Robin Schimpf created COMPRESS-632: -------------------------------------- Summary: Improve fuzzing coverage in oss-fuzz Key: COMPRESS-632 URL: https://issues.apache.org/jira/browse/COMPRESS-632 Project: Commons Compress Issue Type: Improvement Reporter: Robin Schimpf
Fuzzing the library brought great stability improvements in the last couple releases. But the current integration in oss-fuzz has only a limited scope. Fuzzing is only done on the following classes: * SevenZFile * TarFile * ZipFile Additionally those fuzzing tests only open the file and are not reading the file content. IMHO the tests should be expanded to cover the following: * Fuzz all supported formats (stream based and file based) * Read the whole fuzzed file I don't know if it makes sense to also fuzz archive creation. The only thing which might be worth there would be the ArchiveEntries since fuzzing the file content seems useless. -- This message was sent by Atlassian Jira (v8.20.10#820010)