libfuzzer

# libFuzzer libFuzzer is an in-process, coverage-guided fuzzer that is part of the LLVM project. It's the recommended starting point for fuzzing C/C++ projects due to its simplicity and integration with the LLVM toolchain. While libFuzzer has been in maintenance-only mode since late 2022, it is easier to install and use than its alternatives, has wide support, and will be maintained for the foreseeable future. ## When to Use | Fuzzer | Best For | Complexity | |--------|----------|------------| | libFuzzer | Quick setup, single-project fuzzing | Low | | AFL++ | Multi-core fuzzing, diverse mutations | Medium | | LibAFL | Custom fuzzers, research projects | High | | Honggfuzz | Hardware-based coverage | Medium | **Choose libFuzzer when:** - You need a simple, quick setup for C/C++ code - Project uses Clang for compilation - Single-core fuzzing is sufficient initially - Transitioning to AFL++ later is an option (harnesses are compatible) **Note:** Fuzzing harnesses written for libFuzzer are compatible with AFL++, making it easy to transition if you need more advanced features like better multi-core support. ## Quick Start ```c++ #include <stdint.h> #include <stddef.h> extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { // Validate input if needed if (size < 1) return 0; // Call your target function with fuzzer-provided data my_target_function(data, size); return 0; } ``` Compile and run: ```bash clang++ -fsanitize=fuzzer,addres...