diff options
| author | Fabian Meumertzheim <meumertzheim@code-intelligence.com> | 2021-02-10 15:56:38 +0100 |
|---|---|---|
| committer | Fabian Meumertzheim <fabian@meumertzhe.im> | 2021-02-12 09:57:26 +0100 |
| commit | 5b94b7b5f1fa9f68832d58d037cdb0267de31906 (patch) | |
| tree | 89f52f93058d9d72ec79ad730efa38f106d75f43 /README.md | |
| parent | 0bcfd380fae4e121e3275fe05c9b8101ffca3fff (diff) | |
| download | jazzer-api-5b94b7b5f1fa9f68832d58d037cdb0267de31906.tar.gz | |
Optionally read fuzz target info from JAR manifest
By reading the fuzz target class and custom hooks from a JAR manifest
entry rather than a command-line argument, fuzz targets can be fully
self-contained.
This commit adds a Java function that looks for a unique
`Jazzer-Fuzz-Target-Class` attribute in all manifests on the classpath
and returns it to the driver if found. If no such entry is found, it
falls back to the `--target_class` commandline parameter.
In a similar way, the agent prepopulates the list of custom hooks to
load with the merged values of `Jazzer-Hook-Classes` attributes in all
manifests.
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 13 |
1 files changed, 10 insertions, 3 deletions
@@ -64,7 +64,7 @@ A toy example can be run as follows: # Using Bazelisk: ./bazelisk-linux-amd64 run //examples:ExampleFuzzer # Using the binary release and examples_deploy.jar: -./jazzer --cp=examples_deploy.jar --target_class=com.example.ExampleFuzzer --custom_hooks=com.example.ExampleFuzzerHooks +./jazzer --cp=examples_deploy.jar ``` This should produce output similar to the following: @@ -169,8 +169,13 @@ invoking Jazzer with the following arguments: --cp=fuzz_target.jar:lib1.jar:lib2.jar --target_class=com.example.MyFirstFuzzTarget <optional_corpus_dir> ``` -Bazel produces the correct type of `.jar` from a `java_binary` target with `create_executable = False` by adding -the suffix `_deploy.jar` to the target name. +The fuzz target class can optionally be specified by adding it as the value of the `Jazzer-Fuzz-Target-Class` attribute +in the JAR's manifest. If there is only a single such attribute among all manifests of JARs on the classpath, Jazzer will +use its value as the fuzz target class. + +Bazel produces the correct type of `.jar` from a `java_binary` target with `create_executable = False` and +`deploy_manifest_lines = ["Jazzer-Fuzz-Target-Class: com.example.MyFirstFuzzTarget"]` by adding the suffix `_deploy.jar` +to the target name. ### Fuzzed Data Provider @@ -307,6 +312,8 @@ for more details. To use the compiled method hooks they have to be available on the classpath provided by `--cp` and can then be loaded by providing the flag `--custom_hooks`, which takes a colon-separated list of names of classes to load hooks from. +This list of custom hooks can alternatively be specified via the `Jazzer-Hook-Classes` attribute in the fuzz target +JAR's manifest. ### Suppressing stack traces |