[GRASS-dev] GRASS GIS and OSS-FUZZ: automated bug hunting
Markus Neteler
neteler at osgeo.org
Wed May 23 00:21:21 PDT 2018
Hi devs,
perhaps it would be worthwhile to submit GRASS GIS to Google's
OSS-FUZZ [1] like GDAL (of course we don't know it we would be
accepted).
To get it done, we may learn from GDAL:
* related GDAL ticket: https://trac.osgeo.org/gdal/ticket/6883
* application PR: https://github.com/google/oss-fuzz/pull/589
* https://github.com/google/oss-fuzz/tree/master/projects/gdal
If not viable/accepted/useful, remember that we still have Coverity
Scan ("free static code analysis tool") available which I activated
manually from time to time - yet to be integrated with Travis-CI [2]:
https://scan.coverity.com/projects/grass?tab=overview (showing the
last manual run in 2016)
Your opinion?
Cheers,
Markus
[1] OSS-Fuzz - Continuous Fuzzing for Open Source Software
https://github.com/google/oss-fuzz
[2] https://scan.coverity.com/travis_ci
More information about the grass-dev
mailing list