You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Write a simple harness for AFL fuzzing any part of the C++ monolith. Specifically, developers should only have to read input from stdin and provide that input to wherever they desire in the codebase by writing a small main function to replace the daemon's usual main.
It should be integrated into the zcash codebase in such a way that future CI systems can require that written fuzzers continue to work across merges into the main (currently master) branch, even though the results of the fuzzing don't necessarily break the merge.
The ultimate goal of this work is to normalize the creation of fuzzers alongside simple unit tests for new or modified code that is considered to be relevant - parsers, network message handlers, etc.. should be covered.
The infrastructure and tending to running continuous security integration can then be owned and operated across the devinf and security teams.
The text was updated successfully, but these errors were encountered:
Write a simple harness for AFL fuzzing any part of the C++ monolith. Specifically, developers should only have to read input from stdin and provide that input to wherever they desire in the codebase by writing a small main function to replace the daemon's usual main.
It should be integrated into the zcash codebase in such a way that future CI systems can require that written fuzzers continue to work across merges into the main (currently master) branch, even though the results of the fuzzing don't necessarily break the merge.
The ultimate goal of this work is to normalize the creation of fuzzers alongside simple unit tests for new or modified code that is considered to be relevant - parsers, network message handlers, etc.. should be covered.
The infrastructure and tending to running continuous security integration can then be owned and operated across the devinf and security teams.
The text was updated successfully, but these errors were encountered: