search

pdfminer / pdfminer.six

Community maintained fork of pdfminer - we fathom PDF
https://pdfminersix.readthedocs.io
MIT License
5.96k stars 930 forks source link

OSS-Fuzz Integration Inquiry #918

Open capuanob opened 1 year ago

capuanob commented 1 year ago

Hello!

I have integrated a few open-sourced projects into OSS-Fuzz, a program sponsored by Google to provide continuous fuzz-testing of impactful open-sourced projects, and am wondering if PDFMiner's maintainers would approve me undertaking the work to develop a harness to fuzz-test this library and integrate it into OSS-Fuzz.

If you would like more details on what OSS-Fuzz is and what this work would entail, more details can be found here.

Thank you for your consideration and I look forward to working with you all!

ingochris commented 10 months ago

Hi @capuanob, were you able to receive any updates or progress in fuzz testing pdfminer with OSS-Fuzz?

capuanob commented 10 months ago

Hi @capuanob, were you able to receive any updates or progress in fuzz testing pdfminer with OSS-Fuzz?

Hi,

I have not begun integrating for this repository yet; as the process requires receiving the go-ahead from a project maintainer.

Ready to get started whenever approved!

-Bailey

pietermarsman commented 9 months ago

Hi, I'm the maintainer of pdfminer.six. This sound like it could uncover lots of bugs and issues.

What would this require from me? And what would the changes to pdfminer.six be?

capuanob commented 9 months ago

@pietermarsman Hi Pieter, thank you for your response! This would solely require two things from you:

  1. The eventual PR review and approval to host the fuzzing harnesses and build-scripts within this repository
  2. An email (preferably a google email) to serve as the Primary POC. A google account grants you access to ClusterFuzz, which hosts all of the inputs that trigger bugs for your review