Support Fuzzing JavaScript with Jazzer.js #8324
Comments
Prepare for JavaScript fuzzing Related: #8324
This PR enables using Jazzer.js for fuzzing Node.js projects in OSS-Fuzz. Part of #8324 --------- Co-authored-by: jonathanmetzman <[email protected]>
|
Some remaining pieces here:
|
|
One more thing from my side: We still need to integrate source-based coverage reporting for JavaScript in OSS-Fuzz. This has been recently added to Jazzer.js, and we'll take care of it. |
|
Will this include some way to permanently persist any failing test inputs? |
Not sure I understand, but I think yes, this is how oss-fuzz works. Project maintainers are notified when a bug is found and given the crashing input. |
|
As @jonathanmetzman, this is the workflow in OSS-Fuzz. Bugs, including the crashing inputs, are only disclosed to the public once they are fixed, or the disclosure deadline passes with no fix from the maintainers. |
|
That's great - so it's not automatic, but there's zero chance a failed input will be lost, for example by rerunning a test? |
I don't know what you mean by "automatic". There's almost no chance. Sometimes we delete testcases that are non-deterministic and infrequently occurring. |
|
I meant like, a github action that preserves somehow - in a database elsewhere - failed inputs. If it can transmit the failures to me somehow, that suffices, since I can just manually commit them :-) |
|
Here is the link to all public issues found by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/list?q=&can=1. For each issue, you have several details, including a link to download the test case (failing input). Ideally, you then have a unit test with this input to ensure that you test for regressions and verify your fix for the issue. Which testing framework do you use for JavaScript? Jazzer.js has a Jest integration enabling you to write fuzz tests using the usual syntax and automatically create regression tests for found issues. |
|
I use https://npmjs.com/tape. |
|
I'm not aware of |
|
I'm not sure what that would entail, but sure, potentially. |
|
Sounds great! We can collaborate there and we can provide the support you need regarding Jazzer.js. |
This is needed for Jazzer.js: #8324
This is needed for Jazzer.js: #8324
This PR enables using Jazzer.js for fuzzing Node.js projects in OSS-Fuzz. Part of google#8324 --------- Co-authored-by: jonathanmetzman <[email protected]>
This is needed for Jazzer.js: google#8324
No description provided.
The text was updated successfully, but these errors were encountered: