vishalcoc44 commented on PR #1025: URL: https://github.com/apache/poi/pull/1025#issuecomment-4056696750
> _FYI, I am working on Apache POI in my free time without payment and thus will usually not respond immediately on PR-updates. Please do not ping me repeatedly on PRs._ > > In general we should try to NOT add more and more fuzz-targets as oss-fuzz has quite some overhead per fuzz-target, e.g. fuzz-introspection runs for a very long time and each new target increases runtime considerably, leading to timeouts and failed runs. > > We will need to actually look at ways to combine some fuzzers or somehow else speed up fuzz-introspection runs at oss-fuzz considerably. > > Maybe we can get first rid of the POI(H|X)...Fuzzer classes as POIFileHandlerFuzzer already covers all formats in one go? Downside is that more specific fuzzing is still more effective... ?!? Reduced overhead by removing 15 format-specific fuzzers that are already covered by POIFileHandlerFuzzer. Keep only essential fuzzers: - POIFileHandlerFuzzer (handles all formats) - POIFuzzer - WorkbookEvaluatorFuzzer - FormulaParserFuzzer - POIRleFuzzer - EncryptDecryptFuzzer - FuzzerRunner (new base class) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
