried out via a diagnostic survey method, an anonymous questionnaire. Among 572 responders there were nurses and paramedics, who work in non-physician medical rescue teams in Poland. RESULTS: Most of the surveyed medics (40.5%) have rated the level of danger of their occupation to 4 on a scale from 1 to 5, with the greatest hazard being posed by patients under the influence of designer drugs. As many as 43% of medics have had back-related problems and 41% have suffered injuries at work. Notwithstanding, a majority of respondents have admitted that if they could plan their career again, they would choose the same profession. CONCLUSIONS: Prehospital healthcare providers have generally rated their work as dangerous. More attention should be paid to teach first responders how to deal with aggression and how to handle stress. Efforts should be made to increase paramedics’ and nurses’ awareness about health problems related to shift work

Cardiovascular and autonomic consequences of sleep fragmentation

Introduction: Sleep disruption is commonly found in normal individuals and those with sleep disorders. Risk factors for sleep fragmentation involve a combination of lifestyle, environmental, psychosocial factors and/or medical conditions. The main objective of this study was to analyse the impact of acute, induced sleep fragmentation upon autonomic cardiovascular regulation, measured by a non-invasive haemodynamic measurement technique. Material and methods: The authors analysed beat-to-beat measurements of haemodynamic and autonomic parameters at 5-time points during sleep fragmentation: 9:00 a.m. (baseline), 9:00 p.m., 00:30 a.m., 4:00 a.m., and 7:30 a.m. Differences in the mean values for chronotropic parameters, cardiac contractility, parameters related to blood pressure regulation and workload of the left ventricle, and autonomic parameters were examined in seventeen healthy male volunteers. Direct results obtained from every time point were analysed using analysis of variance with repeated measures or the Friedman rank sum test. Results: Sleep fragmentation had a significant negative impact on haemodynamic parameters related to cardiac contractility (SV p < 0.001, IC p < 0.001, HI p < 0.001); parameters related to workload of the left ventricle (CO p < 0.001, LVWI p < 0.001, ACI p < 0.001); parameters related to blood pressure regulation (sBP p = 0.001, TPR p < 0.001); on chronotropic parameters (HR p < 0.001, PEP p < 0.001, LVET p < 0.001) and an indicator of cardiac autonomic regulation: LF-RRI (p = 0.001). Conclusions: Acute sleep fragmentation can modify haemodynamic control and autonomic cardiovascular regulation in healthy men; the most important changes were seen in the morning hours (4:00 a.m.). Therefore, conditions of chronic sleep fragmentation (e.g. shift work, uniformed services, clinicians), might lead to disturbance in the autonomic nervous system and therefore to problems with homeostasis in the cardiovascular system. Future research is needed in standardized conditions with large-scale studies to clarify the effects of chronic sleep fragmentation

Semantic Fuzzing with Zest

Programs expecting structured inputs often consist of both a syntactic analysis stage, which parses raw input, and a semantic analysis stage, which conducts checks on the parsed input and executes the core logic of the program. Generator-based testing tools in the lineage of QuickCheck are a promising way to generate random syntactically valid test inputs for these programs. We present Zest, a technique which automatically guides QuickCheck-like randominput generators to better explore the semantic analysis stage of test programs. Zest converts random-input generators into deterministic parametric generators. We present the key insight that mutations in the untyped parameter domain map to structural mutations in the input domain. Zest leverages program feedback in the form of code coverage and input validity to perform feedback-directed parameter search. We evaluate Zest against AFL and QuickCheck on five Java programs: Maven, Ant, BCEL, Closure, and Rhino. Zest covers 1.03x-2.81x as many branches within the benchmarks semantic analysis stages as baseline techniques. Further, we find 10 new bugs in the semantic analysis stages of these benchmarks. Zest is the most effective technique in finding these bugs reliably and quickly, requiring at most 10 minutes on average to find each bug.Comment: To appear in Proceedings of 28th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA'19