Appendix F. Fuzzing
Testing plays a crucial role in software development. We've already explored unit tests, test-driven development, and benchmarks, and in this appendix, we will introduce fuzz testing.
F.1 A new testing method
Fuzzing is a testing technique where smartly generated random input data is fed into the function under test. Fuzzers try to guess what input will cover new code paths. Fuzz tests complement traditional unit tests rather than replace them. They are particularly powerful for uncovering new bugs, crashes, and edge cases that might be missed otherwise. Fuzz testing was introduced in Go 1.18 as a built-in feature of the standard toolbox, simplifying our developer's life. In real-world applications, fuzzing is instrumental in discovering critical issues such as security vulnerabilities, SQL injection flaws, and other potential breaches that could be exploited by malicious actors. By rigorously testing your code with a wide range of inputs, you ensure not only its correctness but also its resilience against real-world attacks. Fuzzing is also an amazing tool to ensure that two functions behave the same for identical inputs, which is great when we have to refactor some code and write a new version of a function.
F.2 How does it work
Writing a fuzz test is straightforward: we replace *testing.T with *testing.F.