kotlinx.fuzz is a general purpose fuzzing library for Kotlin. The library provides basic functionality:
- Simple API for writing fuzz tests
- Gradle plugin that provides an easy way of configuring the fuzzer, running it, and generating reports
- Custom JUnit engine that handles interactions with the fuzzing engine and allows for easy integration with IDE
- Integration with Jazzer as the main fuzzing engine for now
Currently, kotlinx.fuzz works only for JVM and requires JDK 17+ (will be updated to JDK 8+ in the future releases).
- Add PLAN lab maven repository to your gradle config:
build.gradle.kts:
repositories {
maven(url = "https://plan-maven.apal-research.com")
}settings.gradle.kts:
pluginManagement {
repositories {
maven(url = "https://plan-maven.apal-research.com")
}
}- Add
kotlinx.fuzzas a dependency:
dependencies {
testRuntimeOnly("org.jetbrains:kotlinx.fuzz.jazzer:0.1.0")
}- Apply
kotlinx.fuzzplugin to your project:
plugins {
id("kotlinx.fuzz.gradle") version "0.1.0"
}- Configure plugin:
fuzzConfig {
instrument = listOf("org.example.**")
maxSingleTargetFuzzTime = 10.seconds
}- Write your fuzz tests:
package org.example
import kotlinx.fuzz.KFuzzTest
import kotlinx.fuzz.KFuzzer
object ExampleTest {
@KFuzzTest
fun foo(data: KFuzzer) {
if (data.int() % 2 == 0) {
if (data.int() % 3 == 2) {
if (data.int() % 31 == 11) {
throw IllegalArgumentException()
}
}
}
}
}- Run fuzzer:
~/example » ./gradlew fuzz 1 ↵
> Task fuzz
SampleTarget > public final void org.example.ExampleTest.foo(kotlinx.fuzz.KFuzzer) FAILED
java.lang.IllegalArgumentException
at org.example.ExampleTest.foo(ExampleTest.kt:12)- Check the fuzzing report in
build/fuzz
You can see more examples of kotlinz.fuzz usage in kotlinx.fuzz.test
kotlinx.fuzz uses Jazzer as the main fuzzing engine, but also introduces several new key features:
- Improved and simplified API
- Gradle plugin that integrates all the fuzzing-related tasks into your build system
- Improved crash deduplication algorithm
- Improved regression mode
Trophy list can be found here