Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Php Fuzzer
Assessments

Php Fuzzer Laravel Package

nikic/php-fuzzer

A coverage-guided fuzzing tool for PHP that helps uncover crashes, assertion failures, and security bugs in PHP itself and extensions. Uses AFL-style instrumentation and supports running targets under various sanitizers for fast, automated bug hunting.

View on GitHub
Deep Wiki
Context7

Getting Started

Start by installing nikic/php-fuzzer via Composer (composer require --dev nikic/php-fuzzer) and creating a minimal fuzzer script—typically a small callable that accepts a string input and passes it to the target function or library. For example:

<?php
require 'vendor/autoload.php';

use Fuzzer\Runner;

$runner = new Runner();
$runner->fuzz(function (string $input): void {
    // Target code under test — e.g., a parser
    try {
        my_parser($input);
    } catch (Throwable $e) {
        // Fuzzer ignores exceptions unless configured otherwise
    }
});

Then run it from the CLI: php fuzz.php. By default, it runs indefinitely, logging any crashes or fatal errors. The first use case is verifying that your parser or extension handles malformed input gracefully.

Implementation Patterns

  • Target-Centric Design: Write a thin wrapper around your code (e.g., json_decode, a custom tokenizer) and let the fuzzer feed it arbitrary strings, binary data, or truncated payloads.
  • Seed-Based Fuzzing: Provide initial seed inputs (e.g., valid JSON, valid XML snippets) to steer the fuzzer toward meaningful paths: 
    $runner->fuzz($callback, [
    'seeds' => ['{ "key": "value" }', '[1,2,3]', ''],
]);
  • Integration with CI: Run short, deterministic fuzzing sessions (e.g., 10k iterations) during pre-commit checks using a custom command.
  • Custom Corpus Management: Use --corpus to save discovered inputs that trigger new execution paths, enabling iterative refinement.

Gotchas and Tips

  • No Output Redirection: The fuzzer suppresses most output unless a crash occurs—ensure your target code writes to logs or uses error_log() for debugging.
  • Timeouts & Memory Limits: Long-running fuzzing sessions may hit PHP’s max_execution_time or memory limits. Use CLI-specific settings (php -d max_execution_time=0) or wrap in pcntl_fork() for isolation.
  • Crash Reproduction: When a crash occurs, the fuzzer logs a reproducible input—save this and feed it directly to your script in a debugger (gdb -- php test_repro.php).
  • Extension Stability Testing: Pair with --ext=... to test specific extensions (e.g., curl, intl) by constructing inputs that trigger extension functions in edge cases.
  • False Positives: Not every crash is actionable—exclude known safe failures (e.g., E_WARNING in parse_url() on invalid URIs) using custom exception handlers or try/catch with ignore_warnings settings.
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
davejamesmiller/laravel-breadcrumbs
artisanry/parsedown
christhompsontldr/phpsdk
enqueue/dsn
bunny/bunny
enqueue/test
enqueue/null
enqueue/amqp-tools
bower-asset/punycode
bower-asset/inputmask
bower-asset/jquery
bower-asset/yii2-pjax
laravel/nova
spatie/laravel-mailcoach
spatie/laravel-superseeder
laravel/liferaft
nst/json-test-suite
danielmiessler/sec-lists
jackalope/jackalope-transport
twbs/bootstrap4