Lines Matching +full:fuzz +full:- +full:bugs

1 ---
5 permalink: /advanced-topics/bug-fixing-guidance
6 ---
11 This page provides brief guidance on how to prioritise and fix bugs reported by
12 OSS-Fuzz.
14 - TOC
18 In general the severity of an issue reported by OSS-Fuzz must be determined
20 the fuzzers OSS-Fuzz makes an effort into determining the severity of the bug
27 the OSS-Fuzz testcase page and you can also search up all of these on monorail
28 using the search pattern `-Bug=security`.
31 heap-based buffer overflows, stack-based buffer overflows and use-after-frees.
35 application. The bugs that have highest priority in this case are those that
38 ### Timeouts and out-of-memory
42 Currently there is no prioritisation of bugs in non C/C++ projects. As such, in
46 ## Non-reproducible bugs
47 OSS-Fuzz will report some bugs that are labeled `Reliably reproduces: NO` and
48 these can be tricky to deal with. A non-reproducible bug is an issue that
49 OSS-Fuzz did indeed discover, however, OSS-Fuzz is unable to reproduce the bug
53 The non-reproducible bugs can be of varying nature. Some of these bugs will be
57 a single fuzzer test-case, however, there is indeed a bug in the application.
58 There are other reasons why bugs may be non-reproducible and in general any
59 non-determinism introduced into the application can have an effect on this.
61 In the case of non-reproducible bugs our advice is to put effort into analysing
63 that persists between each fuzz run. If that is indeed the case then we also
65 state in the code will be reset between each fuzz run.
69 by OSS-Fuzz can increase the complexity of the project’s source code. The
78 manipulation of control-flow then the timing issue may be of high security
80 some bugs should not be solved, as it should be analysed and determined on a
81 project-by-project basis.
83 In the event that a bug is reported by OSS-Fuzz that is not relevant to
89 * Perform a hot-patch that is only applied during fuzzer executions and does
93 time-intensive loops.