Download
OSS-Fuzz-Gen is a companion project that helps automatically create or improve fuzz targets for open-source codebases, aiming to increase coverage in OSS-Fuzz with minimal maintainer effort. It analyses a library’s APIs, examples, and tests to propose harnesses that exercise parsers, decoders, or protocol handlers—precisely the code where fuzzing pays off. The system integrates with modern LLM-assisted workflows to draft harness code and then iterates based on build errors or low coverage signals. Importantly, it aligns with OSS-Fuzz conventions, generating corpus seeds, build rules, and sanitizer settings so projects can plug in quickly. Reports highlight what functions were targeted, how coverage evolved, and where manual hints could unlock more paths. The goal is pragmatic: shrink the gap between “we should fuzz this” and “we have robust fuzzing running in CI,” especially for understaffed maintainers.
Features
- Automated fuzz harness generation aligned with OSS-Fuzz conventions
- LLM-assisted iteration to fix builds and improve coverage
- Seed corpus creation and sanitizer-ready build configurations
- Coverage reports that pinpoint gaps and next best targets
- Minimal maintainer overhead with reproducible scripts and PR artifacts
- Works across many languages and parser-heavy libraries
Project Samples
