Add fuzzer #224
Add fuzzer #224
Conversation
|
I'm potentially interested, but would like to read about the software you're suggesting we implement. Where can I find documentation/examples/etc? I'd also like to see the output from the test before merging. Did it find anything? |
|
Yes, sure. Fuzzing - or fuzz testing - is a way of testing applications by passing pseudo-random test-inputs to a target application in the hope of discovering bugs and vulnerabilities. In the case of Clib, several thousands executions are performed every second with pseudo-random inputs. I recommend Kostya Serebryanys talk on LibFuzzer for a brief introduction to fuzzing and its advantages. |
There was a problem hiding this comment.
Somehow I missed your comment notification. Sorry about that! Thank you for the explanation, and for setting this up. I think that this sort of testing could help us out a lot.
I'd like to talk with the other maintainers and figure out what we'll do with the results. I won't hold this up anymore though!
This PR adds a fuzzer that targets clib_package_load_from_manifest.
The fuzzer can be run locally and I can confirm that it runs on oss-fuzz's infrastructure as well. I will be happy to setup an integration application into oss-fuzz if the maintainers of Clib are interested in running this fuzzer continuously and in fixing bugs if any should be found.
Integration into oss-fuzz is free, but bugs need to be fixed so that the resources spent on fuzzing Clib are put to good use. Oss-fuzz has a 90 day disclosure policy.