Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add fuzz-testing #3717

Open
harshitasao opened this issue Aug 29, 2024 · 6 comments
Open

Add fuzz-testing #3717

harshitasao opened this issue Aug 29, 2024 · 6 comments
Assignees
Labels
enhancement New feature or request help wanted Extra attention is needed status: in-progress

Comments

@harshitasao
Copy link

What would you like to be added:
Fuzz testing or Fuzzing is a Black Box software testing technique, which basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated fashion.

Integrate the project with OSS-Fuzz by following the instructions here.

Why is this needed:
To increase the security posture of the project.

Part of #3681

Maintainers help is highly appreciated. For example, helping in identifying the components where fuzz testing will be added.

@mowies mowies added status: ready-for-refinement Issue is relevant for the next backlog refinment enhancement New feature or request labels Aug 29, 2024
@mowies mowies added status: todo help wanted Extra attention is needed and removed status: ready-for-refinement Issue is relevant for the next backlog refinment labels Oct 2, 2024
@mowies
Copy link
Member

mowies commented Oct 2, 2024

This would probably be a bigger thing.
We do have sort-of black box tests already with our e2e tests, but more tests are always better :)
We are looking for help on this one.

@Garvit-77
Copy link
Contributor

hey @mowies I would like to work on it

@mowies
Copy link
Member

mowies commented Oct 29, 2024

sure @Garvit-77 !

@Garvit-77
Copy link
Contributor

Garvit-77 commented Oct 30, 2024

@mowies, could you let me know the components for the implementation of the fuzz testor for which fuzzers need to be written

@mowies
Copy link
Member

mowies commented Oct 30, 2024

We don't really have any experience with fuzz testing so you would need to come up with your own strategy here for what makes the most sense. That's why we put the help-wanted label on here :)

@Garvit-77
Copy link
Contributor

Okay! I would have a study by myself and let you know .

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request help wanted Extra attention is needed status: in-progress
Projects
Status: No status
Development

No branches or pull requests

3 participants