code-intelligence.com/cifuzz@v0.40.0/README.md (about) 1 <div align="center"> 2 <a href="https://code-intelligence.com"><img src="/docs/assets/header.png" alt="cifuzz by Code Intelligence" /></a> 3 <h1>cifuzz</h1> 4 <p>makes fuzz tests as easy as unit tests</p> 5 <a href="https://github.com/CodeIntelligenceTesting/cifuzz/releases"> 6 <img src="https://img.shields.io/github/v/release/CodeIntelligenceTesting/cifuzz"> 7 </a> 8 <a href="https://github.com/CodeIntelligenceTesting/cifuzz/actions/workflows/pipeline_tests.yml?query=branch%3Amain"> 9 <img src="https://img.shields.io/github/actions/workflow/status/CodeIntelligenceTesting/cifuzz/pipeline_tests.yml?branch=main&logo=github" /> 10 </a> 11 <a href="https://github.com/CodeIntelligenceTesting/cifuzz/blob/main/CONTRIBUTING.md"> 12 <img src="https://img.shields.io/badge/PRs-welcome-brightgreen.svg" /> 13 </a> 14 <a href="https://github.com/CodeIntelligenceTesting/cifuzz/blob/main/LICENSE"> 15 <img src="https://img.shields.io/github/license/CodeIntelligenceTesting/cifuzz" /> 16 </a> 17 18 <br /> 19 20 <a href="https://docs.code-intelligence.com/cifuzz-cli" target="_blank">Docs</a> 21 | 22 <a href="https://github.com/CodeIntelligenceTesting/cifuzz/blob/main/docs/Glossary.md">Glossary</a> 23 | 24 <a href="https://github.com/CodeIntelligenceTesting/cifuzz/tree/main/examples">Examples</a> 25 | 26 <a href="https://www.code-intelligence.com/" target="_blank">Website</a> 27 | 28 <a href="https://www.code-intelligence.com/blog" target="_blank">Blog</a> 29 | 30 <a href="https://twitter.com/CI_Fuzz" target="_blank">Twitter</a> 31 | 32 <a href="https://www.youtube.com/channel/UCjXN5ac3tgXgtuCoSnQaEmA" target="_blank">YouTube</a> 33 34 </div> 35 36 --- 37 38 > **_IMPORTANT:_** This project is under active development. 39 > Be aware that the behavior of the commands or the configuration 40 > can change. 41 42 ## What is cifuzz 43 44 **cifuzz** is a CLI tool that helps you to integrate and run fuzzing 45 based tests into your project. 46 47 ## Features 48 49 - Easily set up, create and run fuzz tests 50 - Generate coverage reports that [can be integrated in your 51 IDE](docs/Coverage-ide-integrations.md) 52 - Supports multiple programming languages and build systems 53 54 ![CLion](/docs/assets/tools/clion.png) 55 ![IDEA](/docs/assets/tools/idea.png) 56 ![VSCode](/docs/assets/tools/vscode.png) 57 ![C++](/docs/assets/tools/cpp.png) 58 ![Java](/docs/assets/tools/java.png) 59 ![Android](/docs/assets/tools/android.png) 60 ![CMake](/docs/assets/tools/cmake.png) 61 ![gradle](/docs/assets/tools/gradle.png) 62 ![Maven](/docs/assets/tools/maven.png) 63 ![Bazel](/docs/assets/tools/bazel.png) 64 65 ## Getting started 66 67 All you need to get started with fuzzing are these three simple commands: 68 69 ```elixir 70 $ cifuzz init # initialize your project 71 $ cifuzz create # create a simple fuzz test to start from 72 $ cifuzz run myfuzztest # run the fuzz test 73 ``` 74 75 ![CLI showcase](/docs/assets/showcase.gif) 76 77 If you are new to the world of fuzzing, we recommend you to take a 78 look at our [Glossary](docs/Glossary.md) and our 79 [example projects](examples/). 80 81 **Read the [getting started guide](docs/Getting-Started.md) if you just want to 82 learn how to fuzz your applications with cifuzz.** 83 84 ## Installation 85 86 You can get the 87 [latest release from GitHub](https://github.com/CodeIntelligenceTesting/cifuzz/releases/latest) 88 or by running our install script: 89 90 ```bash 91 sh -c "$(curl -fsSL https://raw.githubusercontent.com/CodeIntelligenceTesting/cifuzz/main/install.sh)" 92 ``` 93 94 If you are using Windows you can download 95 the [latest release](https://github.com/CodeIntelligenceTesting/cifuzz/releases/latest/download/cifuzz_installer_windows_amd64.exe) 96 and execute it. 97 98 Do not forget to add the installation's `bin` directory to your `PATH`. 99 You can find additional information in our [Installation Guide](docs/Installation-Guide.md). 100 101 ### Prerequisites 102 103 Depending on your language / build system of choice **cifuzz** has 104 different prerequisites: 105 106 <details> 107 <summary>C/C++ with CMake</summary> 108 109 - [CMake >= 3.16](https://cmake.org/) 110 - [LLVM >= 11](https://clang.llvm.org/get_started.html) 111 112 **Ubuntu / Debian** 113 114 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 115 116 ```bash 117 sudo apt install cmake clang llvm lcov 118 ``` 119 120 **Arch** 121 122 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 123 124 ```bash 125 sudo pacman -S cmake clang llvm lcov 126 ``` 127 128 **macOS** 129 130 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 131 132 ```bash 133 brew install cmake llvm lcov 134 ``` 135 136 **Windows** 137 138 At least Visual Studio 2022 version 17 is required. 139 140 Please make sure to 141 142 - select **"Develop Desktop C++ applications"** in the Visual Studio Installer 143 - check **"C++ Clang Compiler for Windows"** in the "Individual Components" tab 144 - check **"C++ CMake Tools for Windows"** in the "Individual Components" tab 145 - check **"MSBuild support for LLVM (clang-cl) toolset"** in the "Individual Components" tab 146 147 You can add these components anytime by choosing "Modify" in the Visual Studio Installer. 148 149 ```bash 150 choco install lcov 151 ``` 152 153 You may have to add %ChocolateyInstall%\lib\lcov\tools\bin to your PATH variable. 154 155 </details> 156 157 <details> 158 <summary>C/C++ with Bazel</summary> 159 160 - [Bazel >= 5.3.2 (>=6.0.0 on macOS)](https://bazel.build/install) 161 - Java JDK >= 8 (1.8) (e.g. [OpenJDK](https://openjdk.java.net/install/) or 162 [Zulu](https://www.azul.com/downloads/zulu-community/)) 163 is needed for Bazel's coverage feature. 164 - [LLVM >= 11](https://clang.llvm.org/get_started.html) 165 - [lcov](https://github.com/linux-test-project/lcov) 166 167 **Ubuntu / Debian** 168 169 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 170 171 ```bash 172 sudo apt install clang llvm lcov default-jdk zip 173 174 # install bazelisk 175 sudo curl -L https://github.com/bazelbuild/bazelisk/releases/latest/download/bazelisk-linux-amd64 -o /usr/local/bin/bazel 176 sudo chmod +x /usr/local/bin/bazel 177 ``` 178 179 **Arch** 180 181 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 182 183 ```bash 184 sudo pacman -S clang llvm lcov python jdk-openjdk zip 185 186 # install bazelisk 187 sudo curl -L https://github.com/bazelbuild/bazelisk/releases/latest/download/bazelisk-linux-amd64 -o /usr/local/bin/bazel 188 sudo chmod +x /usr/local/bin/bazel 189 ``` 190 191 **macOS** 192 Bazel C/C++ projects are currently not supported on macOS. 193 194 **Windows** 195 Bazel C/C++ projects are currently not supported on Windows. 196 197 </details> 198 199 <details> 200 <summary>Java with Maven</summary> 201 202 - Java JDK >= 8 (1.8) (e.g. [OpenJDK](https://openjdk.java.net/install/) or 203 [Zulu](https://www.azul.com/downloads/zulu-community/)) 204 - [Maven](https://maven.apache.org/install.html) 205 206 **Ubuntu / Debian** 207 208 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 209 210 ```bash 211 sudo apt install default-jdk maven 212 ``` 213 214 **Arch** 215 216 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 217 218 ```bash 219 sudo pacman -S jdk-openjdk maven 220 ``` 221 222 **macOS** 223 224 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 225 226 ```bash 227 brew install openjdk maven 228 ``` 229 230 **Windows** 231 232 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 233 234 ```bash 235 choco install microsoft-openjdk maven 236 ``` 237 238 </details> 239 240 <details> 241 <summary>Java with Gradle</summary> 242 243 - Java JDK >= 8 (1.8) (e.g. [OpenJDK](https://openjdk.java.net/install/) or 244 [Zulu](https://www.azul.com/downloads/zulu-community/)) 245 - [Gradle](https://gradle.org/install/) >= 6.1 246 247 **Ubuntu / Debian** 248 249 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 250 251 ```bash 252 sudo apt install default-jdk gradle 253 ``` 254 255 **Arch** 256 257 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 258 259 ```bash 260 sudo pacman -S jdk-openjdk gradle 261 ``` 262 263 **macOS** 264 265 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 266 267 ```bash 268 brew install openjdk gradle 269 ``` 270 271 **Windows** 272 273 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 274 275 ```bash 276 choco install microsoft-openjdk gradle 277 ``` 278 279 </details> 280 281 <details> 282 <summary>Android</summary> 283 284 **Info:** Currently cifuzz is **not** supporting fuzz tests running in an 285 emulator or on a device, it is still possible to run local tests. 286 You can find more information and an example at 287 the [cifuzz-gradle-plugin](https://github.com/CodeIntelligenceTesting/cifuzz-gradle-plugin) 288 repository. 289 290 - [Gradle](https://gradle.org/install/) >= 7.5 291 - [Android Gradle Plugin](https://developer.android.com/build) >= 7.4.2 292 293 </details> 294 295 <details> 296 <summary>Node.js</summary> 297 298 **Info:** Support for Node.js projects is still experimental and 299 hidden behind a feature flag. You can try it out by running: 300 301 ```bash 302 export CIFUZZ_PRERELEASE=1 303 ``` 304 305 - [Node.js](https://nodejs.org) >= 16.0 306 307 **Ubuntu / Debian** 308 309 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 310 311 ```bash 312 sudo apt install nodejs 313 ``` 314 315 **Arch** 316 317 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 318 319 ```bash 320 sudo pacman -S nodejs 321 ``` 322 323 **macOS** 324 325 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 326 327 ```bash 328 brew install nodejs 329 ``` 330 331 **Windows** 332 333 <!-- when changing this, please make sure it is in sync with the E2E pipeline --> 334 335 ```bash 336 choco install nodejs 337 ``` 338 339 </details> 340 341 ### Windows 342 343 In order to get font colors and glyphs to render properly install the 344 [Windows Terminal from the Microsoft Store](https://aka.ms/terminal). 345 Run `cifuzz` in `Developer PowerShell for VS 2022` inside of `Windows Terminal`. 346 347 ## Limitations 348 349 **Windows** 350 351 - C/C++ projects are only supported with CMake and fuzz tests cannot depend on shared libraries. 352 - Continuous code coverage is not supported for C/C++ projects. 353 354 ## Troubleshooting 355 356 If you encounter problems installing or running cifuzz, you can check [Troubleshooting](docs/Troubleshooting.md) 357 for possible solutions. 358 359 ## Contributing 360 361 Want to help improve cifuzz? Check out our [contributing documentation](CONTRIBUTING.md). 362 There you will find instructions for building the tool locally. 363 364 If you find an issue, please report it to cifuzz@code-intelligence.com.