During my fuzzing test with libfuzzer I found out that GCC is not part of OSS-Fuzz project. Would be cool to discuss here a bit more about fuzzing GCC codebase in order to mitigate some future vulnerabilities that may appear. I can volunteer myself to add the necessary steps to fuzz GCC on the OSS Fuzz side, but I would like to get some status on:
- Does GCC build system support at least AFL or libfuzzer? - Is there any infrastructure to automatically test this? - How to test GCC with fuzzing, if possible -- Sincerely, Luís Ferreira @ lsferreira.net
signature.asc
Description: This is a digitally signed message part
