[ https://issues.apache.org/jira/browse/COMPRESS-632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17818499#comment-17818499 ]
Gary D. Gregory commented on COMPRESS-632: ------------------------------------------ Thanks [~yakovsh] ! > Improve fuzzing coverage in oss-fuzz > ------------------------------------ > > Key: COMPRESS-632 > URL: https://issues.apache.org/jira/browse/COMPRESS-632 > Project: Commons Compress > Issue Type: Improvement > Reporter: Robin Schimpf > Priority: Major > > Fuzzing the library brought great stability improvements in the last couple > releases. But the current integration in oss-fuzz has only a limited scope. > Fuzzing is only done on the following classes: > * SevenZFile > * TarFile > * ZipFile > Additionally those fuzzing tests only open the file and are not reading the > file content. > IMHO the tests should be expanded to cover the following: > * Fuzz all supported formats (stream based and file based) > * Read the whole fuzzed file > I don't know if it makes sense to also fuzz archive creation. The only thing > which might be worth there would be the ArchiveEntries since fuzzing the file > content seems useless. -- This message was sent by Atlassian Jira (v8.20.10#820010)