fuzz-introspector
fuzz-introspector copied to clipboard
ossf
Please provide a real world example
The README does not tell how this is to be used with a project and instead points to a build_all script, which then needs to be further analyzed how it is used. This is not a good user experience.
A simple "this is how you need to build your target" and "this is how you use the Python script to build the report" in the README would be a much lower cost for users.
:)
Thanks, much appreciated! I will get something like this up. In short, there are real world example projects in the examples folder. I will create some documentation that clarifies the process of running them.
Meanwhile, the recommended way to test this project (and in particular on real world samples) is using the OSS-Fuzz approach (https://github.com/ossf/fuzz-introspector#testing-with-oss-fuzz). It is the recommended way because it's through there we currently support combining runtime coverage data with the compiler plugin. The drawback is that it will override your existing OSS-Fuzz Docker images.
as you can imaging I will not use this with oss-fuzz :) (and several other people either) hence the issue ...
Yeah makes sense, I have this in mind for the near future but will just add one or two things in the compiler plugin to make the UX a bit nicer. I will do this in the coming days!