parrt
commented
2 years ago Hi @vargen! Are you associated with oss-fuzz? thanks!
Open vargen opened 2 years ago
parrt
commented
2 years ago Hi @vargen! Are you associated with oss-fuzz? thanks!
vargen
commented
2 years ago Hi @parrt. In a sense, yes. I have been onboarding various projects into oss-fuzz at their request for the past few months.
parrt
commented
2 years ago ok, maybe email directly and I'll respond with my gmail account?
vargen
commented
2 years ago Sent
DavidKorczynski
commented
2 years ago @parrt could you also address this one? https://github.com/antlr/antlr4/issues/3143 Difference being one is java (this) the other is c++
Hi all,
I have prepared the initial integration of antrl4 into google oss-fuzz. This will enable continuous fuzzing of this project, which will be conducted by Google. Bugs that will be found by fuzzing will be reported to you. After the initial integration of this project into oss-fuzz, I will continue to add additional fuzz tests to improve the code coverage over time.
The integration requires a primary contact, someone to deal with the bug reports submitted by oss-fuzz. The email address needs to belong to an established project committer and be associated with a Google account as per here. When a bug is found, you will receive an email that will provide you with access to ClusterFuzz, crash reports, and fuzzer statistics. More than 1 person can be included. Please let me know who I should include, if anyone.
Jazzer is used for fuzzing Java applications. Jazzer is a coverage-guided, in-process fuzzer for the JVM platform developed by Code Intelligence. It is based on libFuzzer and brings many of its instrumentation-powered mutation features to the JVM. Jazzer has already found several bugs in JVM applications: Jazzer Findings
Please let me know if you have any questions regarding fuzzing or the oss-fuzz integration.