Jul 25, 2020
Trying to fuzz a type that is defined with pub(crate) visibility using
cargo-fuzz
Found this nice tip from @CecileTonglet
and later in the thread:
The difference between the tests/ directory outside the src/ and the tests modules inside the src/ is that in the latter your tests are inside the crate and can access everything. While if you make a tests/ directory it is like a separate crate
This helped me to understand better how & why to use pub(crate).
For a directory tree like:
.
├── Cargo.toml
└─ src
├── config.rs
└── snacks
├── mod.rs
├── pizza.rs
└── tacos.rs
a type within tacos.rs can be marked like:
tacos.rs
pub(crate) struct Tacos {}
impl Tacos {}
and be reachable or visible to its crate but kept private from the external use
via its use in mod.rs
mod.rs
mod tacos;
use tacos::Tacos;
My goal is to target a private type that is exposed with pub(crate) for fuzzing. However fuzzing internal types isn’t supported natively. Here’s an issue I found asking
about the same thing:
https://github.com/rust-fuzz/cargo-fuzz/issues/156
The only way I know of would be to have cfg blocks on the visibility keywords so they’re conditionally public or private
This seems to be the best option available to me for this specific case. Another
approach is simply exposing internal modules like
rustls which exposes “private” fuzzing targets
under an internal module. The downsides are that it loses the benefit of
rust’s privacy/visibility features.