search

nextcloud / passman

🔐 Open source password manager with Nextcloud integration
https://passman.cc
GNU Affero General Public License v3.0
786 stars 108 forks source link

Fuzzing #321

Open rugk opened 7 years ago

rugk commented 7 years ago

Feature request

User type: N/A

User level: N/A

Description

As I see you are having heavy issues with #319, could you please do some fuzzing to automatically test such problems? Or some unit tests? This is really the worst kind of issue, which should never happen with a password manager. When your password manager destroys your passwords you're lost.

Benefit / value

Increases security (& reliability here), see https://fuzzing-project.org/ I'm not sure whether one can fuzz PHP, but maybe do it when it is possible.

Risk / caveats

none, only executed internal

Sponsorship

Are you a developer willing to implement this feature?: no

Can you sponsor the development of this feature or do you know someone who can?: no

--- Want to back this issue? **[Post a bounty on it!](https://www.bountysource.com/issues/46279797-fuzzing?utm_campaign=plugin&utm_content=tracker%2F44880056&utm_medium=issues&utm_source=github)** We accept bounties via [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F44880056&utm_medium=issues&utm_source=github).
animalillo commented 7 years ago

The main part of the app is handled in javascript (client) side. If you know how to implement this or have some examples we could use, the input would be very useful.