Add a sanitizer for insecure deserialization

2 files changed, 8 insertions, 1 deletions

diff --git a/agent/BUILD.bazel b/agent/BUILD.bazel
index 8203f269..fdb4f2df 100644
--- a/agent/BUILD.bazel
+++ b/agent/BUILD.bazel
@@ -1,13 +1,18 @@
 load("@rules_java//java:defs.bzl", "java_binary")
+load("//sanitizers:sanitizers.bzl", "SANITIZER_CLASSES")
 
 java_binary(
     name = "jazzer_agent",
     create_executable = False,
     deploy_manifest_lines = [
         "Premain-Class: com.code_intelligence.jazzer.agent.Agent",
+        "Jazzer-Hook-Classes: {}".format(":".join(SANITIZER_CLASSES)),
     ],
     visibility = ["//visibility:public"],
-    runtime_deps = ["//agent/src/main/java/com/code_intelligence/jazzer/agent:agent_lib"],
+    runtime_deps = [
+        "//agent/src/main/java/com/code_intelligence/jazzer/agent:agent_lib",
+        "//sanitizers",
+    ],
 )
 
 java_binary(
diff --git a/agent/src/main/java/com/code_intelligence/jazzer/agent/RuntimeInstrumentor.kt b/agent/src/main/java/com/code_intelligence/jazzer/agent/RuntimeInstrumentor.kt
index 4439f247..9deb4ca6 100644
--- a/agent/src/main/java/com/code_intelligence/jazzer/agent/RuntimeInstrumentor.kt
+++ b/agent/src/main/java/com/code_intelligence/jazzer/agent/RuntimeInstrumentor.kt
@@ -42,6 +42,8 @@ private val BASE_EXCLUDED_CLASS_NAME_GLOBS = listOf(
     "com.code_intelligence.jazzer.**",
     "com.sun.**", // package for Proxy objects
     "java.**",
+    "jaz.Ter", // safe companion of the honeypot class used by sanitizers
+    "jaz.Zer", // honeypot class used by sanitizers
     "jdk.**",
     "kotlin.**",
     "sun.**",