Skip to content

Releases: thepudds/fzgo

Auto generate fuzzers from normal non-fuzz functions

17 Feb 22:32
@thepudds thepudds
v0.2.2
df8cd25
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Auto generate fuzzers from normal non-fuzz functions Latest
Latest
  • Auto generate fuzzers from normal non-fuzz functions via genfuzzfuncs, an optional experimental utility not part of #19109 proposal. (This has been available for a while, but this is the first tagged release with this).
  • For rich signatures, a new string encoding to work better with sonar.
  • Allow multiple package arguments on the fzgo command line to allow fuzzing more than one package at a time.
  • To ease experimentation, FZGOFLAGSBUILD and FZGOFLAGSFUZZ environmental variables can optionally contain a space-separated list of arguments to pass to go-fuzz-build and go-fuzz, respectively.
Assets 2
Loading

Allow multiple input corpus locations, change default destination corpus

03 Aug 21:50
@thepudds thepudds
v0.2.1
709a788
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Allow multiple input corpus locations, change default destination corpus
  • The default destination corpus location is now GOPATH/pkg/fuzz/corpus/... if you do not specify -fuzzdir.
  • If you specify -fuzzdir=testdata, the destination corpus is <pkg-path>/testdata/fuzz/<func>/corpus (which was the default destination prior to this release).
  • fzgo now uses multiple input corpus from any of the locations it knows about.
  • See comment in PR #7 for details.
Assets 2
Loading

Support fuzzing rich signatures beyond Fuzz(data []byte)

01 Aug 00:42
@thepudds thepudds
v0.2.0
ad61927
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Support fuzzing rich signatures beyond Fuzz(data []byte)
  • Add support for fuzzing rich signatures, such as:

func FuzzFunc(re string, input []byte, posix bool) (bool, error)

  • Directly manage randomness for rich signatures, which also enables literal injection. This allows examples like this to be guessed within a few seconds of fuzzing:
func FuzzHardToGuessNumber(guessMe int64) {
	if guessMe == 0x123456789 {
		panic("bingo")
	}
}
Assets 2
Loading

Use corpus as deterministic unit tests when not fuzzing

21 Jul 03:49
@thepudds thepudds
v0.1.1
8349802
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Use corpus as deterministic unit tests when not fuzzing

If running fzgo test <pkg>, the normal go test <pkg> behavior occurs to test <pkg>, but now any corpus for <pkg> is also automatically used as input for an additional set of deterministic unit tests. No new random inputs are created in this scenario so that normal testing remains deterministic.

Assets 2
Loading

Initial tagged release

21 Jul 00:27
@thepudds thepudds
v0.1.0
fa8832a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Initial tagged release

Includes:

  • the initial set of functionality first published in Jan 2019.
  • some follow-on work, such as support for multiple fuzz targets at same time.
Assets 2
Loading