Skip to content

PBetzler/cifuzz

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

cifuzz by Code Intelligence

cifuzz

makes fuzz tests as easy as unit tests


Docs | Glossary | Examples | Website | Blog | Twitter | YouTube


IMPORTANT: This project is under active development. Be aware that the behavior of the commands or the configuration can change.

What is cifuzz

cifuzz is a CLI tool that helps you to integrate and run fuzzing based tests into your project.

Features

CLion IDEA VSCode C++ Java Android CMake gradle Maven Bazel JavaScript TypeScript Node.js

Getting started

All you need to get started with fuzzing are these three simple commands:

$ cifuzz init            # initialize your project
$ cifuzz create          # create a simple fuzz test to start from
$ cifuzz run myfuzztest  # run the fuzz test

CLI showcase

If you are new to the world of fuzzing, we recommend you to take a look at our Glossary and our example projects.

Read the getting started guide if you just want to learn how to fuzz your applications with cifuzz.

Installation

You can get the latest release from GitHub or by running our install script:

sh -c "$(curl -fsSL https://raw.githubusercontent.com/CodeIntelligenceTesting/cifuzz/main/install.sh)"

If you are using Windows you can download the latest release and execute it.

Do not forget to add the installation's bin directory to your PATH. You can find additional information in our Installation Guide.

Prerequisites

Depending on your language / build system of choice cifuzz has different prerequisites:

C/C++ with CMake

Ubuntu / Debian

sudo apt install cmake clang llvm lcov

Arch

sudo pacman -S cmake clang llvm lcov

macOS

brew install cmake llvm lcov

Windows

At least Visual Studio 2022 version 17 is required.

Please make sure to

  • select "Develop Desktop C++ applications" in the Visual Studio Installer
  • check "C++ Clang Compiler for Windows" in the "Individual Components" tab
  • check "C++ CMake Tools for Windows" in the "Individual Components" tab
  • check "MSBuild support for LLVM (clang-cl) toolset" in the "Individual Components" tab

You can add these components anytime by choosing "Modify" in the Visual Studio Installer.

choco install lcov

You may have to add %ChocolateyInstall%\lib\lcov\tools\bin to your PATH variable.

C/C++ with Bazel

Ubuntu / Debian

sudo apt install clang llvm lcov default-jdk zip

# install bazelisk
sudo curl -L https://github.com/bazelbuild/bazelisk/releases/latest/download/bazelisk-linux-amd64 -o /usr/local/bin/bazel
sudo chmod +x /usr/local/bin/bazel

Arch

sudo pacman -S clang llvm lcov python jdk-openjdk zip

# install bazelisk
sudo curl -L https://github.com/bazelbuild/bazelisk/releases/latest/download/bazelisk-linux-amd64 -o /usr/local/bin/bazel
sudo chmod +x /usr/local/bin/bazel

macOS Bazel C/C++ projects are currently not supported on macOS.

Windows Bazel C/C++ projects are currently not supported on Windows.

Java with Maven

Ubuntu / Debian

sudo apt install default-jdk maven

Arch

sudo pacman -S jdk-openjdk maven

macOS

brew install openjdk maven

Windows

choco install microsoft-openjdk maven
Java with Gradle

Ubuntu / Debian

sudo apt install default-jdk gradle

Arch

sudo pacman -S jdk-openjdk gradle

macOS

brew install openjdk gradle

Windows

choco install microsoft-openjdk gradle
Android

Info: Currently cifuzz is not supporting fuzz tests running in an emulator or on a device, it is still possible to run local tests. You can find more information and an example at the cifuzz-gradle-plugin repository.

Node.js

Ubuntu / Debian

sudo apt install nodejs

Arch

sudo pacman -S nodejs

macOS

brew install nodejs

Windows

choco install nodejs

Windows

In order to get font colors and glyphs to render properly install the Windows Terminal from the Microsoft Store. Run cifuzz in Developer PowerShell for VS 2022 inside of Windows Terminal.

Limitations

Windows

  • C/C++ projects are only supported with CMake and fuzz tests cannot depend on shared libraries.
  • Continuous code coverage is not supported for C/C++ projects.

Troubleshooting

If you encounter problems installing or running cifuzz, you can check Troubleshooting for possible solutions.

Contributing

Want to help improve cifuzz? Check out our contributing documentation. There you will find instructions for building the tool locally.

If you find an issue, please report it to cifuzz@code-intelligence.com.

About

cifuzz makes fuzz tests as easy as unit tests

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Go 90.5%
  • C 2.3%
  • Java 2.3%
  • CMake 1.6%
  • C++ 1.6%
  • Makefile 0.8%
  • Other 0.9%