Re: [log4cxx] Request-for-review: Google OSS-Fuzz integration

2024-09-19 Thread Robert Middleton
I’ll check it out next week. The brief look that I did earlier looks good though, good job Volkan! -Robert Middleton On Thu, Sep 19, 2024 at 8:08 AM Volkan Yazıcı wrote: > OSS-Fuzz <https://github.com/google/oss-fuzz> is a Google service that > continuously runs fuzz tests of cr

[log4cxx] Request-for-review: Google OSS-Fuzz integration

2024-09-19 Thread Volkan Yazıcı
OSS-Fuzz <https://github.com/google/oss-fuzz> is a Google service that continuously runs fuzz tests of critical F/OSS projects on a beefy cluster and reports its findings (bugs, vulnerabilities, etc.) privately to project maintainers. In #411 <https://github.com/apache/logging-log4cxx/pul

Re: [log4j] Google OSS-Fuzz integration

2024-09-18 Thread Matt Sicker
Very neat! > On Sep 17, 2024, at 14:21, Volkan Yazıcı wrote: > > OSS-Fuzz <https://github.com/google/oss-fuzz> is a Google service that > continuously runs fuzz tests of critical F/OSS projects on a beefy cluster > and reports its findings (bugs, vulnerabilities, etc.)

[log4j] Google OSS-Fuzz integration

2024-09-17 Thread Volkan Yazıcı
OSS-Fuzz <https://github.com/google/oss-fuzz> is a Google service that continuously runs fuzz tests of critical F/OSS projects on a beefy cluster and reports its findings (bugs, vulnerabilities, etc.) privately to project maintainers. In #2949 <https://github.com/apache/logging-log4j2/

Re: Google OSS-Fuzz

2022-01-10 Thread Robert Middleton
> I am tinkering with the idea of a Kickstarter-like initiative to sign up > for this. Maybe as a 2-months-long gig? > That sounds like it could be a GSoC thing(if nobody else is interested). The ASF has participated a number of times before. -Robert Middleton

Re: Google OSS-Fuzz

2022-01-10 Thread Matt Sicker
that involves providing invalid, > >unexpected, or random data as inputs to a computer program. > >2. Jazzer <https://github.com/CodeIntelligenceTesting/jazzer> is a > > fuzzer for JVM applications and open-sourced by Code Intelligence. > >3. OSS-Fuzz

Re: Google OSS-Fuzz

2022-01-10 Thread Gary Gregory
by Code Intelligence. > 3. OSS-Fuzz <https://github.com/google/oss-fuzz> is Google's automated >platform (including Google-provided build nodes!) to fuzz some > noteworthy >F/OSS projects. >4. [2021-04-10] OSS-Fuzz adds Jazzer support ><https://se

Google OSS-Fuzz

2022-01-10 Thread Volkan Yazıcı
nvalid, unexpected, or random data as inputs to a computer program. 2. Jazzer <https://github.com/CodeIntelligenceTesting/jazzer> is a fuzzer for JVM applications and open-sourced by Code Intelligence. 3. OSS-Fuzz <https://github.com/google/oss-fuzz> is Google's automated