Loading...
Share this Job
Location: 

Kortrijk, BE

Date:  Sep 23, 2021
Job ID:  3612

Internship: Automated fuzzing of the ClickShare software components

Barco designs technology that makes everyday life a little better. Seeing beyond the image, we develop sight, sound, and sharing solutions to help you work together, share insights, and wow audiences. Our focus is on three core markets: Enterprise (from meeting and control rooms to corporate spaces), Healthcare (from the radiology department to the operating room), and Entertainment (from movie theaters to live events and attractions). With a team of over 3,300 employees, located all around the globe, we realized sales of 770.01 million euro in 2020. 

Introduction: Fuzzing is a testing technique where a program gets invalid, unexpected, or random data as input. The program is subsequently monitored for exceptions such as crashes, failing assertions, or potential memory leaks/corruptions. Fuzzing programs can give quick feedback on their overall robustness and help find critical and rare bugs. It is currently one of the most popular vulnerability discovery techniques. Fuzzers come in different variations. On the one hand, fuzzers that provide completely random input to the program are known as “dumb” fuzzers, they have no built-in intelligence about the program they are fuzzing. On the other hand, smart fuzzers have knowledge about the different input types and formats the program is expecting. They can intelligently permutate their input values to discover new code paths in the program and maximize their coverage, thus increasing the chances of finding hidden bugs.

 

Goal: The goal of the internship would be to investigate and set up a minimal fuzzing infrastructure for the (internal) components of the ClickShare baseunit, desktop application, and/or button. Initially, the intern can study the different state-of-the-art fuzzing tools that are currently used to test software. A small research analysis can be made about their strengths and drawbacks and how the fuzzing targets should be set up. Next, the intern can build a proof-of-concept with a small ClickShare component. Finally, we can look at integrating the fuzzing testing system with the broader ClickShare test infrastructure (with the help of Jef/Simon).

 

Skills:

  • Some knowledge of C/C++
  • Some Python knowledge
  • Interest in application security: buffer-overflows, memory corruption, privilege escalation, etc…
  • Prior experience with fuzzers or security tools is definitely a big plus.