undefined | Better HN

0 pointsdanans5y ago0 comments

There's no reason that a fuzzer couldn't draw sample email addresses from a large pool of test valid email addresses to add as input. That would just require a fuzzer that allowed you to provide the sample population for a particular data type.

0 comments

capableweb5y ago

My point still stands. If the one setting up the fuzzer is thinking about the condition that A) you're using a valid email that B) already existing in the system and C) cannot be used to authenticate with another system, you can easily check the code for this directly. The fuzzer won't add anything over a simple integration/E2E test here.

danansOP5y ago

Fair point! The question I have then is whether it's possible to create a tool that automatically detects bugs like this without needing to write an integration test for this specific cases.

j / k navigate · click thread line to collapse

0 pointsdanans5y ago0 comments

0 comments

capableweb5y ago

danansOP5y ago

Fair point! The question I have then is whether it's possible to create a tool that automatically detects bugs like this without needing to write an integration test for this specific cases.

j / k navigate · click thread line to collapse