Fuzz Targets can be created manually with CI Fuzz. To do so, click on the “Add Fuzz Test” button in the sidebar menu.
Click on API Fuzz Test to create a Fuzz Test which targets a function call.
Create the fuzz target by filling out the “New API Fuzz Test” Form.
Target Name is a name that you can chose to identify the fuzz test.
Select the Programming Language you want to fuzz. If you want to fuzz a C Library you can also create a C++ Fuzz target in order to make use of C++ features in the fuzz test itself. Just remember to surround the C function calls with
extern "C" (see the official Documentation on how to mix C and C++)
Run arguments will be passed to the fuzzer during runtime. Most of the time these can stay empty
The Build Flags are important for the compilation of the fuzz target. With “Fuzz This Function” these would be filled out automatically for you. With Manual Fuzz Target Creation you have to fill in the include paths
-I, library paths
-L and libraries
-l needed to build the fuzz target. Enter one Build flag per line, like this example for cppcms:
-Ibuild -Ibooster -Isrc -Iprivate -Icppcms_boost -Ibuild/booster -I. -Lbuild -lpthread -lpcre -licuuc -licui18n -licudata -ldl -lcppcms
After saving the fuzz target configuration, click on the fuzz test you created in the Fuzz Tests sidebar.
Then click on “Open Source Code” to edit the fuzz target.