* create the string classification stage

* modify API to pre-group

* preserving mutator

* more meaningful test

* subproperty mutators + some fixes

* document, finalise, integrate with libafl_libfuzzer

* add example, fix for weird range select

* fix for introspection

* fix fuzzer build

* speed optimisation: allow, but do not require, stacking

* property => category

* token replacement

* fixup: rare case where rust does not agree on valid character

* fix CI again

* again again

* take two: dynamic unicode discovery

* oops

* fix: last byte is never selected

* opt: bias to smaller unicode categories

* fix test

* opt: precompute regions and fix tests

* cache and allow stacking

* document and update libafl_libfuzzer

* oops, use reverse

* fix bolts clippy error

* fixup part 2

* clippy

* part 2

* clippy warning allow

* clippy complaint

* use alloc not std

---------

Co-authored-by: toka <tokazerkje@outlook.com>

2023-11-21 00:41:16 +01:00

599 B

Raw Permalink Blame History

Baby fuzzer: unicode

This is a minimalistic example about how to create a libafl based fuzzer.

It runs on a single core until a crash occurs and then exits.

The tested program is a simple Rust function without any instrumentation. For real fuzzing, you will want to add some sort to add coverage or other feedback.

You can run this example using cargo run, and you can enable the TUI feature by running cargo run --features tui.

Unicode

This fuzzer uses mutators which preserve unicode properties. For programs which have string-heavy inputs, you may consider using the same strategy.

599 B Raw Permalink Blame History

Baby fuzzer: unicode

Unicode

599 B

Raw Permalink Blame History