[package] name = "libafl" version.workspace = true authors = ["Andrea Fioraldi ", "Dominik Maier "] description = "Slot your own fuzzers together and extend their features using Rust" documentation = "https://docs.rs/libafl" repository = "https://github.com/AFLplusplus/LibAFL/" readme = "../README.md" license = "MIT OR Apache-2.0" keywords = ["fuzzing", "testing", "security"] edition = "2021" categories = ["development-tools::testing", "emulators", "embedded", "os", "no-std"] [package.metadata.docs.rs] features = ["document-features"] all-features = true rustc-args = ["--cfg", "docsrs"] [features] default = ["std", "derive", "llmp_compression", "llmp_small_maps", "llmp_broker_timeouts", "rand_trait", "fork", "prelude", "gzip", "regex", "serdeany_autoreg", "tui_monitor", "libafl_bolts/xxh3"] document-features = ["dep:document-features"] #! # Feature Flags #! ### General Features ## Enables features that need rust's `std` lib to work, like print, env, ... support std = ["serde_json", "serde_json/std", "nix", "serde/std", "bincode", "wait-timeout", "uuid", "backtrace", "serial_test", "libafl_bolts/std", "typed-builder"] ## Tracks the Feedbacks and the Objectives that were interesting for a Testcase track_hit_feedbacks = ["std"] ## Collects performance statistics of the fuzzing pipeline and displays it on `Monitor` components introspection = [] ## Collects stats about scalability scalability_introspection = [] ## Expose `libafl::prelude` for access without additional using directives prelude = ["libafl_bolts/prelude"] ## Calculate exec/sec like AFL, using 5 second time windows afl_exec_sec = [] ## Stores the backtraces of all generated `Error`s. Good for debugging, but may come with a slight performance hit. errors_backtrace = ["libafl_bolts/errors_backtrace"] ## Switches from `HashMap` to `BTreeMap` for `CorpusId` corpus_btreemap = [] ## Enables gzip compression in certain parts of the lib gzip = ["libafl_bolts/gzip"] ## If set, will use the `fork()` syscall to spawn children, instead of launching a new command, if supported by the OS (has no effect on `Windows`). fork = ["libafl_bolts/derive"] ## If this feature is set, `LibAFL` targets (and the fuzzer) will crash on `SIGPIPE` on unix systems. handle_sigpipe = [] #! ## Additional Components ## Enables `TcpEventManager`, a simple EventManager proxying everything via TCP. This uses `tokio`. tcp_manager = ["tokio", "std"] ## Enables compression for the TCP manager tcp_compression = ["tcp_manager", "libafl_bolts/gzip"] ## Enables the `NaiveTokenizer` and `StacktraceObserver` regex = ["std", "dep:regex"] ## Enables deduplication based on `libcasr` for `StacktraceObserver` casr = ["libcasr", "std", "regex"] ## Enables features for corpus minimization cmin = ["z3"] ## Enables the `PrometheusMonitor` which will monitor stats via UDP, for `Grafana` and others. prometheus_monitor = ["std", "async-std", "prometheus-client", "tide", "futures"] ## Include a simple concolic mutator based on z3 concolic_mutation = ["z3"] ## Enable the fancy TuiMonitor for a termanal UI using crossterm tui_monitor = ["ratatui", "crossterm"] ## Enables `UnicodeClassificationStage` and associated mutators, which allow for mutations which preserve the Unicode property data unicode = ["libafl_bolts/alloc", "ahash/std", "serde/rc", "bitvec"] ## Enable multi-part input formats and mutators multipart_inputs = ["arrayvec", "rand_trait"] #! ## LibAFL-Bolts Features ## Provide the `#[derive(SerdeAny)]` macro. derive = ["libafl_derive", "libafl_bolts/derive"] # provide `derive(SerdeAny) macro. ## Expose `libafl_bolts::cli` for easy commandline parsing of common fuzzer settings cli = ["libafl_bolts/cli"] ## Enables extra commandline flags for qemu-based fuzzers in `cli` qemu_cli = ["cli", "libafl_bolts/qemu_cli"] ## Enables extra commandline flags for frida-based fuzzers in `cli` frida_cli = ["cli", "libafl_bolts/frida_cli"] ## If set, libafl_bolt's `rand` implementations will implement `rand::Rng` rand_trait = ["libafl_bolts/rand_trait"] #! ### SerdeAny features ## Automatically register all `#[derive(SerdeAny)]` types at startup. serdeany_autoreg = ["libafl_bolts/serdeany_autoreg"] #! ### LLMP features ## The broker loop will yield occasionally, even without status messages from client nodes llmp_broker_timeouts = ["std"] ## If set, llmp will bind to 0.0.0.0, allowing cross-device communication. Binds to localhost by default. llmp_bind_public = ["libafl_bolts/llmp_bind_public"] ## Enables llmp compression using GZip llmp_compression = ["libafl_bolts/llmp_compression"] ## Enables debug output for LLMP (also needs a `logger` installed) llmp_debug = ["std", "libafl_bolts/llmp_debug"] ## Reduces the initial map size for llmp llmp_small_maps = ["libafl_bolts/llmp_small_maps"] # reduces initial map size for llmp ## Grammar mutator. Requires nightly. nautilus = ["std", "serde_json/std", "pyo3", "rand_trait", "regex-syntax", "regex"] [build-dependencies] rustversion = "1.0" [dev-dependencies] serde_json = { version = "1.0", default-features = false, features = ["alloc"] } # clippy-suggested optimised byte counter bytecount = "0.6.3" [dependencies] libafl_bolts = { version = "0.13.0", path = "../libafl_bolts", default-features = false, features = ["alloc"] } libafl_derive = { version = "0.13.0", path = "../libafl_derive", optional = true } rustversion = "1.0" tuple_list = { version = "0.1.3" } hashbrown = { version = "0.14", features = ["serde", "ahash"], default-features = false } # A faster hashmap, nostd compatible num-traits = { version = "0.2", default-features = false } serde = { version = "1.0", default-features = false, features = ["alloc", "derive"] } # serialization lib postcard = { version = "1.0", features = ["alloc"], default-features = false } # no_std compatible serde serialization format bincode = { version = "1.3", optional = true } c2rust-bitfields = { version = "0.18", features = ["no_std"] } ahash = { version = "0.8", default-features = false } # The hash function already used in hashbrown meminterval = { version = "0.4", features = ["serde"] } backtrace = { version = "0.3", optional = true } # Used to get the stacktrace in StacktraceObserver typed-builder = { version = "0.18", optional = true } # Implement the builder pattern at compiletime serde_json = { version = "1.0", optional = true, default-features = false, features = ["alloc"] } nix = { version = "0.29", optional = true } regex = { version = "1", optional = true } uuid = { version = "1.4", optional = true, features = ["serde", "v4"] } libm = "0.2.2" ratatui = { version = "0.26.3", default-features = false, features = ['crossterm'], optional = true } # Commandline rendering, for TUI Monitor crossterm = { version = "0.27.0", optional = true } prometheus-client = { version = "0.22", optional = true } # For the prometheus monitor tide = { version = "0.16.0", optional = true } async-std = { version = "1.12.0", features = ["attributes"], optional = true } futures = { version = "0.3.24", optional = true } log = "0.4.20" tokio = { version = "1.28.1", optional = true, features = ["sync", "net", "rt", "io-util", "macros"] } # only used for TCP Event Manager right now wait-timeout = { version = "0.2", optional = true } # used by CommandExecutor to wait for child process concat-idents = { version = "1.1.3", optional = true } libcasr = { version = "2.7", optional = true } bitvec = { version = "1.0", optional = true, features = ["serde"] } # used for string range storage arrayvec = { version = "0.7.4", optional = true, default-features = false } # used for fixed-len collects const_format = "0.2.32" # used for providing helpful compiler output const_panic = "0.2.8" # similarly, for formatting const panic output pyo3 = { version = "0.18.3", optional = true } # For nautilus regex-syntax = { version = "0.8.3", optional = true } # For nautilus # optional-dev deps (change when target.'cfg(accessible(::std))'.test-dependencies will be stable) serial_test = { version = "3", optional = true, default-features = false, features = ["logging"] } # Document all features of this crate (for `cargo doc`) document-features = { version = "0.2", optional = true } [target.'cfg(unix)'.dependencies] libc = "0.2" # For (*nix) libc z3 = { version = "0.12.0", optional = true } # for concolic mutation [target.'cfg(windows)'.dependencies] windows = { version = "0.51.1", features = ["Win32_Foundation", "Win32_System_Threading", "Win32_System_Diagnostics_Debug", "Win32_System_Kernel", "Win32_System_Memory", "Win32_Security", "Win32_System_SystemInformation"] } [target.'cfg(windows)'.build-dependencies] windows = "0.51.1" #[profile.release] #lto = true #opt-level = 3 #debug = true