#fuzz #cargo #cargo-subcommand #fuzzing #subcommand #helpers

app cargo-fuzz

A cargo subcommand for fuzzing with libFuzzer! Easy to use!

32 releases

0.11.0 Sep 27, 2021
0.10.2 May 13, 2021
0.10.1 Apr 19, 2021
0.10.0 Mar 10, 2021
0.4.0 Mar 30, 2017

#32 in Testing

Download history 1291/week @ 2021-06-30 1453/week @ 2021-07-07 1873/week @ 2021-07-14 1743/week @ 2021-07-21 2112/week @ 2021-07-28 2155/week @ 2021-08-04 1671/week @ 2021-08-11 2290/week @ 2021-08-18 2560/week @ 2021-08-25 2188/week @ 2021-09-01 2207/week @ 2021-09-08 2103/week @ 2021-09-15 1727/week @ 2021-09-22 1481/week @ 2021-09-29 1491/week @ 2021-10-06 1605/week @ 2021-10-13

8,321 downloads per month
Used in lol_html

MIT/Apache

58KB
1.5K SLoC

cargo fuzz

A cargo subcommand for fuzzing with libFuzzer! Easy to use!

Installation

$ cargo install cargo-fuzz

Note: libFuzzer needs LLVM sanitizer support, so this only works on x86-64 Linux and x86-64 macOS for now. This also needs a nightly Rust toolchain since it uses some unstable command-line flags. Finally, you'll also need a C++ compiler with C++11 support.

If you have an old version of cargo fuzz, you can upgrade with this command:

$ cargo install -f cargo-fuzz

Usage

cargo fuzz init

Initialize a cargo fuzz project for your crate!

cargo fuzz add <target>

Create a new fuzzing target!

cargo fuzz run <target>

Run a fuzzing target and find bugs!

cargo fuzz fmt <target> <input>

Print the std::fmt::Debug output for a test case. Useful when your fuzz target takes an Arbitrary input!

cargo fuzz tmin <target> <input>

Found a failing input? Minify it to the smallest input that causes that failure for easier debugging!

cargo fuzz cmin <target>

Minify your corpus of input files!

cargo fuzz coverage <target>

Generate coverage information on the fuzzed program!

Documentation

Documentation can be found in the Rust Fuzz Book.

You can also always find the full command-line options that are available with --help:

$ cargo fuzz --help

Trophy case

The trophy case has a list of bugs found by cargo fuzz (and others). Did cargo fuzz and libFuzzer find a bug for you? Add it to the trophy case!

License

cargo-fuzz is distributed under the terms of both the MIT license and the Apache License (Version 2.0).

See LICENSE-APACHE and LICENSE-MIT for details.

Dependencies

~4–5.5MB
~120K SLoC