mintlayer-core icon indicating copy to clipboard operation
mintlayer-core copied to clipboard

Published 20 hours ago verified publisher icon mintlayer

Establish fuzzing as part of our tests

Open TheQuantumPhysicist opened this issue 3 years ago • 1 comments

Fuzzing is the process of using pseudo random data on the entry points of programs, and possibly individual functions. Fuzzing is important as it shows flaws in the construction of program and function endpoints, like not handling corner cases. It's said that the heart-bleed SSL/TLS bug would've been found within 6 hours of fuzzing. Hence, it's also safe to say that fuzzing is a process that continuously runs non-stop, which we have the capacity to do.

Fuzzing is unlike property-based testing, where in property-based testing we provide specifically valid/invalid data that conforms to a model, while in fuzzing the input may or may not be valid by sheer chance.

It's important to say this: If we're not fuzzing our code, someone else is.

Starting point:

https://en.wikipedia.org/wiki/Fuzzing https://rust-fuzz.github.io/book/

TheQuantumPhysicist avatar Dec 09 '22 15:12 TheQuantumPhysicist

Maybe this

https://google.github.io/oss-fuzz/

TheQuantumPhysicist avatar Dec 20 '22 10:12 TheQuantumPhysicist