Add more thorough testing #6
Labels
Comments
dequbed
added
help wanted
|
Would you be interested in a PR that adds fuzz-testing to rsasl? Fuzz-testing everything that is potentially exposed to untrusted data seems like a good start. |
|
Oh absolutely :) I was looking into fuzz testing rsasl a while back, the main reason why I didn't go for it was that it currently doesn't expose any of the mechanisms directly so I felt like it'd mostly fuzz test the parsers. But that too would be a benefit so if you want to help with it, please do! ^^ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As a reasonable approximation "more testing" = "more good" does hold. And rsasl already does some testing but it could definitely profit from more.
Especially as it's a rather abstract framework integration tests are relevant to make sure updates don't break stuff.
Especially integration tests that just test the client portion of a mechanism against its server portion should be a good place to start as they won't require knowledge of the inner workings of the mechanisms or rsasl itself.
The text was updated successfully, but these errors were encountered: