Google Git
Sign in
android / platform / external / oss-fuzz / refs/heads/upstream-master
commitbf577d8664b7f7c06ba42f95c01f9161c73cd5ff[log] [tgz]
authoreddyz87 <eddyz87@gmail.com>Sun May 05 02:55:04 2024 +0300
committerGitHub <noreply@github.com>Sat May 04 23:55:04 2024 +0000
tree8ec194b8c208e8021cf8cae5edf30f31ccbe15b7
parentde0a8bb6c214703643646f5dba0c8b83d6f028b4 [diff]
Add Eduard Zingerman (eddyz87@gmail.com) to auto CC list for libbpf (#11883)

Hello oss-fuzz maintainers,

My name is Eduard Zingerman, I'm one of the maintainers for libbpf (see
[here](https://github.com/torvalds/linux/blob/0106679839f7c69632b3b9833c3268c316c0a9fc/MAINTAINERS#L3898)).
Could you please add me to `auto_cc` list for libbpf project, the reason
I'm asking: need to see details for the following two reports:
[1](https://github.com/libbpf/libbpf/issues/802),
[2](https://github.com/libbpf/libbpf/issues/803). As-is I get an "Access
denied" page from oss-fuzz.com when I try to open the "detailed report"
links.

(I am following procedure suggested
[here](https://github.com/google/oss-fuzz/issues/4511), apologies if
this is not the correct way to ask for access).

Best regards,
Eduard
1 file changed
tree: 8ec194b8c208e8021cf8cae5edf30f31ccbe15b7
  1. .allstar/
  2. .clusterfuzzlite/
  3. .github/
  4. docs/
  5. infra/
  6. projects/
  7. tools/
  8. .dockerignore
  9. .gitattributes
  10. .gitignore
  11. .pylintrc
  12. .style.yapf
  13. CITATION.cff
  14. CONTRIBUTING.md
  15. LICENSE
  16. README.md
README.md

OSS-Fuzz: Continuous Fuzzing for Open Source Software

Fuzz testing is a well-known technique for uncovering programming errors in software. Many of these detectable errors, like buffer overflow, can have serious security implications. Google has found thousands of security vulnerabilities and stability bugs by deploying guided in-process fuzzing of Chrome components, and we now want to share that service with the open source community.

In cooperation with the Core Infrastructure Initiative and the OpenSSF, OSS-Fuzz aims to make common open source software more secure and stable by combining modern fuzzing techniques with scalable, distributed execution. Projects that do not qualify for OSS-Fuzz (e.g. closed source) can run their own instances of ClusterFuzz or ClusterFuzzLite.

We support the libFuzzer, AFL++, and Honggfuzz fuzzing engines in combination with Sanitizers, as well as ClusterFuzz, a distributed fuzzer execution environment and reporting tool.

Currently, OSS-Fuzz supports C/C++, Rust, Go, Python, Java/JVM, and JavaScript code. Other languages supported by LLVM may work too. OSS-Fuzz supports fuzzing x86_64 and i386 builds.

Overview

OSS-Fuzz process diagram

Documentation

Read our detailed documentation to learn how to use OSS-Fuzz.

Trophies

As of August 2023, OSS-Fuzz has helped identify and fix over 10,000 vulnerabilities and 36,000 bugs across 1,000 projects.

Blog posts