• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Changelog
2
3**Note:** Before version 1.0.0, every release may contain breaking changes.
4
5## Version 0.12.0
6
7* **Breaking change**: Autofuzz API methods (`consume` and `autofuzz`) have moved from the
8  `Jazzer` class to the dedicated `Autofuzz` class
9* **Major feature**: Added JUnit 5 integration for fuzzing and regression tests using the
10  `@FuzzTest` annotation (available as `com.code-intelligence:jazzer-junit`)
11* Feature: Added sanitizer for SQL injections
12* Feature: Hooks can be selectively disabled by specifying their full class name using the new
13  `--disabled_hooks` flag
14* Fix: Remove memory leaks in native code
15* Fix: Don't instrument internal Azul JDK classes
16* Fix: Classes with local variable annotations are now instrumented without errors
17
18This release also includes smaller improvements and bugfixes, as well as a major refactoring and
19Java rewrite of native components.
20
21## Version 0.11.0
22
23* Feature: Add sanitizer for context lookups
24* Feature: Add sanitizer for OS command injection
25* Feature: Add sanitizer for regex injection
26* Feature: Add sanitizer for LDAP injections
27* Feature: Add sanitizer for arbitrary class loading
28* Feature: Guide fuzzer to generate proper map lookups keys
29* Feature: Generate standalone Java reproducers for autofuzz
30* Feature: Hooks targeting interfaces and abstract classes hook all implementations
31* Feature: Enable multiple BEFORE and AFTER hooks for the same target
32* Feature: Greatly improve performance of coverage instrumentation
33* Feature: Improve performance of interactions between Jazzer and libFuzzer
34* Feature: Export JaCoCo coverage dump using `--coverage_dump` flag
35* Feature: Honor `JAVA_OPTS`
36* API: Add `exploreState` to help the fuzzer maximize state coverage
37* API: Provide `additionalClassesToHook` field in `MethodHook` annotation to hook dependent classes
38* Fix: Synchronize coverage ID generation
39* Fix: Support REPLACE hooks for constructors
40* Fix: Do not apply REPLACE hooks in Java 6 class files
41
42This release also includes smaller improvements and bugfixes.
43
44## Version 0.10.0
45
46* **Breaking change**: Use OS-specific classpath separator to split jvm_args
47* Feature: Add support to "autofuzz" targets without the need to manually write fuzz targets
48* Feature: Add macOS and Windows support
49* Feature: Add option to generate coverage report
50* Feature: Support multiple hook annotations per hook method
51* Feature: Support hooking internal classes
52* Feature: Add sanitizer for insecure deserialization
53* Feature: Add sanitizer for arbitrary reflective calls
54* Feature: Add sanitizer for expression language injection
55* Feature: Provide Jazzer and Jazzer Autofuzz docker images
56* Feature: Add a stand-alone replayer to reproduce findings
57* API: Add `reportFindingFromHook(Throwable finding)` to report findings from hooks
58* API: Add `guideTowardsEquality(String current, String target, int id)` and `guideTowardsContainment(String haystack, String needle, int id)` to guide the fuzzer to generate more useful inputs
59* API: Add `consume(FuzzedDataProvider data, Class<T> type)` to create an object instance of the given type from the fuzzer input
60* API: Add multiple `autofuzz()` methods to invoke given functions with arguments automatically created from the fuzzer input
61* Fixed: Prevent dependency version conflicts in fuzzed application by shading internal dependencies
62* Fixed: Make initialized `this` object available to `<init>` AFTER hooks
63* Fixed: Allow instrumented classes loaded by custom class loaders to find Jazzer internals
64
65This release also includes smaller improvements and bugfixes.
66
67## Version 0.9.1
68
69* **Breaking change**: The static `fuzzerTestOneInput` method in a fuzz target now has to return `void` instead of `boolean`. Fuzz targets that previously returned `true` should now throw an exception or use `assert`.
70* Fixed: `jazzer` wrapper can find `jazzer_driver` even if not in the working directory
71* Fixed: Switch instrumentation no longer causes an out-of-bounds read in the driver
72* Feature: `assert` can be used in fuzz targets
73* Feature: Coverage is now collision-free and more fine-grained (based on [JaCoCo](https://www.eclemma.org/jacoco/))
74* API: Added `pickValue(Collection c)` and `consumeChar(char min, char max)` to `FuzzedDataProvider`
75* API: Added `FuzzerSecurityIssue*` exceptions to allow specifying the severity of findings
76
77## Version 0.9.0
78
79* Initial release
80