[Poppler-bugs] [Bug 106554] New: poppler: oss-fuzz integration
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Thu May 17 16:24:58 UTC 2018
https://bugs.freedesktop.org/show_bug.cgi?id=106554
Bug ID: 106554
Summary: poppler: oss-fuzz integration
Product: poppler
Version: unspecified
Hardware: Other
OS: All
Status: NEW
Severity: normal
Priority: medium
Component: general
Assignee: poppler-bugs at lists.freedesktop.org
Reporter: pdknsk at gmail.com
Created attachment 139615
--> https://bugs.freedesktop.org/attachment.cgi?id=139615&action=edit
cpp
I'm interested if you're interested in having poppler integrated into oss-fuzz.
In case you're not familiar with it, it's a Google-sponsored project for
continuous fuzzing of OSS.
https://github.com/google/oss-fuzz
You may have noticed that I reported a few bugs recently, which were found in
preparation for possible oss-fuzz integration.
You don't really have to do anything, other than give an email address (or
multiple) with are then CC'd to bug reports found by the fuzzing system. (Only
project owners can be CC'd.)
oss-fuzz reports the bugs on its own bug tracker, rather than the project's bug
tracker. When a bug is fixed, oss-fuzz detects this automatically and closes
the bug report.
https://bugs.chromium.org/p/oss-fuzz/issues/list
Possible optional future steps would be to host the fuzz target directly in the
poppler repo (so that you can modify it yourself directly, rather than
submitting PRs through GitHub). Or the addition of more fuzz targets. I only
went with the cpp API so far, as it seems the easiest to integrate.
A fuzz target is just a single source file. As an example, I'm attaching the
fuzz target for the cpp API I've been using.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/poppler-bugs/attachments/20180517/aed3a9b2/attachment.html>
More information about the Poppler-bugs
mailing list