Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Generalize the project to other fuzzers: AFL and Honggfuzz #100

Closed
PaulGrandperrin opened this issue Apr 14, 2018 · 7 comments · Fixed by #102
Closed

Generalize the project to other fuzzers: AFL and Honggfuzz #100

PaulGrandperrin opened this issue Apr 14, 2018 · 7 comments · Fixed by #102

Comments

@PaulGrandperrin
Copy link
Member

Hi, I think it would be really great to be able to use all the available Rust fuzzers as they all have their strengths and weaknesses.

I started a demo project inspired by this project:
https://github.com/PaulGrandperrin/fuzz-targets-rs

Any feedback is welcome!

@PaulGrandperrin
Copy link
Member Author

PaulGrandperrin commented Apr 14, 2018

By the way, the effort has already been fruitful: rust-lang/regex#464

EDIT: 2 in a row rust-lang/regex#465

@frewsxcv
Copy link
Member

yess we should definitely add support for afl.rs and honggfuzz to this repo. how do you think we should proceed?

also we should add these regex bug finds to https://github.com/rust-fuzz/trophy-case :)

@PaulGrandperrin
Copy link
Member Author

Hi @frewsxcv!
Right now I think I still have some ideas to make the organization a little bit better and reduce redondancy.
After that it would be nice to get some feedback on this new code base.
For example, I'm heavily biased against having many small files and boilerplate code so if no-one tells me that I went to far, I might do unwise compromises 😉.

Also, while I'm at it, is there a place where the "rust fuzz authority" can easily exchange with each other? Like IRC or Slack?
I'd also like to start writing some ideas about how to make cargo-fuzz an abstraction over all 3 fuzzers, should I start an RFC? I like this idea, but where would you recommend hosting it?

@frewsxcv
Copy link
Member

Also, while I'm at it, is there a place where the "rust fuzz authority" can easily exchange with each other? Like IRC or Slack?

we haven't had a centralized place for rust fuzzing chat, though i just joined #rust-fuzz on mozilla IRC if you wanna chat there 👋

@frewsxcv
Copy link
Member

For example, I'm heavily biased against having many small files and boilerplate code so if no-one tells me that I went to far, I might do unwise compromises 😉.

@PaulGrandperrin is this a comment about something in particular? the 'targets' repo? the sub-cargo project that cargo-fuzz generates?

I'd also like to start writing some ideas about how to make cargo-fuzz an abstraction over all 3 fuzzers, should I start an RFC? I like this idea, but where would you recommend hosting it?

maybe an issue on the cargo-fuzz repo? we could create an rfcs repo, but not sure we'd get enough traction to warrant its existence

@PaulGrandperrin
Copy link
Member Author

@frewsxcv I joined #rust-fuzz !

@PaulGrandperrin
Copy link
Member Author

Just a heads-up to say that I finished "porting" all the targets to my new repo: https://github.com/PaulGrandperrin/fuzz-targets-rs

The last major missing piece to implement is a way to seed each target individually.

bors bot added a commit that referenced this issue Apr 25, 2018
102: Generalize the project to other fuzzers: AFL and Honggfuzz r=frewsxcv a=PaulGrandperrin

This is far from perfect (all targets are compiled at once) but it works and it's easy to work with (look at and add targets).

All the targets have been ported with only 1 or 2 exceptions that were broken and not easily fixable.
All seeds have been moved over too.
I added a few more targets like `url` and `proc_macro2`.

closes #100 
closes #98 
closes #66 I guess
closes #34 not relevant anymore
closes #73 

Co-authored-by: Paul Grandperrin <[email protected]>
@bors bors bot closed this as completed in #102 Apr 25, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants