General-purpose fuzzing has come into the public eye, with many researchers developing new fuzzers to improve on the state of the art. LIBAFL, developed by the group which originally made AFL++, offers researchers the ability to develop fuzzers at a component level, allowing researchers to simply develop their own components rather than modifying an existing fuzzer. This allows for more straightforward comparisons of fuzzers, allowing researchers to experiment with the removal and addition of individual components, without compromising on the flexibility of fuzzer development. To demonstrate this flexibility and offer alternative frontends to the community, we developed two fuzzers: LIBAFL_LIBFUZZER and AFLRUSTRUST, the former of which is discussed here as a drop-in replacement for LIBFUZZER and the latter in a sister report as a drop-in replacement for AFL++. We find that LIBAFL_LIBFUZZER performed very well on the coverage benchmarks while struggling with the bug-based benchmarks conducted in the SBFT fuzzing competition, and discover and analyse which fuzzer features and bugs led to this underperformance.
IEEE/ACM International Workshop on Search-Based and Fuzz Testing (SBFT)
2023-05-14
2024-05-22