Fuzzing Rust
- Create The Crate
- Change The Crate Lib Type
- Add LibAFL-Targets Crate as a Dependency
- Features
- Choosing Good Fuzz Targets
- Creating our Fuzz Target
- Ownership and Moves
- Borrowing Mutably and Immutably
- Slices
- More Resources
- Implement the Fuzz Target
- Allocate Some Memory
- Decode Encoded Input
if letBindings- Ranges
- Test the Fuzz Target
- Analyzing the Bug
- Summary
- Create The Fuzzer Crate
- Add the LibAFL Crate as a Dependency
- Add LibAFL-Targets Crate as a Dependency
- Add the Target Crate as a Dependency
- Add Additional Dependencies
- Create a Build Script
- Coverage Sanitizer
- The Build Script
- Delete The Template
main.rs - Set The Global Allocator
- Import Coverage Observer
- Declare Functions From Target
- Add An Argument Parser
- Derive Macros
cargo buildcargo run- Add a Harness
- Closures
- Create A Harness Closure
- Add Observers and Feedbacks
- Observers
- Feedbacks
- Add Our Observers and Feedbacks
- Add Random Provider, Corpus, Solution Corpus, and State
- Random Provider
- Corpus
- Solution Corpus
- State
- Add Monitor, Event Manager, Scheduler, and Fuzzer
- Monitor
- Event Manager
- Scheduler
- Fuzzer
- Add Executor, Mutator, and Stages
- Executor
- Mutator
- Stages
- Load the Input Corpus
- Start The Fuzz Loop
- Run The Fuzzer
- Add A Corpus Entry
- Launch the Fuzzer
- Triage The Crash
- Summary