My cryptography fuzzing project supports pairing-based cryptography and it has previously found important bugs in the blst, mcl and Chia bls-signatures libraries. It is able to find correctness, memory and other (e.g. hangs) bugs.
Those 3 libraries are being fuzzed on OSS-Fuzz and I would like to add libff. I have written a harness for libff and it's ready to be integrated.
The only condition for fuzzing on OSS-Fuzz is that any bugs found must be fixed and released within 90 days; the bug will be publicly disclosed past this point.
If you're interested, please give me the e-mail addresses of the maintainers. The e-mail addresses must be linked to a Google account. Note that the addresses will be stored in a public repository (specifically here). If this is not an option, I can forward bug reports to you.
My cryptography fuzzing project supports pairing-based cryptography and it has previously found important bugs in the blst, mcl and Chia bls-signatures libraries. It is able to find correctness, memory and other (e.g. hangs) bugs.
Those 3 libraries are being fuzzed on OSS-Fuzz and I would like to add libff. I have written a harness for libff and it's ready to be integrated.
The only condition for fuzzing on OSS-Fuzz is that any bugs found must be fixed and released within 90 days; the bug will be publicly disclosed past this point.
If you're interested, please give me the e-mail addresses of the maintainers. The e-mail addresses must be linked to a Google account. Note that the addresses will be stored in a public repository (specifically here). If this is not an option, I can forward bug reports to you.