Trail of Bits Blog
Follow
Go fuzzing was missing half the toolkit. We forked the toolchain to fix it.
Go's native fuzzing lacks advanced features found in Rust, C, and C++ ecosystems, failing to detect common bugs like integer overflows and goroutine leaks. To address these limitations, gosentry was developed as a fuzzing-oriented fork of the Go toolchain. Gosentry integrates LibAFL, enabling native struct fuzzing, grammar-based fuzzing with Nautilus, and detection of previously missed bug classes. It maintains the standard testing.F workflow, allowing existing Go fuzz harnesses to be used with new command-line flags. Gosentry enhances input quality through struct-aware fuzzing, handling composite types like structs, slices, and pointers. It also supports grammar-based fuzzing, where Nautilus generates and mutates grammar-valid inputs for complex structures like JSON. The tool identifies various bad behaviors that Go's vanilla fuzzer would miss, including integer overflows, data races, goroutine leaks, and execution timeouts. By capturing the fuzz callback and running it through a Rust-based LibAFL runner, gosentry improves the fuzzing engine, scheduling, and detectors. It has already uncovered significant bugs in projects like Optimism and Revm that would be difficult to find with native Go fuzzing. The project is open-source on GitHub, providing comprehensive documentation for all its features.
