On 2 Apr 2024, at 21:35, Gary Gregory <garydgreg...@gmail.com> wrote:
> Not really. How would you generate a corrupted zip file? Or a file that was > generated by a fuzzer? You would generate the corrupted zip file as part of the test. Perhaps you generated a valid zip file, and then the test code would corrupt the file in a given way. “File generated by a fuzzer” would be super suspicious. In short, bytes need provenance. Regards, Graham — --------------------------------------------------------------------- To unsubscribe, e-mail: security-discuss-unsubscr...@community.apache.org For additional commands, e-mail: security-discuss-h...@community.apache.org