9

If a program is written in C, then it is worth it to fuzz it with something like afl since it might have memory-related bugs. But how about software written in Rust? Would a fuzzer still find bugs? Or are there no memory related bugs that could be found by a fuzzer?

Anders
  • 64,406
  • 24
  • 178
  • 215
user164700
  • 93
  • 2
  • 1
    Bugs in Rust can _absolutely_ be found with a fuzzer. Rust is more memory safe than C, but there is no such thing as a language that cannot have bugs. – forest Apr 13 '18 at 04:49

1 Answers1

3

Rust can't have direct memory issues. That being said, it can have indirect memory issues caused by external libraries.

Much more importantly, fuzzing can expose other types of bugs as well, so it is definitely useful to fuzz the program. Whether it is worth the setup time depends on your use case, but in most cases, it should be.

Peter Harmann
  • 7,728
  • 5
  • 20
  • 28