This adds fuzzing by way of ClusterFuzzLite, which is a GitHub action that will perform a short amount of fuzzing for new PRs. The goal is to use fuzzing to catch bugs that may be introduced by new PRs.
I added a fuzzer that targets ParserX::Eval parsing logic, and currently set the timeout of CFLite to 180 seconds. CFLite will flag if the fuzzer finds any issues in the code introduced by a PR.
To reproduce this set up the way ClusterFuzzLite does it (by way of OSS-Fuzz) you can do:
git clone https://github.com/google/oss-fuzz
git clone https://github.com/DavidKorczynski/muparserx
cd muparserx
git checkout clusterfuzzlite
# Build the fuzzers in .clusterfuzzlite
python3 ../oss-fuzz/infra/helper.py build_fuzzers --external $PWD
# Run the fuzzer for 10 seconds
python3 ../oss-fuzz/infra/helper.py run_fuzzer --external $PWD parser_fuzzer-- -max_total_time=10
beltoforion
commented
11 months ago
This adds fuzzing by way of ClusterFuzzLite, which is a GitHub action that will perform a short amount of fuzzing for new PRs. The goal is to use fuzzing to catch bugs that may be introduced by new PRs.
I added a fuzzer that targets
ParserX::Evalparsing logic, and currently set the timeout of CFLite to 180 seconds. CFLite will flag if the fuzzer finds any issues in the code introduced by a PR.To reproduce this set up the way ClusterFuzzLite does it (by way of OSS-Fuzz) you can do: