1 // Copyright 2022 Code Intelligence GmbH 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package com.example; 16 17 import com.code_intelligence.jazzer.api.FuzzerSecurityIssueLow; 18 import com.code_intelligence.jazzer.api.HookType; 19 import com.code_intelligence.jazzer.api.MethodHook; 20 import java.lang.invoke.MethodHandle; 21 import java.lang.reflect.Field; 22 import java.util.regex.Pattern; 23 24 // This fuzzer verifies that: 25 // 1. a class referenced in a static initializer of a hook is still instrumented with the hook; 26 // 2. hooks that are not shipped in the Jazzer agent JAR can still instrument Java standard library 27 // classes. 28 public class HookDependenciesFuzzer { fuzzerTestOneInput(byte[] data)29 public static void fuzzerTestOneInput(byte[] data) { 30 try { 31 Pattern.matches("foobar", "foobar"); 32 } catch (Throwable t) { 33 if (t instanceof FuzzerSecurityIssueLow) { 34 throw t; 35 } else { 36 // Unexpected exception, exit without producing a finding to let the test fail due to the 37 // missing Java reproducer. 38 // FIXME(fabian): This is hacky and will result in false positives as soon as we implement 39 // Java reproducers for fuzz target exits. Replace this with a more reliable signal. 40 t.printStackTrace(); 41 System.exit(1); 42 } 43 } 44 } 45 } 46