Hypothesis, the property-based testing library, has great support for external fuzzers - while making it easy to develop fuzz harnesses. We can also automatically replay and minimize failing examples found by the fuzzer, which is a lovely debugging workflow :grin:
I know that (an old version of) Hypothesis is used internally at Google, and I've been looking forward to this since @inferno-chromium mentioned a Python fuzzer was in the works in https://github.com/google/oss-fuzz/issues/4121. My PhD is about how to upgrade familiar test tools and workflows with the power of fuzzing (among other tricks), and Atheris looks like an awesome upgrade to the Python ecosystem. Thanks for open-sourcing it!
(final note: I haven't fuzzed my example script for long, so Atheris may or may not find ujson bugs if left running)
Hypothesis, the property-based testing library, has great support for external fuzzers - while making it easy to develop fuzz harnesses. We can also automatically replay and minimize failing examples found by the fuzzer, which is a lovely debugging workflow :grin:
I know that (an old version of) Hypothesis is used internally at Google, and I've been looking forward to this since @inferno-chromium mentioned a Python fuzzer was in the works in https://github.com/google/oss-fuzz/issues/4121. My PhD is about how to upgrade familiar test tools and workflows with the power of fuzzing (among other tricks), and Atheris looks like an awesome upgrade to the Python ecosystem. Thanks for open-sourcing it!
(final note: I haven't fuzzed my example script for long, so Atheris may or may not find
ujsonbugs if left running)