oss-fuzz/docs/faq.md

837 B

Frequently Asked Questions

Why do you use a different issue tracker for reportig bugs in fuzz targets?

Security control is important for the kind of issues that oss-fuzz detects. We will reconsider github issue tracker once there are access control features available.

Why do you use Docker?

Building fuzzers requires building your target with a fresh Clang compiler and special compiler flags. An easy-to-use Docker image is provided to simplify toolchain distribution. This also limits our exposure to multitude of Linux varieties and provides a reproducible and (more) secure environment for fuzzer building and execution.

If you'd like to get more familiar with how libFuzzer-style fuzzers work in general, check out this page.