search

ben-strasser / fast-cpp-csv-parser

fast-cpp-csv-parser
BSD 3-Clause "New" or "Revised" License
2.09k stars 435 forks source link

Add fuzzing by way of ClusterFuzzLite #142

Closed DavidKorczynski closed 6 months ago

DavidKorczynski commented 6 months ago

This adds fuzzing by way of ClusterFuzzLite, which is a GitHub action that will perform a short amount of fuzzing for new PRs. The goal is to use fuzzing to catch bugs that may be introduced by new PRs.

I added a fuzzer that targets the reading logic and currently set the timeout of CFLite to 100 seconds. CFLite will flag if the fuzzer finds any issues in the code introduced by a PR.

To reproduce this set up the way ClusterFuzzLite does it (by way of OSS-Fuzz) you can do:

git clone https://github.com/google/oss-fuzz
git clone https://github.com/DavidKorczynski/fast-cpp-csv-parser
cd fast-cpp-csv-parser
git checkout clusterfuzzlite

# Build the fuzzers in .clusterfuzzlite
python3 ../oss-fuzz/infra/helper.py build_fuzzers --external $PWD

# Run the fuzzer for 10 seconds
python3 ../oss-fuzz/infra/helper.py run_fuzzer --external $PWD parse_fuzzer-- -max_total_time=10
ben-strasser commented 6 months ago

Thanks for the PR.

Does the repository have to be registered somewhere for the checks to run or does github automatically activate it when it sees the files?