Add fuzzing #204
Comments
|
Whatever increase testing is welcome. Whether fuzzing and OSS-Fuzz is the best choice at this stage of dqlite's life I'm not really sure, in the sense that I would probably not work on that myself right now since I have other priorities, however contributions are welcome (as long as they only or mainly use the public API and don't reply on the internal implementation). |
|
I've got a very basic fuzzing target running locally: it stands up a single dqlite_node and feeds the fuzzer's input into the client side of the socket that's connected to the server. I found a couple of crashes with afl-fuzz (#465, #466), but I think that particular target is just too slow to get a satisfying yield of bugs. I'm experimenting with ways to make it faster. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
SQLite has fuzzing integrated into it. See https://www.sqlite.org/src/artifact/ad79e867fb504338
I think DQLite would also benefit from fuzzing. Is there any interest in adding this to the project?
If so, would OSS-Fuzz be a candidate fuzzing tool?
Just looking to start the discussion if there is interest in adding fuzzing to this project
The text was updated successfully, but these errors were encountered: