Add instructions on how to fuzz

[hrxi]

Fixes #2990.

[hrxi]

@personnumber3377 Does this work for you?

[personnumber3377]

Hi @hrxi !

I don't think that works, because you must enable the "fuzz" feature. See the source code in fuzz/src/bin/bitset.rs:

fn main() {
    #[cfg(feature = "fuzz")]
    afl::fuzz!(|data: &[u8]| {
        use nimiq_collections::BitSet;
        use nimiq_serde::Deserialize as _;
        let _ = BitSet::deserialize_from_vec(data);
    })
}

This line here: #[cfg(feature = "fuzz")] signifies that you must also specify the features "fuzz" . I compiled my fuzzers with cargo afl build --features "fuzz" and it works. I am not sure if the --release flag works. I haven't tested that yet. Those original commands in the new README.md file compile the binaries succesfully, but you don't get any coverage, because the afl::fuzz block is actually never executed if you do not compile with --features "fuzz". So instead of having just cargo afl build --release in the documentation, there should be cargo afl build --release --features "fuzz".

I also added some more fuzzers for example I added a fuzzer which fuzzes keypairs and contracts, but I am yet to find any bugs. I attached the source code to these fuzzers in fuzzer_sources.zip.

fuzzer_sources.zip

Edit: Yeah, I just confirmed that the --release flag should work when fuzzing.

[hrxi]

Thanks for noticing the missing --feature fuzz. I added that in the original PR to fix the CI, as the normal build does not like the AFL macros. I subsequently forgot that again when trying to document it now.

Thanks for writing additional fuzzers. Do you want to create a PR for them? Or would you like me to do that for you?