Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[feature request] Add fuzz-testing #1713

Open
harshitasao opened this issue Aug 26, 2024 · 2 comments
Open

[feature request] Add fuzz-testing #1713

harshitasao opened this issue Aug 26, 2024 · 2 comments
Assignees

Comments

@harshitasao
Copy link
Contributor

What would you like to be added:
Fuzz testing or Fuzzing is a Black Box software testing technique, which basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated fashion.

Integrate the project with OSS-Fuzz by following the instructions here.

Why is this needed:
To increase the security posture of the project.

Part of #1706

Maintainers help is highly appreciated. For example, helping in identifying the components where fuzz testing will be added.

@furykerry
Copy link
Member

openkruise is driven by CRD manifests,and crd will be validated by webhook. I am not sure how semi-malformed data can be used to test openkruise, are their any example in related project, e.g. kubernetes project ?

@hantmac
Copy link
Member

hantmac commented Aug 27, 2024

@furykerry There are CNCF fuzzzing projects in https://github.com/cncf/cncf-fuzzing and kubernetes also has its fuzzing tests https://github.com/kubernetes/kubernetes/blob/master/pkg/api/testing/fuzzer.go.

I would like to try to use OSS-Fuzz to establish a continuous fuzzing set up for kruise.

@hantmac hantmac assigned hantmac and unassigned FillZpp Oct 2, 2024
@github-staff github-staff deleted a comment from Lxx-c Oct 23, 2024
@github-staff github-staff deleted a comment from Lxx-c Oct 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

6 participants
@furykerry @FillZpp @hantmac @harshitasao and others