Continuous Fuzzing
Andrei Zeliankou
zelenkov at nginx.com
Mon Nov 25 14:07:13 UTC 2019
> On 22 Nov 2019, at 19:42, Yevgeny Pats <yp at fuzzit.dev> wrote:
>
> Hey Team,
>
> I'm Yevgeny Pats, Founder of Fuzzit.
>
> I'm not sure about the current state of fuzzing in Nginx but I thought it was worth asking/discussing.
>
> If adding new fuzz targets to nginx and running those continuously as part of the CI is interesting I'll be happy to help both write some of the fuzz target as well as help integrate the fuzz target to Fuzzit (we have a free plan for OSS projects).
>
> Would love to hear your thoughts as well as answer any questions about Fuzzit service that you might have.
>
> Cheers,
> Yevgeny
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
Hi Yevgeny,
Currently, nginx has no library so it's not possible to use fuzz targets.
Possible way to fuzz nginx is in binary mode (e.g. routing fuzz input to the
listen socket). Is it possible to run continuously fuzzing in Fuzzit
without fuzz targets?
--
Andrei Zeliankou
More information about the nginx-devel
mailing list