[
https://issues.apache.org/jira/browse/COMPRESS-632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17818499#comment-17818499
]
Gary D. Gregory commented on COMPRESS-632:
------------------------------------------
Thanks [~yakovsh] !
> Improve fuzzing coverage in oss-fuzz
> ------------------------------------
>
> Key: COMPRESS-632
> URL: https://issues.apache.org/jira/browse/COMPRESS-632
> Project: Commons Compress
> Issue Type: Improvement
> Reporter: Robin Schimpf
> Priority: Major
>
> Fuzzing the library brought great stability improvements in the last couple
> releases. But the current integration in oss-fuzz has only a limited scope.
> Fuzzing is only done on the following classes:
> * SevenZFile
> * TarFile
> * ZipFile
> Additionally those fuzzing tests only open the file and are not reading the
> file content.
> IMHO the tests should be expanded to cover the following:
> * Fuzz all supported formats (stream based and file based)
> * Read the whole fuzzed file
> I don't know if it makes sense to also fuzz archive creation. The only thing
> which might be worth there would be the ArchiveEntries since fuzzing the file
> content seems useless.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
