Skip to content

PaulGrandperrin/libfuzzer-sys

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

41 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Barebones wrapper around libFuzzer runtime library.

The CPP parts are extracted from compiler-rt git repository with git filter-branch.

libFuzzer relies on LLVM sanitizer support. The Rust compiler has built-in support for LLVM sanitizer support, for now, it's limited to Linux. As a result, libfuzzer-sys only works on Linux.

How to use

Use cargo-fuzz.

This crate can also be used manually as following:

First create a new cargo project:

$ cargo new --bin fuzzed
$ cd fuzzed

Then add a dependency on the fuzzer-sys crate and your own crate:

[dependencies]
libfuzzer-sys = { git = "https://github.com/rust-fuzz/libfuzzer-sys.git" } # will eventually publish to crates.io
your_crate = "*" # or something

and change the src/main.rs to fuzz your code:

#![no_main]

#[macro_use]
extern crate libfuzzer_sys;
extern crate your_crate;

fuzz_target!(|data: &[u8]| {
    // code to fuzz goes here
});

Finally, run the following commands:

$ cargo rustc -- -C passes='sancov' -C llvm-args='-sanitizer-coverage-level=3' -Z sanitizer=address
$ ./target/debug/fuzzed # runs fuzzing

License

All files in libfuzzer directory are licensed NCSA. Everything else is dual-licensed Apache 2.0 and MIT.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C++ 93.5%
  • Rust 2.1%
  • CMake 2.0%
  • C 1.5%
  • Other 0.9%