Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Custom hooks with docker throwing an error #633

Open
r00tdaemon opened this issue Feb 16, 2023 · 3 comments
Open

Custom hooks with docker throwing an error #633

r00tdaemon opened this issue Feb 16, 2023 · 3 comments

Comments

@r00tdaemon
Copy link

When trying to run jazzer docker image by specifying --custom_hooks flag it throws the following error.

ERROR: com.example.ExampleFuzzer must define exactly one of the following two functions:
public static void fuzzerTestOneInput(byte[] ...)
public static void fuzzerTestOneInput(FuzzedDataProvider ...)
Note: Fuzz targets returning boolean are no longer supported; exceptions should be thrown instead of returning true.

Steps to reproduce -

If you run the same command without --custom_hooks flag it works fine.
I have not tried running jazzer with release binary
@fmeum
Copy link
Contributor

fmeum commented Feb 16, 2023

Custom hooks need to be packaged into separate JAR files (see https://github.com/CodeIntelligenceTesting/jazzer/blob/main/docs/advanced.md#custom-hooks, although this arguably shouldn't be hidden in the last paragraph of that section). The JAR files that contain them are added to the bootstrap class path and if that happens to your fuzz target, FuzzedDataProvider will be loaded twice in different class loaders.

Could you try whether moving the hook to a separate jar file resolves the issue?

@r00tdaemon
Copy link
Author

When I tried running the following command with release binary it worked - ~/tools/jazzer --cp=~/tools/jazzer_standalone.jar:build/libs/hooks_examples-uber.jar --target_class=com.example.ExampleFuzzer --custom_hooks=com.example.ExampleFuzzerHooks

I can try with separate jars but since above command worked I'm guessing it might be an issue with the docker image

@ghost
Copy link

ghost commented Feb 26, 2024

Hi @r00tdaemon !
We actually went down this root with another prodsec team. Jazzer didn't end up being the right solution for them and they pivoted to our closed source fuzzer. It was easier and they found bugs.
Want to discuss more?
david[dot]merian [at] code-intelligence[dot]com

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fmeum @r00tdaemon