The team at Ada Logics integrated continuous fuzzing into the Helm core project to improve its security.
They enrolled Helm in the OSS-Fuzz project and wrote 38 fuzzers that were run daily to test Helm continuously. This engagement found nine bugs, eight of which have been fixed so far.
Helm is important for businesses using or evaluating Kubernetes, according to the CNCF annual survey of 2022.
Fuzzing is a technique for testing software that uses mutational algorithms to generate test inputs and observe if the code misbehaves. The fuzzers provide significant coverage of the Helm project, including critical parts such as chart handling, release storage, and repositories. Nine issues were found, all but one of which were fixed.
The newly developed fuzzers and findings have provided significant value to the project's code quality and security.
Give a Pawfive to this post!
Share with your friends and followers
Start writing about what excites you in tech — connect with developers, grow your voice, and get rewarded.
Join other developers and claim your FAUN.dev() account now!
