[SERVER-64001] Create a fuzzer with auth enabled Created: 25/Feb/22 Updated: 24/Jan/24 |
|
| Status: | Backlog |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Judah Schvimer | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | former-quick-wins, tech-debt-security | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Assigned Teams: |
Correctness
|
||||||||
| Participants: | |||||||||
| Description |
|
We don't run fuzz tests with auth enabled. This limits the coverage we're able to get. |
| Comments |
| Comment by Iryna Zhuravlova [ 04/Oct/22 ] |
|
Hi judah.schvimer@mongodb.com , we believe that test coverage provided by the mutational fuzzers is unknown, therefore, we can't insure that it will provide safety guarantees for specific areas of codebase. Would this be something you consider for some grammar fuzzers? |
| Comment by Judah Schvimer [ 02/Sep/22 ] |
|
This could maybe have caught |