oss-fuzz icon indicating copy to clipboard operation
oss-fuzz copied to clipboard
verified publisher icon google

[comrak] project proposal

Open tristan-f-r opened this issue 1 year ago • 1 comments

Approved by https://github.com/kivikakk/comrak/issues/474#issue-2576801537.

comrak is one of three go-to choices for markdown rendering for rust. It is similar to markdown-rs and pulldown-cmark.

It can accept user input (most notably in CMS systems built on top of rust, i.e. https://github.com/ohsayan/jotsy) and can act as a vector for availability attacks. Ruby's commonmarker also depends on it.

Despite its non-0.7 criticality score, it one of two good choices for markdown parsing in rust makes it a good candidate for fuzzing.

tristan-f-r avatar Oct 10 '24 04:10 tristan-f-r

LeoDog896 is integrating a new project:
- Main repo: https://github.com/kivikakk/comrak.git
- Criticality score: 0.60584

github-actions[bot] avatar Oct 10 '24 04:10 github-actions[bot]

Clusterfuzz Lite is a more appropriate solution, closing for now.

vitorguidi avatar Nov 05 '24 17:11 vitorguidi