OSS-Fuzz, Google’s open source fuzzing service, now supports fuzzing applications written in Lua. Open source projects written in Lua language can add their project to OSS-Fuzz by following the documentation [1].
The Google Open Source Security team helped to integrate luzer library [2] with OSS-Fuzz. Thanks to their support and help with integration, open source projects written in Lua language can now use OSS-Fuzz for continuous fuzzing.
luzer allows users to fuzz code written in Lua language with libFuzzer, as they already can for code written in C/C++. It does this by providing code coverage feedback from the hook mechanism of the `debug` library in Lua to libFuzzer. luzer already supports important libFuzzer features such as:
- FuzzedDataProvider for fuzzing code that…
OSS-Fuzz, Google’s open source fuzzing service, now supports fuzzing applications written in Lua. Open source projects written in Lua language can add their project to OSS-Fuzz by following the documentation [1].
The Google Open Source Security team helped to integrate luzer library [2] with OSS-Fuzz. Thanks to their support and help with integration, open source projects written in Lua language can now use OSS-Fuzz for continuous fuzzing.
luzer allows users to fuzz code written in Lua language with libFuzzer, as they already can for code written in C/C++. It does this by providing code coverage feedback from the hook mechanism of the `debug` library in Lua to libFuzzer. luzer already supports important libFuzzer features such as:
- FuzzedDataProvider for fuzzing code that doesn’t accept raw bytes.
- Evaluation of code coverage based on 8-bit edge counters.
- Minimization of crashing inputs.
Check out luzer documentation [3] to get started and the more detailed post about integration [4].