trophy-case

🏆 Collection of bugs uncovered by fuzzing Rust code (by rust-fuzz)
Add to my DEV experience fuzz-testing Fuzzing Rust Trophies
Source Code
trophy-case Reviews
Suggest alternative
Edit details
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
Sponsored

Trophy-case Alternatives

Similar projects and alternatives to trophy-case

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better trophy-case alternative or higher similarity.
Suggest an alternative to trophy-case

trophy-case reviews and mentions

Posts with mentions or reviews of trophy-case. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-01-16.
  • Rust from a security perspective, where is it vulnerable?
    6 projects | /r/rust | 16 Jan 2023
    You could check cargo-fuzz trophy case, which is a list of issues that have been found via fuzzing.
  • capnproto-rust: out-of-bound memory access bug
    4 projects | /r/rust | 30 Nov 2022
    I've added it to the trophy case.
  • [LWN] A pair of Rust kernel modules
    1 project | /r/linux | 14 Sep 2022
    That said, what's present in what quantities under what circumstances in the Rust fuzzing trophy case does a pretty good job of illustrating how effective the Rust compiler is at ruling out entire classes of bugs.
  • Looking for simple rust programs to crash
    9 projects | /r/rust | 25 Jul 2022
    The same fuzzing techniques applied to Rust yielded a lot of bugs as well. But in Rust's case only 7 out of 340 fuzzer-discovered bugs, or 2%, were memory corruption issues. Naturally, all of the memory corruption bugs were in unsafe code.
  • Everything Is Broken: Shipping rust-minidump at Mozilla, Part 1
    1 project | /r/rust | 15 Jun 2022
    https://github.com/rust-fuzz/trophy-case has like 70 of my issues in it, including the nine minidump bugs
  • Fuzzcheck (a structure-aware Rust fuzzer)
    4 projects | /r/rust | 26 Feb 2022
    If you have found any bugs with this tool, perhaps add them to the Rust fuzz trophy case?
  • Rust is more portable than C for pngquant/libimagequant
    7 projects | /r/rust | 4 Jan 2022
    Source: https://github.com/rust-fuzz/trophy-case (over 40 of those are just from me).
  • Rust takes a major step forward as Linux's second official language
    17 projects | /r/programming | 7 Dec 2021
    But to bring some data, check out the fuzz trophy case. It shows that failures in Rust are most often assertions/panics (equivalent to C++ exception) with memory corruption being relatively rare (it's not never—Rust isn't promising magic—but it's a significant change).
  • Shouldn't have happened: A vulnerability postmortem
    11 projects | news.ycombinator.com | 1 Dec 2021
    You need to read the list more carefully.

    • The list is not for Rust itself, but every program every written in Rust. By itself it doesn't mean much, unless you compare prevalence of issues among Rust programs to prevalence of issues among C programs. For some context, see how memory unsafety is rare compared to assertions and uncaught exceptions: https://github.com/rust-fuzz/trophy-case

    • Many of the memory-unsafety issues are on the C FFI boundary, which is unsafe due to C lacking expressiveness about memory ownership of its APIs (i.e. it shows how dangerous is to program where you don't have the Rust borrow checker checking your code).

    • Many bugs about missing Send/Sync or evil trait implementations are about type-system loopholes that prevented compiler from catching code that was already buggy. C doesn't have these guarantees in the first place, so lack of them is not a CVE for C, but just how C is designed.

  • Safer usage of C++ in Chrome
    1 project | /r/rust | 9 Sep 2021
  • A note from our sponsor - InfluxDB
    www.influxdata.com | 24 Apr 2024
    Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Stats

Basic trophy-case repo stats
14
392
2.8
16 days ago

rust-fuzz/trophy-case is an open source project licensed under Creative Commons Zero v1.0 Universal which is not an OSI approved license.

Popular Comparisons

  1. trophy-case VS diem
  2. trophy-case VS go-fuzz
  3. trophy-case VS gccrs
  4. trophy-case VS BLAKE3
  5. trophy-case VS bitwarden_rs
  6. trophy-case VS go
  7. trophy-case VS rustc_codegen_gcc
  8. trophy-case VS mrustc
  9. trophy-case VS cryptography
  10. trophy-case VS Poetry

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com