#fuzz #cargo #cargo-subcommand #fuzzing #llvm #subcommand #helpers

app cargo-fuzz

A cargo subcommand for using libFuzzer! Easy to use! No need to recompile LLVM!

27 releases

new 0.9.1 Feb 22, 2021
0.8.0 Jun 25, 2020
0.7.4 Mar 31, 2020
0.6.0 Dec 20, 2019
0.4.0 Mar 30, 2017

#35 in Testing

Download history 804/week @ 2020-11-04 881/week @ 2020-11-11 1525/week @ 2020-11-18 1365/week @ 2020-11-25 1791/week @ 2020-12-02 1628/week @ 2020-12-09 1152/week @ 2020-12-16 503/week @ 2020-12-23 1034/week @ 2020-12-30 1112/week @ 2021-01-06 1276/week @ 2021-01-13 2153/week @ 2021-01-20 2055/week @ 2021-01-27 1774/week @ 2021-02-03 1587/week @ 2021-02-10 1477/week @ 2021-02-17

6,152 downloads per month
Used in lol_html

MIT/Apache

48KB
1K SLoC

cargo fuzz

A cargo subcommand for using libFuzzer! Easy to use! No need to recompile LLVM!

Installation

$ cargo install cargo-fuzz

Note: libFuzzer needs LLVM sanitizer support, so this only works on x86-64 Linux and x86-64 macOS for now. This also needs a nightly Rust toolchain since it uses some unstable command-line flags. Finally, you'll also need a C++ compiler with C++11 support.

If you have an old version of cargo fuzz, you can upgrade with this command:

$ cargo install -f cargo-fuzz

Usage

cargo fuzz init

Initialize a cargo fuzz project for your crate!

cargo fuzz add <target>

Create a new fuzzing target!

cargo fuzz run <target>

Run a fuzzing target and find bugs!

cargo fuzz fmt <target> <input>

Print the std::fmt::Debug output for a test case. Useful when your fuzz target takes an Arbitrary input!

cargo fuzz tmin <target> <input>

Found a failing input? Minify it to the smallest input that causes that failure for easier debugging!

cargo fuzz cmin <target>

Minify your corpus of input files!

Documentation

Documentation can be found in the Rust Fuzz Book.

You can also always find the full command-line options that are available with --help:

$ cargo fuzz --help

Trophy case

The trophy case has a list of bugs found by cargo fuzz (and others). Did cargo fuzz and libFuzzer find a bug for you? Add it to the trophy case!

License

cargo-fuzz is distributed under the terms of both the MIT license and the Apache License (Version 2.0).

See LICENSE-APACHE and LICENSE-MIT for details.

Dependencies

~2.3–3MB
~58K SLoC