I'm one of the PMC members already in our oss-fuzz project. Please feel free to add commons-math!
On Thu, Jul 21, 2022 at 3:23 PM Bruno Kinoshita <brunodepau...@gmail.com> wrote: > > Hi > > There is an oss-fuzz project for commons where multiple modules are hosted > (I am sure Imaging is there, and I think Compress too). > > It is a single project with fuzzers for different components. > > I think it may be simpler to add your new fuzzer there. That project had > some changes in the reporting policy to adapt to ASF Commons release > practices too. > > Cheers > Bruno > > On Fri, 22 Jul 2022, 7:59 am Alonso Schaich, <scha...@code-intelligence.com> > wrote: > > > Hi all, > > > > I have prepared the initial integration of commons-math into google > > oss-fuzz<https://github.com/google/oss-fuzz> in > > https://github.com/CodeIntelligenceTesting/oss-fuzz/commit/94cfd612612dde84388322391bf612dd348cf810 > > . This will enable continuous fuzzing of this project, which will be > > conducted by Google. Bugs that will be found by fuzzing will be reported to > > you. After the initial integration of this project into oss-fuzz, I will > > continue to add additional fuzz tests to improve the code coverage over > > time. > > > > > > The integration requires a primary contact, someone to deal with the bug > > reports submitted by oss-fuzz. The email address needs to belong to an > > established project committer and be associated with a Google account as > > per > > https://google.github.io/oss-fuzz/getting-started/accepting-new-projects/ > > . When a bug is found, you will receive an email that will provide you with > > access to ClusterFuzz, crash reports, and fuzzer statistics. More than 1 > > person can be included. Please let me know who I should include, if anyone. > > > > Jazzer<https://github.com/CodeIntelligenceTesting/jazzer> ( > > https://github.com/CodeIntelligenceTesting/jazzer) is used for fuzzing > > Java applications. Jazzer is a coverage-guided, in-process fuzzer for the > > JVM platform developed by Code Intelligence. It is based on libFuzzer and > > brings many of its instrumentation-powered mutation features to the JVM. > > Jazzer has already found several bugs in JVM applications: > > https://github.com/CodeIntelligenceTesting/jazzer#findings > > > > [ > > https://repository-images.githubusercontent.com/333867901/e8c8cf80-6b8c-11eb-90ee-13efd7719871 > > ]<https://github.com/CodeIntelligenceTesting/jazzer> > > CodeIntelligenceTesting/jazzer: Coverage-guided, in-process fuzzing for > > the JVM - GitHub<https://github.com/CodeIntelligenceTesting/jazzer> > > Jazzer. Jazzer is a coverage-guided, in-process fuzzer for the JVM > > platform developed by Code Intelligence.It is based on libFuzzer and brings > > many of its instrumentation-powered mutation features to the JVM.. The JVM > > bytecode is executed inside the fuzzer process, which ensures fast > > execution speeds and allows seamless fuzzing of native libraries. > > github.com > > > > > > > > Please let me know if you have any questions regarding fuzzing or the > > oss-fuzz integration. > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
