yaml-cpp
yaml-cpp copied to clipboard
jbeder
OSS-Fuzz integration
Hi
Given the popularity of Yaml-cpp I was thinking that it would be nice to set up continuous fuzzing of Yaml-cpp, by way of OSS-Fuzz. In this PR: https://github.com/google/oss-fuzz/pull/4713 I have done exactly that, namely created the necessary logic from an OSS-Fuzz perspective to integrate Yaml-cpp. This includes developing initial fuzzers as well as integrating into OSS-Fuzz.
Essentially, OSS-Fuzz is a free service run by Google that performs continuous fuzzing of important open source projects. The only expectation of integrating into OSS-Fuzz is that bugs will be fixed. This is not a "hard" requirement in that no one enforces this and the main point is if bugs are not fixed then it is a waste of resources to run the fuzzers, which we would like to avoid.
If you would like to integrate, could I please have an email(s) that will get access to the data produced by OSS-Fuzz, such as bug reports, coverage reports and more stats. Notice the emails affiliated with the project will be public in the OSS-Fuzz repo, as they will be part of a configuration file.
David
