You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What do you think about setting up OSS-Fuzz for this project?
Given that aircompressor uses sun.misc.Unsafe quite a lot, it is probably important that all of this usage is safe since otherwise the JVM could crash, or worse. OSS-Fuzz might be able to help find issues with that.
For Zstd it might be necessary to add a hook to disable checksum verification, otherwise fuzzing might not be that effective there, see jazzer documentation for some information. I don't have any experience with that yet.
Fuzzing with OSS-Fuzz / jazzer might not support detecting out-of-bounds Unsafe reads and writes yet though, see CodeIntelligenceTesting/jazzer#891.
The text was updated successfully, but these errors were encountered:
What do you think about setting up OSS-Fuzz for this project?
Given that aircompressor uses
sun.misc.Unsafequite a lot, it is probably important that all of this usage is safe since otherwise the JVM could crash, or worse. OSS-Fuzz might be able to help find issues with that.I assume aircompressor fulfills the requirements to be included into OSS-Fuzz, but that can also be clarified with the maintainers beforehand.
For Zstd it might be necessary to add a hook to disable checksum verification, otherwise fuzzing might not be that effective there, see jazzer documentation for some information. I don't have any experience with that yet.
Fuzzing with OSS-Fuzz / jazzer might not support detecting out-of-bounds
Unsafereads and writes yet though, see CodeIntelligenceTesting/jazzer#891.The text was updated successfully, but these errors were encountered: