Robin Schimpf created COMPRESS-632:
--------------------------------------
Summary: Improve fuzzing coverage in oss-fuzz
Key: COMPRESS-632
URL: https://issues.apache.org/jira/browse/COMPRESS-632
Project: Commons Compress
Issue Type: Improvement
Reporter: Robin Schimpf
Fuzzing the library brought great stability improvements in the last couple
releases. But the current integration in oss-fuzz has only a limited scope.
Fuzzing is only done on the following classes:
* SevenZFile
* TarFile
* ZipFile
Additionally those fuzzing tests only open the file and are not reading the
file content.
IMHO the tests should be expanded to cover the following:
* Fuzz all supported formats (stream based and file based)
* Read the whole fuzzed file
I don't know if it makes sense to also fuzz archive creation. The only thing
which might be worth there would be the ArchiveEntries since fuzzing the file
content seems useless.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
