Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/centic9/hash4j-fuzz

Use Jazzer to perform fuzzy testing of hash4j
https://github.com/centic9/hash4j-fuzz

Last synced: 21 days ago
JSON representation

Use Jazzer to perform fuzzy testing of hash4j

Host: GitHub
URL: https://github.com/centic9/hash4j-fuzz
Owner: centic9
Created: 2022-04-04T15:55:16.000Z (over 2 years ago)
Default Branch: main
Last Pushed: 2024-09-26T05:20:06.000Z (about 2 months ago)
Last Synced: 2024-10-17T05:09:10.398Z (about 1 month ago)
Language: Java
Size: 214 KB
Stars: 1
Watchers: 2
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

This is a small project for fuzzing [hash4j](https://github.com/dynatrace-oss/hash4j) with the [jazzer](https://github.com/CodeIntelligenceTesting/jazzer/) fuzzing tool.

See [Fuzzing](https://en.wikipedia.org/wiki/Fuzzing) for a general description of the theory behind fuzzy testing.

Because Java uses a runtime environment which does not crash on invalid actions of an
application (unless native code is invoked), Fuzzing of Java-based applications
focuses on the following:

* verify if only expected exceptions are thrown
* verify any JNI or native code calls
* find cases of unbounded memory allocations

hash4j does not use JNI or native code, therefore the fuzzing target mainly
tries to trigger unexpected exceptions and unbounded memory allocations.

# How to fuzz

Build the fuzzing target:

./gradlew shadowJar

Prepare a corpus of test-files (i.e. valid and invalid lines) and put them
into directory `corpus`

mkdir corpus
i=0;cat src/test/resources/samples.txt | while IFS='' read data;do echo "$data" > corpus/sample_$i.txt;i=$((i+1));done

mkdir corpusSimHash

You can add more documents to the corpus to help Jazzer in producing "nearly"
proper queries which will improve fuzzing a lot. Slightly broken queries
seem to be a good seed for fuzzing as well.

Download Jazzer from the [releases page](https://github.com/CodeIntelligenceTesting/jazzer/releases),
choose the latest version and select the file `jazzer--.tar.gz`

Unpack the archive:

tar xzf jazzer-*.tar.gz

Invoke the fuzzing:

./jazzer --cp=build/libs/hash4j-fuzz-all.jar --instrumentation_includes=com.dynatrace.** --target_class=com.dynatrace.hash4j.fuzz.Fuzz -rss_limit_mb=1024 --jvm_args=-Xss4m corpus

./jazzer --cp=build/libs/hash4j-fuzz-all.jar --instrumentation_includes=com.dynatrace.** --target_class=com.dynatrace.hash4j.fuzz.SimHashFuzz -rss_limit_mb=1024 --jvm_args=-Xss4m corpusSimHash

In this mode Jazzer will stop whenever it detects an unexpected exception
or crashes.

You can use `--keep_going=10` to report a given number of exceptions before stopping.

See `./jazzer` for options which can control details of how Jazzer operates.