[SERVER-80378] Migrate from libfuzzer to FuzzTest Created: 24/Aug/23  Updated: 28/Aug/23

Status: Backlog
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major - P3
Reporter: Spencer Jackson Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Server Security
Participants:

 Description   

According to libfuzzer's documentation:

The original authors of libFuzzer have stopped active work on it and switched to working on another fuzzing engine, Centipede. LibFuzzer is still fully supported in that important bugs will get fixed. However, please do not expect major new features or code reviews, other than for bug fixes.

The "Centipede" project was itself restructured into FuzzTest.

FuzzTest seems to add features around property based testing. It also seems to have a much stronger story around testing C++ types. Rather than just emitting random bits, it seems to have adaptors to common types and containers. It even has support for generating arbitrary protobuf messages, conforming to a schema. It seems to support user defined structs too... These features together seem like they would make it much easier to write complex fuzzer tests.


Generated at Thu Feb 08 06:43:23 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.