Cargo-fuzz: Many scripts or one script dispatching on input data

hsivonen · May 3, 2017, 1:37pm

It seems that while cargo-fuzz supports multiple fuzzer scripts, one could also use the first byte(s) of the input buffer to decide which test to run using the rest of the input buffer.

Does doing the latter confuse the fuzzer's self-learning features? That is, if I want to fuzz foo() and bar() should I have two fuzzer scripts and make sure I remember to run both instead of having one script that checks a bit in the first input byte to decide between foo() and bar()?

hsivonen · May 15, 2017, 2:14pm

I still don't know what the right answer is, but absent advice either way, I went ahead with dispatching on the first bytes of the input buffer instead of writing many fuzzer scripts, and cargo-fuzz seems to work well enough that way.

Topic		Replies	Views
Fuzzing with cargo fuzz	4	1104	January 12, 2023
Cargo-fuzz is now 10x faster, better supports sanitizers announcements	1	887	September 24, 2020
Why does cargo think that the fuzz targets functions are tests? help	4	519	January 1, 2023
Using Rust for short scripts? help	3	574	January 12, 2023
Multiple binary versions using Cargo help	11	244	March 4, 2024

Cargo-fuzz: Many scripts or one script dispatching on input data

Related Topics