You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have been working on setting up continuous fuzzing for kraken through OSS-fuzz.
A draft integration application has been set up here: google/oss-fuzz#5401 including two fuzzers to get things started.
For those unfamiliar with OSS-fuzz: OSS-fuzz is a service offered by Google that provides the necessary resources and infrastructure to run fuzzers continuously for critical open source projects. If bugs are found, reports are sent out to everyone on the mailing list who can then view a more detailed report that includes stack trace and reproducer test case. The service is free and is offered with an implied expectation that bugs are fixed, so that the resources spent on fuzzing kraken go towards resolving bugs.
To finish the integration, a maintainers email address is needed on the OSS-fuzz side.
For those unfamiliar with fuzzing: Fuzzing is a way of testing software whereby pseudo-random data is passed to a target application with the goal of finding bugs and vulnerabilities. OSS-fuzz has found thousands of bugs in open source software projects including many golang projects.
The text was updated successfully, but these errors were encountered:
Hello,
I have been working on setting up continuous fuzzing for kraken through OSS-fuzz.
A draft integration application has been set up here: google/oss-fuzz#5401 including two fuzzers to get things started.
For those unfamiliar with OSS-fuzz: OSS-fuzz is a service offered by Google that provides the necessary resources and infrastructure to run fuzzers continuously for critical open source projects. If bugs are found, reports are sent out to everyone on the mailing list who can then view a more detailed report that includes stack trace and reproducer test case. The service is free and is offered with an implied expectation that bugs are fixed, so that the resources spent on fuzzing kraken go towards resolving bugs.
To finish the integration, a maintainers email address is needed on the OSS-fuzz side.
For those unfamiliar with fuzzing: Fuzzing is a way of testing software whereby pseudo-random data is passed to a target application with the goal of finding bugs and vulnerabilities. OSS-fuzz has found thousands of bugs in open source software projects including many golang projects.
The text was updated successfully, but these errors were encountered: