cargo-fuzz

# cargo-fuzz cargo-fuzz is the de facto choice for fuzzing Rust projects when using Cargo. It uses libFuzzer as the backend and provides a convenient Cargo subcommand that automatically enables relevant compilation flags for your Rust project, including support for sanitizers like AddressSanitizer. ## When to Use cargo-fuzz is currently the primary and most mature fuzzing solution for Rust projects using Cargo. | Fuzzer | Best For | Complexity | |--------|----------|------------| | cargo-fuzz | Cargo-based Rust projects, quick setup | Low | | AFL++ | Multi-core fuzzing, non-Cargo projects | Medium | | LibAFL | Custom fuzzers, research, advanced use cases | High | **Choose cargo-fuzz when:** - Your project uses Cargo (required) - You want simple, quick setup with minimal configuration - You need integrated sanitizer support - You're fuzzing Rust code with or without unsafe blocks ## Quick Start ```rust #![no_main] use libfuzzer_sys::fuzz_target; fn harness(data: &[u8]) { your_project::check_buf(data); } fuzz_target!(|data: &[u8]| { harness(data); }); ``` Initialize and run: ```bash cargo fuzz init # Edit fuzz/fuzz_targets/fuzz_target_1.rs with your harness cargo +nightly fuzz run fuzz_target_1 ``` ## Installation cargo-fuzz requires the nightly Rust toolchain because it uses features only available in nightly. ### Prerequisites - Rust and Cargo installed via [rustup](https://rustup.rs/) - Nightly toolchain ### Linux/macOS ```bash # Install nightly tool...