diff options
author | Fabian Meumertzheim <meumertzheim@code-intelligence.com> | 2021-03-10 22:28:02 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-03-10 13:28:02 -0800 |
commit | 3a227bd77da9ca96155e76b605bf4cae9cf7f8e7 (patch) | |
tree | d505500496ca4341a76edc5a03cfd5ede8dab281 /projects/json-sanitizer/ValidJsonFuzzer.java | |
parent | 53e9531551ff6438693fd3690403e809aa7ce221 (diff) | |
download | oss-fuzz-3a227bd77da9ca96155e76b605bf4cae9cf7f8e7.tar.gz |
[json-sanitizer] Add severity markup (#5350)
Annotates the findings of the various json-sanitizer fuzzers with
severities as follows:
* XSS: High
* Comment injection: Medium
* Invalid JSON: Low
* Failure to be idempotent: Not a security issue
* Undeclared exceptions: Not a security issue
This commit takes advantage of the support for severity markers in stack
traces introduced in https://github.com/google/clusterfuzz/pull/2270.
Diffstat (limited to 'projects/json-sanitizer/ValidJsonFuzzer.java')
-rw-r--r-- | projects/json-sanitizer/ValidJsonFuzzer.java | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/projects/json-sanitizer/ValidJsonFuzzer.java b/projects/json-sanitizer/ValidJsonFuzzer.java index 7430b9c92..c8fbe0386 100644 --- a/projects/json-sanitizer/ValidJsonFuzzer.java +++ b/projects/json-sanitizer/ValidJsonFuzzer.java @@ -15,6 +15,7 @@ //////////////////////////////////////////////////////////////////////////////// import com.code_intelligence.jazzer.api.FuzzedDataProvider; +import com.code_intelligence.jazzer.api.FuzzerSecurityIssueLow; import com.google.gson.Gson; import com.google.gson.JsonElement; @@ -33,12 +34,14 @@ public class ValidJsonFuzzer { // exceeded. return; } + + // Check that the output is valid JSON. Invalid JSON may crash other parts + // of the application that trust the output of the sanitizer. try { + Gson gson = new Gson(); gson.fromJson(output, JsonElement.class); } catch (Exception e) { - System.err.println("input : " + input); - System.err.println("output : " + output); - throw e; + throw new FuzzerSecurityIssueLow("Output is invalid JSON", e); } } } |