1. Documentation
  2. Fuzzing C/C++
  3. Finding your first bug in C++

Findings for C++

Once the fuzzer starts finding bugs, click on “All Findings” on the top left corner of the dashboard sidebar menu to get to the list of all findings that have been found so far.

findings_menu

Here, you will be able to follow bugs and vulnerabilities in your project.

all_findings

Clicking on one of these will open a detailed overview of the finding, with further information on the severity of the bug and useful resources regarding the type of bug.

03-1

To inspect the bug, CI Fuzz offers fuzzing debug functionality. To debug the erroneous code with the fuzzing input that caused the crash, simply click on the “Debug” button on the top right of the Bug Detail View. This will open VS Code’s integrated debugger on the fuzz target and load the input that caused the crash. With this functionality, you are able to interactively replay what the fuzzer did and easily understand why the code is buggy.