1# Copyright 2021 Google LLC 2# 3# Licensed under the Apache License, Version 2.0 (the "License"); 4# you may not use this file except in compliance with the License. 5# You may obtain a copy of the License at 6# 7# http://www.apache.org/licenses/LICENSE-2.0 8# 9# Unless required by applicable law or agreed to in writing, software 10# distributed under the License is distributed on an "AS IS" BASIS, 11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12# See the License for the specific language governing permissions and 13# limitations under the License. 14# 15################################################################################ 16 17FROM gcr.io/oss-fuzz-base/base-builder 18 19RUN apt-get update && apt-get install -y maven 20 21RUN git clone --depth 1 https://github.com/google/fuzzing 22RUN cat fuzzing/dictionaries/json.dict \ 23 fuzzing/dictionaries/html.dict \ 24 fuzzing/dictionaries/xml.dict \ 25 > $SRC/DenylistFuzzer.dict 26RUN cp fuzzing/dictionaries/json.dict $SRC/IdempotenceFuzzer.dict 27RUN cp fuzzing/dictionaries/json.dict $SRC/ValidJsonFuzzer.dict 28 29RUN git clone --depth 1 https://github.com/dvyukov/go-fuzz-corpus && \ 30 zip -q $SRC/DenylistFuzzer_seed_corpus.zip go-fuzz-corpus/json/corpus/* && \ 31 zip -q $SRC/IdempotenceFuzzer_seed_corpus.zip go-fuzz-corpus/json/corpus/* && \ 32 zip -q $SRC/ValidJsonFuzzer_seed_corpus.zip go-fuzz-corpus/json/corpus/* 33 34RUN git clone --depth 1 https://github.com/OWASP/json-sanitizer 35COPY build.sh $SRC/ 36 37COPY DenylistFuzzer.java IdempotenceFuzzer.java ValidJsonFuzzer.java $SRC/ 38 39WORKDIR $SRC/json-sanitizer 40