oss-fuzz

History

ennamarie19 3d3331a622 Initial Project Skeleton for TextDistance (#12018 ) TextDistance is a python library for comparing distance between two or more sequences by many algorithms. Over 6,300 repositories and 76 packages depend on TextDistance on Github. Most notably NVIDIA's NeMo project depends on TextDistance. NeMo is a generative AI framework built for researchers and PyTorch developers working on large language models (LLMs), multimodal models (MM), automatic speech recognition (ASR), and text-to-speech synthesis (TTS). Additionally, spyder, the Scientific Python Development Environment, depends on TextDistance and is used by other 27,000 users. It is important to fuzz TextDistance with OSS-Fuzz because a critical vulnerability in TextDistance could lead to serious vulnerabilities in these other widely used programs. Further, because TextDistance is a algorithm based program, it is inherently vulnerable to several vulnerabilities including memory leaks, excessive resource consumption, insufficient input validation, and side-channel attacks. Approval from upstream maintainer was via email and pictured below- ![Screenshot from 2024-05-30 10-23-01](https://github.com/google/oss-fuzz/assets/89044704/1be6217a-c503-4f9e-b548-9bf13e977c68)	2024-07-04 11:04:43 +10:00
..
project.yaml	…

Initial Project Skeleton for TextDistance (#12018 )

TextDistance is a python library for comparing distance between two or
more sequences by many algorithms. Over 6,300 repositories and 76
packages depend on TextDistance on Github. Most notably NVIDIA's NeMo
project depends on TextDistance. NeMo is a generative AI framework built
for researchers and PyTorch developers working on large language models
(LLMs), multimodal models (MM), automatic speech recognition (ASR), and
text-to-speech synthesis (TTS). Additionally, spyder, the Scientific
Python Development Environment, depends on TextDistance and is used by
other 27,000 users. It is important to fuzz TextDistance with OSS-Fuzz
because a critical vulnerability in TextDistance could lead to serious
vulnerabilities in these other widely used programs. Further, because
TextDistance is a algorithm based program, it is inherently vulnerable
to several vulnerabilities including memory leaks, excessive resource
consumption, insufficient input validation, and side-channel attacks.


Approval from upstream maintainer was via email and pictured below-
![Screenshot from 2024-05-30
10-23-01](https://github.com/google/oss-fuzz/assets/89044704/1be6217a-c503-4f9e-b548-9bf13e977c68)

2024-07-04 11:04:43 +10:00

project.yaml

…