[ https://issues.apache.org/jira/browse/COMPRESS-632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17785181#comment-17785181 ]
Robin Schimpf commented on COMPRESS-632: ---------------------------------------- Thanks [~yakovsh] for tackling this! > Improve fuzzing coverage in oss-fuzz > ------------------------------------ > > Key: COMPRESS-632 > URL: https://issues.apache.org/jira/browse/COMPRESS-632 > Project: Commons Compress > Issue Type: Improvement > Reporter: Robin Schimpf > Priority: Major > > Fuzzing the library brought great stability improvements in the last couple > releases. But the current integration in oss-fuzz has only a limited scope. > Fuzzing is only done on the following classes: > * SevenZFile > * TarFile > * ZipFile > Additionally those fuzzing tests only open the file and are not reading the > file content. > IMHO the tests should be expanded to cover the following: > * Fuzz all supported formats (stream based and file based) > * Read the whole fuzzed file > I don't know if it makes sense to also fuzz archive creation. The only thing > which might be worth there would be the ArchiveEntries since fuzzing the file > content seems useless. -- This message was sent by Atlassian Jira (v8.20.10#820010)