| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
|
|
This prevents us from accidentally depending on it (which is not
realistic anyway).
|
|
|
|
|
|
|
|
* Add sanitizer for expresion language injection
* Extract honeypot class name variable
|
|
|
|
|
|
This reverts commit 0228b326cc5d564f264f46ff912fb95a0a5392b1.
Marking junit as testonly causes lots of pain for projects depending on
Jazzer.
|
|
We are currently deriving edge coverage instrumentation from basic block
instrumentation via the AFL XOR-technique. This has several downsides:
* Different edges can be assigned the same position in the coverage map,
which leads to underreported coverage.
* The coverage map needs to be large enough for collisions to be
unlikely (on the order of num_edges^2). In addition to being wasteful,
it is also hard to determine the correct size given that we don't know
the number of edges.
In addition to the design limitations, the current implementation
additionally does not take into account that most Java method
invocations can throw exceptions and thus need to be instrumented.
These issues are resolved by switching to true LLVM-style edge coverage
instrumentation. The new coverage instrumentation is based on a lightly
patched version of the JaCoCo internals.
Note:
//agent/src/test/java/com/code_intelligence/jazzer/instrumentor:coverage_instrumentation_test
is not passing for this commit. It will be fixed with the next commit.
|
|
|
|
|
|
The uploaded jar previously did not contain any class files and lacked
required POM fields.
|
