Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support fuzzing without sanitizers #158

Open
Shnatsel opened this Issue Jun 23, 2018 · 5 comments

Comments

Projects
None yet
3 participants
@Shnatsel
Copy link
Member

Shnatsel commented Jun 23, 2018

There are use cases for fuzzing binaries with cargo-fuzz without sanitizers:

  1. Fuzzing entirely safe code to test for panics
  2. Building initial corpus to feed it to more resource-intensive fuzzers later on

However, this is not currently possible with cargo-fuzz: passing no -s flag defaults to address sanitizer, passing "" has no effect, passing "none" says there's no such sanitizer.

For now I'm forced to use leak sanitizer, which seems to be the least resource-hungry of the bunch, but it still introduces a performance penalty. It would be nice to be able to disable sanitizers altogether.

@Manishearth

This comment has been minimized.

Copy link
Member

Manishearth commented Jun 23, 2018

@Shnatsel

This comment has been minimized.

Copy link
Member Author

Shnatsel commented Jun 23, 2018

According to libfuzzer documentation you only need -fsanitize=fuzzer but not e.g. -fsanitize=fuzzer,address

Or is this something specific to Rust?

@PaulGrandperrin

This comment has been minimized.

Copy link
Member

PaulGrandperrin commented Sep 27, 2018

For the record, I can say that it's not related to Rust because honggfuzz-rs works well with and without sanitizer.

@Manishearth

This comment has been minimized.

Copy link
Member

Manishearth commented Sep 27, 2018

No, I think that sanitize option did not exist or was not recommended in the libfuzzer docs when I wrote this crate. Feel free to make it the default.

@Shnatsel

This comment has been minimized.

Copy link
Member Author

Shnatsel commented Sep 27, 2018

I think changing the default should result in a major version bump, since it would effectively break existing deployments e.g. on CI that expect Address Sanitizer to be the default.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.