OSS-Fuzz integration
Posted: Thu Sep 21, 2023 10:17 am
Hi all,
Just enquiring to see if there is interest with regards to integrating this project into OSS-Fuzz? this would allow continuous testing of this project in order to identify memory corruption vulnerabilities using google's infrastructure with no monetary cost to this project. Google's OSS-Fuzz has identified 10,000 vulnerabilities and 36,000 bugs in 1000 open source projects as per https://google.github.io/oss-fuzz/#trophies. The process can be seen at https://google.github.io/oss-fuzz/architecture/ and I'm willing to integrate this project into OSS-Fuzz and write harnesses to test key functionalities of this project.
If this is something that everyone would like to see could you please let me know and provide me with an email or two in order to receive new issues found via fuzzing? I'm also happy to support with writing patches for any issues found.
Just enquiring to see if there is interest with regards to integrating this project into OSS-Fuzz? this would allow continuous testing of this project in order to identify memory corruption vulnerabilities using google's infrastructure with no monetary cost to this project. Google's OSS-Fuzz has identified 10,000 vulnerabilities and 36,000 bugs in 1000 open source projects as per https://google.github.io/oss-fuzz/#trophies. The process can be seen at https://google.github.io/oss-fuzz/architecture/ and I'm willing to integrate this project into OSS-Fuzz and write harnesses to test key functionalities of this project.
If this is something that everyone would like to see could you please let me know and provide me with an email or two in order to receive new issues found via fuzzing? I'm also happy to support with writing patches for any issues found.