[pcre-dev] Inviting your project to use OSS-Fuzz

Top Page
Delete this message
Author: OSS-Fuzz
Date:  
To: pcre-dev
Subject: [pcre-dev] Inviting your project to use OSS-Fuzz
*Greetings PCRE developers,As you may be aware, Google has made a fuzzing
<https://www.owasp.org/index.php/Fuzzing> service called OSS-Fuzz
<https://testing.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html>
available to Open Source projects. OSS-Fuzz is a free fuzzing
infrastructure that you can use to identify security vulnerabilities and
stability bugs in your project. Once integrated, OSS-Fuzz will continuously
fuzz your project, alert you when it finds bugs, and verify your fixes.
Many widely used open source projects such as OpenSSL, FFmpeg, LibreOffice,
ImageMagick, and Envoy are already taking advantage of continuous fuzz
testing with OSS-Fuzz. A complete list of projects can be found here
<https://github.com/google/oss-fuzz/tree/master/projects>. We recently
announced
<https://security.googleblog.com/2018/11/a-new-chapter-for-oss-fuzz.html>
an expansion to the program on the Google Security Blog.We’re reaching out
to you because your project is an important part of the open source
ecosystem and we noticed that you’re not yet fuzzing with OSS-Fuzz. We
believe continuous fuzzing would improve the security and stability of your
code and the wider ecosystem, and we’d like to encourage you to configure
it for your project
<https://github.com/google/oss-fuzz/blob/master/docs/new_project_guide.md>.
If you’ve received this email, you are eligible to integrate.Generally,
integrations can be done in <100 LoC. Since this integration is additional
work on top of your volunteer time to open-source, we’d like to support
your efforts with integration rewards. Rewards for OSS-Fuzz integration
range from $1,000 (initial integration) up to $20,000 (ideal integration
<https://github.com/google/oss-fuzz/blob/master/docs/ideal_integration.md>)
(more details here
<https://opensource.googleblog.com/2017/05/oss-fuzz-five-months-later-and.html>).We’d
like you to please consider integrating with OSS-Fuzz, and encourage you to
reply to oss-fuzz-outreach@???
<oss-fuzz-outreach@???> if you have any questions (and check
out our FAQ
<https://github.com/google/oss-fuzz/blob/master/docs/faq.md>).Thanks!Chris
MoonOSS-Fuzz Team*