Post: Unmasking a Go HTML Parser Bug with Differential Fuzzing
Link: https://azorius.net/c/J518XGs7hPl6r19ZMp
I think this is a good bug find, but I don't know why anyone would pass the original "safe" input through unchanged, instead of reserializing it.
I think this is a good bug find, but I don't know why anyone would pass the original "safe" input through unchanged, instead of reserializing it.