#testing #quickcheck #property #fuzz #fuzzing

app cargo-bolero

cargo command for running bolero fuzz tests

10 releases (4 breaking)

✓ Uses Rust 2018 edition

new 0.5.2 May 31, 2020
0.5.1 May 29, 2020
0.4.2 Jan 22, 2020
0.3.0 Dec 5, 2019
0.1.0 Sep 9, 2019

#151 in Testing

Download history 7/week @ 2020-02-09 31/week @ 2020-02-16 52/week @ 2020-02-23 1/week @ 2020-03-01 14/week @ 2020-03-08 8/week @ 2020-03-15 28/week @ 2020-03-22 5/week @ 2020-03-29 22/week @ 2020-04-05 30/week @ 2020-04-12 3/week @ 2020-04-19 1/week @ 2020-04-26 3/week @ 2020-05-03 2/week @ 2020-05-10 9/week @ 2020-05-17 25/week @ 2020-05-24

51 downloads per month

MIT license

270KB
6K SLoC

C 3.5K SLoC // 0.1% comments BrightScript 1.5K SLoC // 0.2% comments Rust 1K SLoC // 0.1% comments Shell 73 SLoC // 0.2% comments Ruby HTML 30 SLoC // 0.1% comments Scons 6 SLoC

cargo-bolero

cargo-bolero can be installed globally with cargo:

$ cargo install -f cargo-bolero

Linux Installation

cargo-bolero needs a couple of libraries installed to compile. If these libraries aren't available the requirement can be relaxed by executing cargo install cargo-bolero --no-default-features -f

Debian/Ubuntu

$ sudo apt install binutils-dev libunwind-dev

fuzz

Run a fuzzing engine for a target

USAGE:
    cargo-bolero fuzz [FLAGS] [OPTIONS] <test>

FLAGS:
        --all-features           Activate all available features
    -h, --help                   Prints help information
        --no-default-features    Do not activate the `default` feature
        --release                Build artifacts in release mode, with optimizations
    -V, --version                Prints version information

OPTIONS:
        --features <features>                    Space-separated list of features to activate
    -f, --fuzzer <fuzzer>                        Run the test with a specific fuzzer [default: libfuzzer]
    -j, --jobs <jobs>                            Number of parallel jobs
        --manifest-path <manifest-path>          Path to Cargo.toml
    -l, --max-input-length <max-input-length>    Limit the size of inputs to a specific length
    -p, --package <package>                      Package to run tests for
    -r, --runs <runs>                            Run the fuzzer for a specified number of runs
    -s, --sanitizer <sanitizer>...               Build with the sanitizer enabled
    -S, --seed <seed>                            Run the fuzzer with an initial seed
        --target <target>                        Build for the target triple
        --target_dir <target-dir>                Directory for all generated artifacts
    -T, --time <time>                            Run the fuzzer for a specified number of seconds
        --toolchain <toolchain>                  Use a rustup toolchain to execute cargo build

ARGS:
    <test>    Name of the test target

reduce

Reduce the corpus of a test target with a fuzzing engine

USAGE:
    cargo-bolero reduce [FLAGS] [OPTIONS] <test>

FLAGS:
        --all-features           Activate all available features
    -h, --help                   Prints help information
        --no-default-features    Do not activate the `default` feature
        --release                Build artifacts in release mode, with optimizations
    -V, --version                Prints version information

OPTIONS:
        --features <features>              Space-separated list of features to activate
    -f, --fuzzer <fuzzer>                  Run the test with a specific fuzzer [default: libfuzzer]
        --manifest-path <manifest-path>    Path to Cargo.toml
    -p, --package <package>                Package to run tests for
    -s, --sanitizer <sanitizer>...         Build with the sanitizer enabled
        --target <target>                  Build for the target triple
        --target_dir <target-dir>          Directory for all generated artifacts
        --toolchain <toolchain>            Use a rustup toolchain to execute cargo build

ARGS:
    <test>    Name of the test target

Dependencies

~2.6–3.5MB
~62K SLoC