OSS-Fuzz integration

Anything you want added or changed in future versions of ZoneMinder? Post here and there's a chance it will get in! Search to make sure it hasn't already been requested.
Post Reply
fuzzyboi
Posts: 1
Joined: Thu Sep 21, 2023 10:15 am

OSS-Fuzz integration

Post by fuzzyboi »

Hi all,

Just enquiring to see if there is interest with regards to integrating this project into OSS-Fuzz? this would allow continuous testing of this project in order to identify memory corruption vulnerabilities using google's infrastructure with no monetary cost to this project. Google's OSS-Fuzz has identified 10,000 vulnerabilities and 36,000 bugs in 1000 open source projects as per https://google.github.io/oss-fuzz/#trophies. The process can be seen at https://google.github.io/oss-fuzz/architecture/ and I'm willing to integrate this project into OSS-Fuzz and write harnesses to test key functionalities of this project.

If this is something that everyone would like to see could you please let me know and provide me with an email or two in order to receive new issues found via fuzzing? I'm also happy to support with writing patches for any issues found.
User avatar
iconnor
Posts: 3263
Joined: Fri Oct 29, 2010 1:43 am
Location: Toronto
Contact:

Re: OSS-Fuzz integration

Post by iconnor »

Definitely interested.. talk to me at isaac@zoneminder.com or find us on slack or discord or just keep talking here.
Post Reply