Closed capuanob closed 9 months ago
jmcnamara
commented
9 months ago Hi.
Yes I am fine with that. You can use the same email address. Try to use the dev directory again if possible.
Thanks for the effort.
BTW, has there been any issues flagged in the Python version yet? I didn't get any emails.
capuanob
commented
9 months ago @jmcnamara Thank you very much! I'll be sure to use the dev directory and keep instrumentation optional in the build system.
As for bugs, nothing has popped yet. On that note, do you have any ideas for new, potential entry-points for testing that we could add to increase coverage and uncover bugs?
jmcnamara
commented
9 months ago @capuanob
This is probably a question I should have asked earlier but what are your motivations and goals for doing this work?
capuanob
commented
9 months ago I studied cybersecurity with a focus in binary exploitation and became familiar with fuzz-testing in that process. I’m interested in a future career working in fuzzing, so I contribute to OSSFuzz in my free time for open-sourced projects to build up a portfolio and experience.
Thank You, Bailey Capuano
jmcnamara
commented
9 months ago @capuanob That is cool. You will probably have better luck fuzzing this C based project (although I have used a reasonable amount of defensive programming). If you contact me offline I can suggest some attack surfaces: jmcnamara @ cpan.org
capuanob
commented
9 months ago @jmcnamara Thank you very much! I reached out to you
Hello,
I worked with @ennamarie19 in the OSS-Fuzz integration for the Python API to XlsxWriter (here. I was wondering if you would be open to a harness being developed and proposed to the OSS-Fuzz committee for the C API as well. If so, I will handle the integration and development of the harness. Would you like the same e-mail used for any defects / bugs discovered in the fuzzing process?
Thank you for your consideration!