#fuzz #cargo #cargo-subcommand #fuzzing #llvm #subcommand #helpers

app cargo-fuzz

A cargo subcommand for using libFuzzer! Easy to use! No need to recompile LLVM!

25 unstable releases (7 breaking)

✓ Uses Rust 2018 edition

0.8.0 Jun 25, 2020
0.7.4 Mar 31, 2020
0.6.0 Dec 20, 2019
0.5.5 Nov 21, 2019
0.4.0 Mar 30, 2017

#15 in Testing

Download history 572/week @ 2020-03-16 599/week @ 2020-03-23 486/week @ 2020-03-30 494/week @ 2020-04-06 551/week @ 2020-04-13 648/week @ 2020-04-20 604/week @ 2020-04-27 657/week @ 2020-05-04 631/week @ 2020-05-11 536/week @ 2020-05-18 497/week @ 2020-05-25 699/week @ 2020-06-01 637/week @ 2020-06-08 603/week @ 2020-06-15 776/week @ 2020-06-22 695/week @ 2020-06-29

2,466 downloads per month
Used in lol_html

MIT/Apache

43KB
985 lines

cargo fuzz

A cargo subcommand for using libFuzzer! Easy to use! No need to recompile LLVM!

GitHub Actions Status

Installation

$ cargo install cargo-fuzz

Note: libFuzzer needs LLVM sanitizer support, so this only works on x86-64 Linux and x86-64 macOS for now. This also needs a nightly Rust toolchain since it uses some unstable command-line flags. Finally, you'll also need a C++ compiler with C++11 support.

If you have an old version of cargo fuzz, you can upgrade with this command:

$ cargo install -f cargo-fuzz

Usage

cargo fuzz init

Initialize a cargo fuzz project for your crate!

cargo fuzz add <target>

Create a new fuzzing target!

cargo fuzz run <target>

Run a fuzzing target and find bugs!

cargo fuzz fmt <target> <input>

Print the std::fmt::Debug output for a test case. Useful when your fuzz target takes an Arbitrary input!

cargo fuzz tmin <target> <input>

Found a failing input? Minify it to the smallest input that causes that failure for easier debugging!

cargo fuzz cmin <target>

Minify your corpus of input files!

Documentation

Documentation can be found in the Rust Fuzz Book.

You can also always find the full command-line options that are available with --help:

$ cargo fuzz --help

Trophy case

The trophy case has a list of bugs found by cargo fuzz (and others). Did cargo fuzz and libFuzzer find a bug for you? Add it to the trophy case!

License

cargo-fuzz is distributed under the terms of both the MIT license and the Apache License (Version 2.0).

See LICENSE-APACHE and LICENSE-MIT for details.

Dependencies

~2.3–3MB
~56K SLoC