Date: Tue, 25 Jun 2019 16:34:38 +0200 From: Florian Weimer <fweimer@...hat.com> To: "Stuart D. Gathman" <stuart@...hman.org> Cc: oss-security@...ts.openwall.com Subject: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz * Stuart D. Gathman: > Question: is fuzzing useful for languages like Java/python? Fuzzing is used to show that a function is partial, when it is expected to be total. That can be useful with any language which has partial functions. If anything, it should be easier with Java and Python because these languages have many more language-defined checks causing abnormal function termination, while with C code, you have to inject such checks with complicated instrumentation. Thanks, Florian
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.