search

benhoyt / inih

Simple .INI file parser in C, good for embedded systems
Other
2.43k stars 487 forks source link

[oss-fuzz] fuzzing support #153

Closed 0x34d closed 1 year ago

0x34d commented 1 year ago

Use OSS-Fuzz for better and continuous fuzzing of inih

benhoyt commented 1 year ago

Hi @0x34d, I'm willing to look more closely at this, but wouldn't we need to be accepted into the OSS-Fuzz program first? It looks like there's a fairly high bar for inclusion: https://google.github.io/oss-fuzz/getting-started/accepting-new-projects/ "To be accepted to OSS-Fuzz, an open-source project must have a significant user base and/or be critical to the global IT infrastructure."

I don't know if inih meets that bar (probably not?), but if you'd like to do that, go ahead and try, and see what they say.

0x34d commented 1 year ago

Hi @0x34d, I'm willing to look more closely at this, but wouldn't we need to be accepted into the OSS-Fuzz program first? It looks like there's a fairly high bar for inclusion: https://google.github.io/oss-fuzz/getting-started/accepting-new-projects/ "To be accepted to OSS-Fuzz, an open-source project must have a significant user base and/or be critical to the global IT infrastructure."

I don't know if inih meets that bar (probably not?), but if you'd like to do that, go ahead and try, and see what they say.

Got it, Chief. Let me ask the Google guys.

0x34d commented 1 year ago

@benhoyt Well, weird they actually merged test PR.

Can you merge this so I can fix the oss-fuzz PR?