Also brings up the question, has any testing been done to see if any old issues have been reintroduced.
Newly added code has tests.
Several of the issues disclosed today were fixed by throwing away and completely replacing the vulnerable code, so the newly introduced code would have its own tests.
Some things like the miniupnp vulnerabilities are because of that dependency. There isn't a whole lot that we can do about it other than bumping to the latest dependency version or working out ways to get rid of the dependency entirely.
Several issues were discovered via fuzzing, and the fuzz inputs have been added to our fuzz input corpus that oss-fuzz uses. So reintroduction of those specific issues would be caught by those fuzzers.
Otherwise, these bugs can be kind of hard to test for since many of them are stalling issues.
I get all of that, but what I was thinking about was something closer to the SSH type of issue. It was vulnerable, it was fixed, it was tested fixed, and the someone broke it.
However, since it was fixed and tested they didn't think to test it every release.
I know it's all rare / edge case kind of stuff but going back and making sure something that was fixed didn't get broken again might not be the worst. If it's possible to test for these things.
-Dave
