diff options
| author | Fabian Meumertzheim <fabian@meumertzhe.im> | 2021-11-30 12:25:41 +0100 |
|---|---|---|
| committer | Fabian Meumertzheim <fabian@meumertzhe.im> | 2021-11-30 15:35:55 +0100 |
| commit | 8aa3d3c16f97c5be054e9990830289c28b3f60d4 (patch) | |
| tree | db09e426dd4a7a8febe4ef048bc7b4c84d58ed8d | |
| parent | bd6b2d196e96899c2fb1ed7193cb994a6746d2d6 (diff) | |
| download | jazzer-api-8aa3d3c16f97c5be054e9990830289c28b3f60d4.tar.gz | |
Ensure that escapes are honored by fork and merge
Fixes https://github.com/google/oss-fuzz/issues/6926.
| -rw-r--r-- | examples/BUILD.bazel | 6 | ||||
| -rw-r--r-- | examples/src/main/java/com/example/JpegImageParserFuzzer.java | 10 | ||||
| -rw-r--r-- | repositories.bzl | 6 |
3 files changed, 14 insertions, 8 deletions
diff --git a/examples/BUILD.bazel b/examples/BUILD.bazel index 92c07e09..06f0d2a0 100644 --- a/examples/BUILD.bazel +++ b/examples/BUILD.bazel @@ -111,8 +111,10 @@ java_fuzz_target_test( "-fork=5", "--additional_jvm_args=-Dbaz=baz", ] + select({ - "@platforms//os:windows": ["--jvm_args=-Dfoo=foo;-Dbar=bar"], - "//conditions:default": ["--jvm_args=-Dfoo=foo:-Dbar=bar"], + # \\\\ becomes \\ when evaluated as a Starlark string literal, then \ in + # java_fuzz_target_test. + "@platforms//os:windows": ["--jvm_args=-Dfoo=foo;-Dbar=b\\\\;ar"], + "//conditions:default": ["--jvm_args=-Dfoo=foo:-Dbar=b\\\\:ar"], }), target_class = "com.example.JpegImageParserFuzzer", # The exit codes of the forked libFuzzer processes are not picked up correctly. diff --git a/examples/src/main/java/com/example/JpegImageParserFuzzer.java b/examples/src/main/java/com/example/JpegImageParserFuzzer.java index 84a1029a..a6898bf0 100644 --- a/examples/src/main/java/com/example/JpegImageParserFuzzer.java +++ b/examples/src/main/java/com/example/JpegImageParserFuzzer.java @@ -23,11 +23,15 @@ import org.apache.commons.imaging.formats.jpeg.JpegImageParser; // Found https://issues.apache.org/jira/browse/IMAGING-275. public class JpegImageParserFuzzer { public static void fuzzerInitialize() { + String foo = System.getProperty("foo"); + String bar = System.getProperty("bar"); + String baz = System.getProperty("baz"); // Only used to verify that arguments are correctly passed down to child processes. - if (System.getProperty("foo") == null || System.getProperty("bar") == null - || System.getProperty("baz") == null) { + if (foo == null || bar == null || baz == null || !foo.equals("foo") + || !(bar.equals("b;ar") || bar.equals("b:ar")) || !baz.equals("baz")) { // Exit the process with an exit code different from that for a finding. - System.err.println("ERROR: Did not pass all jvm_args to child process."); + System.err.println("ERROR: Did not correctly pass all jvm_args to child process."); + System.err.printf("foo: %s%nbar: %s%nbaz: %s%n", foo, bar, baz); System.exit(3); } } diff --git a/repositories.bzl b/repositories.bzl index b2bdce23..caa4579f 100644 --- a/repositories.bzl +++ b/repositories.bzl @@ -132,7 +132,7 @@ def jazzer_dependencies(): http_archive, name = "jazzer_libfuzzer", build_file = "@jazzer//third_party:libFuzzer.BUILD", - sha256 = "562a00f14b634c376b1cf7dafa0192379c7d88ffbb1d7cb7a1599b302a648b69", - strip_prefix = "llvm-project-jazzer-4cace44fb775207a37ad35583b3ea0cc067f111b/compiler-rt/lib/fuzzer", - url = "https://github.com/CodeIntelligenceTesting/llvm-project-jazzer/archive/4cace44fb775207a37ad35583b3ea0cc067f111b.tar.gz", + sha256 = "ffd6c9da033e0f168fa6a87c734f7b83703fa8a74f2b03b6ded9603f23688d5f", + strip_prefix = "llvm-project-jazzer-b19be4a4f32f7b5441c5e004f4a9034cd6679b3d/compiler-rt/lib/fuzzer", + url = "https://github.com/CodeIntelligenceTesting/llvm-project-jazzer/archive/b19be4a4f32f7b5441c5e004f4a9034cd6679b3d.tar.gz", ) |