Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 25 Jun 2019 16:34:38 +0200
From: Florian Weimer <>
To: "Stuart D. Gathman" <>
Subject: Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz

* Stuart D. Gathman:

> Question: is fuzzing useful for languages like Java/python?

Fuzzing is used to show that a function is partial, when it is expected
to be total.  That can be useful with any language which has partial

If anything, it should be easier with Java and Python because these
languages have many more language-defined checks causing abnormal
function termination, while with C code, you have to inject such checks
with complicated instrumentation.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.