More info on oss-fuzz fuzzer improvement / initial incorporation rewards? #14260
Description
Hi!
I noticed that there is this bounty program in place. I also noticed that the fuzzing code coverage for the cairo graphics project is quite poor and I want to potentially improve it.
I have a couple of questions:
- What qualifies as an issue? I mean is a null pointer dereference considered or must it be a memory corruption bug (use after free, controllable buffer overflow etc)? Do out of memory bugs count?
- The "50% across the entire project"? There is some functionality that is not included by default but can be included via some compile time options, so does the "across the entire project" mean all the code or what is included in most common configurations? (I assume that it means ALL the code, but just to be sure).
- The CIFuzz integration. Do I need to convince the upstream maintainers to add the project to clusterfuzzlite?
- "Finding a critical vulnerability that has widespread impact as a result of fuzzing integration." How popular must be the target be? I assume it must be very common like OpenSSL or something like that. Of course these rewards are at the discretion of the oss-fuzz team but can you be a bit more specific (for example a list of eligible projects for this reward)?
Thanks in advance and thank you for your time!