fluent / fluentd

Fluentd: Unified Logging Layer (project under CNCF)
https://www.fluentd.org
Apache License 2.0
12.89k stars 1.34k forks source link

Add Fuzz-testing #4614

Open harshitasao opened 2 months ago

harshitasao commented 2 months ago

Is your feature request related to a problem? Please describe.

Fuzz testing or Fuzzing is a Black Box software testing technique, which basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated fashion.

Describe the solution you'd like

Integrate the project with OSS-Fuzz by following the instructions here.

From fluentd maintainer:

Some input plugins receive data online, so it may be a good idea to add a fuzz test for them first.

Describe alternatives you've considered

N/A

Additional context

Part of #4601

harshitasao commented 2 months ago

/assign

kenhys commented 2 months ago

There are some input plugins, but it is good starting point try to tackle from above plugins. https://docs.fluentd.org/input

kenhys commented 2 months ago

There are some concerns integrates with OSS-Fuzz:

If I am missing the point, correc me.