https://github.com/orion-rs/orion-fuzz
Fuzzing the Rust crypto library orion with honggfuzz-rs
https://github.com/orion-rs/orion-fuzz
crypto-fuzzing fuzzing honggfuzz-rs orion rust
Last synced: 4 months ago
JSON representation
Fuzzing the Rust crypto library orion with honggfuzz-rs
- Host: GitHub
- URL: https://github.com/orion-rs/orion-fuzz
- Owner: orion-rs
- License: mit
- Created: 2018-12-28T13:27:50.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2025-06-14T07:56:25.000Z (about 1 year ago)
- Last Synced: 2025-06-14T08:36:33.186Z (about 1 year ago)
- Topics: crypto-fuzzing, fuzzing, honggfuzz-rs, orion, rust
- Language: Rust
- Homepage:
- Size: 820 KB
- Stars: 1
- Watchers: 3
- Forks: 1
- Open Issues: 4
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
These are fuzzing targets for fuzzing [orion](https://github.com/orion-rs/orion).
Fuzzing is done using [honggfuzz-rs](https://github.com/rust-fuzz/honggfuzz-rs).
### Getting started
To start fuzzing, you must install the same version of honggfuzz as the one specified in the `Cargo.toml`:
```
cargo install --force honggfuzz --vers 0.5.56
```
By default, the master branch of orion is used for fuzzing. If another version needs to be fuzzed, specify the version
in the `Cargo.toml` accordingly.
Some fuzzing targets use [sodiumoxide](https://github.com/sodiumoxide/sodiumoxide) to cross-verify results. Any target
that uses sodiumoxide requires libsodium to be installed on the system as well.
#### Fuzzing with sanitizers
To fuzz with ASan (with ODR violation detection turned off):
```
RUSTFLAGS="-Z sanitizer=address" ASAN_OPTIONS="detect_odr_violation=0" cargo +nightly hfuzz run aead
```
To fuzz with LeakSanitizer:
```
RUSTFLAGS="-Z sanitizer=leak" cargo +nightly hfuzz run aead
```
Some of the targets do some heavy processing, so specifying the timeout can be required:
```
RUSTFLAGS="-Z sanitizer=address" ASAN_OPTIONS="detect_odr_violation=0" HFUZZ_RUN_ARGS="-t 30" cargo +nightly hfuzz run aead
```
where `-t 30` is in seconds.
All the above examples run the `aead` target. This can be any fuzzing target in `src/` that is not `util`.
#### Corpus minimization
```
HFUZZ_RUN_ARGS="--minimize" cargo hfuzz run aead
```