Dae Glendowne created CODEC-304:
-----------------------------------
Summary: Integrating commons-codec into oss-fuzz
Key: CODEC-304
URL: https://issues.apache.org/jira/browse/CODEC-304
Project: Commons Codec
Issue Type: Improvement
Reporter: Dae Glendowne
Hi all,
I have prepared the [initial
integration|https://github.com/CodeIntelligenceTesting/oss-fuzz/commit/9d9688506ece632f8afce7c036591db6f826f392]
of commons-codec into [google oss-fuzz|https://github.com/google/oss-fuzz].
This will enable continuous fuzzing of this project, which will be conducted by
Google. Bugs that will be found by fuzzing will be reported to you. After the
initial integration of this project into oss-fuzz, I will continue to add
additional fuzz tests to improve the code coverage over time.
The integration requires a primary contact, someone to deal with the bug
reports submitted by oss-fuzz. The email address needs to belong to an
established project committer and be associated with a Google account as per
[here|https://google.github.io/oss-fuzz/getting-started/accepting-new-projects/].
When a bug is found, you will receive an email that will provide you with
access to ClusterFuzz, crash reports, and fuzzer statistics. More than 1 person
can be included. Please let me know who I should include, if anyone.
Jazzer is used for fuzzing Java applications.
[Jazzer|https://github.com/CodeIntelligenceTesting/jazzer] is a
coverage-guided, in-process fuzzer for the JVM platform developed by Code
Intelligence. It is based on libFuzzer and brings many of its
instrumentation-powered mutation features to the JVM. Jazzer has already found
several bugs in JVM applications: [Jazzer
Findings|https://github.com/CodeIntelligenceTesting/jazzer#findings]
Please let me know if you have any questions regarding fuzzing or the oss-fuzz
integration.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
