afl.rs
Fuzzing Rust code with american fuzzy lop (AFL)
Screen recording of AFL running on Rust code. The code under test is examples/hello.rs in this repository.
What is it?
Fuzz testing is a software testing technique used to find security and stability issues by providing pseudo-random data as input to the software. American fuzzy lop is a popular, effective, and modern fuzz testing tool. This library, afl.rs, allows one to run AFL on code written in the Rust programming language.
Book
Documentation for afl.rs can be found here:
It's still a work in progress, but has enough information to get you started.
Upcoming changes
- ✨ Logo ✨
- Simpler API
- Don't require users to have AFL installed (utilize afl-sys crate)
Trophy case
- brotli-rs: #2, #3, #4, #5, #6, #7, #8, #9, #10, #11, #12
- flac: #3
- httparse: #9
- image: #414, #473, #474, #477
- jpeg-decoder: #38, #50
- mp4parse-rust: #2, #4, #5, #6
- rustc: #24275, #24276
- rust-url: #108
- regex: #84
- rust-asn1: #32
- rustc-serialize: #109, #110
- serde: #75, #77, #82
- tar-rs: #23
- xml-rs: #93
- Logic errors in tendril and its html5ever integration
These bugs aren't nearly as serious as the memory-safety issues afl has
discovered in C and C++ projects.
That's because Rust is memory-safe by default, but also because not many people
have tried afl.rs yet! Over time we will update this section with the most
interesting bugs, whether they're logic errors or memory-safety problems
arising from unsafe code. Pull requests are welcome!