Thanks! There was also some mention some place of moving the fuzzing code itself into this repo so that we could extend it. How do we make that happen?

There was also some mention some place of moving the fuzzing code itself into this repo so that we could extend it. How do we make that happen?

Move this code https://github.com/google/oss-fuzz/blob/master/projects/coveragepy/fuzz_parse.py into this library. We can move this anytime now -- feel free to make a PR on OSS-Fuzz that remove it and moves it up here. We should adjust https://github.com/google/oss-fuzz/blob/master/projects/coveragepy/build.sh and https://github.com/google/oss-fuzz/blob/master/projects/coveragepy/Dockerfile accordingly, but this is likely just switching a link.

In order to build fuzz_parse.py in the OSS-Fuzz environment, we use https://github.com/google/oss-fuzz/blob/master/projects/coveragepy/build.sh It would be great to continue using compile_python_fuzzer for the OSS-Fuzz environment since it makes it possible to get the coverage reports (thanks to this repo :) !) as well as introspector reports (still early stage for Python: https://github.com/ossf/fuzz-introspector).

If we place the fuzzer in test/fuzzers/ of this repo, then we can adjust the build script on OSS-Fuzz to use:

for fuzzer in $(find ./test/fuzzers/ -name 'fuzz_*.py'); do
  compile_python_fuzzer $fuzzer
done

The source folder in the find command is the only thing changed. That will make it possible to simply put new fuzzers in test/fuzzers/* and OSS-Fuzz will start running them continuously automatically.

I can also make a PR that does the above -- let me know if you'd like me to and I'll do this tomorrow Friday.

Are this and #1497 still valid @nedbat ?

@DavidKorczynski Sorry I've let this and #1497 sit for a few years. Are these still current? I'm a tiny bit reluctant to take on new actions, but also am baffled when I get a fuzzing report from the centralized runs that Google does.