#cargo #fuzz-testing #fuzz

app cargo-fuzz

A cargo subcommand for fuzzing with libFuzzer! Easy to use!

34 releases

0.11.2 Feb 13, 2023
0.11.1 Oct 25, 2022
0.11.0 Sep 27, 2021
0.10.2 May 13, 2021
0.4.0 Mar 30, 2017

#36 in Testing

Download history 4316/week @ 2023-08-16 4262/week @ 2023-08-23 3838/week @ 2023-08-30 3824/week @ 2023-09-06 4210/week @ 2023-09-13 3809/week @ 2023-09-20 4275/week @ 2023-09-27 3779/week @ 2023-10-04 4115/week @ 2023-10-11 4238/week @ 2023-10-18 4351/week @ 2023-10-25 5037/week @ 2023-11-01 4903/week @ 2023-11-08 5366/week @ 2023-11-15 4871/week @ 2023-11-22 4910/week @ 2023-11-29

20,863 downloads per month
Used in text_manipulation_rs

MIT/Apache

62KB
1.5K SLoC

cargo fuzz

A cargo subcommand for fuzzing with libFuzzer! Easy to use!

Installation

$ cargo install cargo-fuzz

Note: libFuzzer needs LLVM sanitizer support, so this only works on x86-64 Linux, x86-64 macOS and Apple-Silicon (aarch64) macOS for now. This also needs a nightly compiler since it uses some unstable command-line flags. You'll also need a C++ compiler with C++11 support.

If you have an old version of cargo fuzz, you can upgrade with this command:

$ cargo install -f cargo-fuzz

Usage

cargo fuzz init

Initialize a cargo fuzz project for your crate!

cargo fuzz add <target>

Create a new fuzzing target!

cargo fuzz run <target>

Run a fuzzing target and find bugs!

cargo fuzz fmt <target> <input>

Print the std::fmt::Debug output for a test case. Useful when your fuzz target takes an Arbitrary input!

cargo fuzz tmin <target> <input>

Found a failing input? Minify it to the smallest input that causes that failure for easier debugging!

cargo fuzz cmin <target>

Minify your corpus of input files!

cargo fuzz coverage <target>

Generate coverage information on the fuzzed program!

Documentation

Documentation can be found in the Rust Fuzz Book.

You can also always find the full command-line options that are available with --help:

$ cargo fuzz --help

Trophy case

The trophy case has a list of bugs found by cargo fuzz (and others). Did cargo fuzz and libFuzzer find a bug for you? Add it to the trophy case!

License

cargo-fuzz is distributed under the terms of both the MIT license and the Apache License (Version 2.0).

See LICENSE-APACHE and LICENSE-MIT for details.

Dependencies

~2–11MB
~123K SLoC