Generalize the project to other fuzzers: AFL and Honggfuzz

Question

Generalize the project to other fuzzers: AFL and Honggfuzz

PaulGrandperrin opened this issue 7 years ago · 7 comments

Hi, I think it would be really great to be able to use all the available Rust fuzzers as they all have their strengths and weaknesses.

I started a demo project inspired by this project:
https://github.com/PaulGrandperrin/fuzz-targets-rs

Any feedback is welcome!

Answer 1 · 2018-04-14T19:57:41.000Z

By the way, the effort has already been fruitful: rust-lang/regex#464

EDIT: 2 in a row rust-lang/regex#465

Answer 2 · 2018-04-14T23:27:15.000Z

yess we should definitely add support for afl.rs and honggfuzz to this repo. how do you think we should proceed?

also we should add these regex bug finds to https://github.com/rust-fuzz/trophy-case :)

Answer 3 · 2018-04-14T23:55:47.000Z

Hi @frewsxcv!
Right now I think I still have some ideas to make the organization a little bit better and reduce redondancy.
After that it would be nice to get some feedback on this new code base.
For example, I'm heavily biased against having many small files and boilerplate code so if no-one tells me that I went to far, I might do unwise compromises 😉.

Also, while I'm at it, is there a place where the "rust fuzz authority" can easily exchange with each other? Like IRC or Slack?
I'd also like to start writing some ideas about how to make cargo-fuzz an abstraction over all 3 fuzzers, should I start an RFC? I like this idea, but where would you recommend hosting it?

Answer 4 · 2018-04-15T00:59:29.000Z

Also, while I'm at it, is there a place where the "rust fuzz authority" can easily exchange with each other? Like IRC or Slack?

we haven't had a centralized place for rust fuzzing chat, though i just joined #rust-fuzz on mozilla IRC if you wanna chat there 👋

Answer 5 · 2018-04-15T01:58:59.000Z

For example, I'm heavily biased against having many small files and boilerplate code so if no-one tells me that I went to far, I might do unwise compromises 😉.

@PaulGrandperrin is this a comment about something in particular? the 'targets' repo? the sub-cargo project that cargo-fuzz generates?

I'd also like to start writing some ideas about how to make cargo-fuzz an abstraction over all 3 fuzzers, should I start an RFC? I like this idea, but where would you recommend hosting it?

maybe an issue on the cargo-fuzz repo? we could create an rfcs repo, but not sure we'd get enough traction to warrant its existence

Answer 6 · 2018-04-16T08:26:30.000Z

@frewsxcv I joined #rust-fuzz !

Answer 7 · 2018-04-20T16:37:04.000Z

Just a heads-up to say that I finished "porting" all the targets to my new repo: https://github.com/PaulGrandperrin/fuzz-targets-rs

The last major missing piece to implement is a way to seed each target individually.