Custom hooks with docker throwing an error

[r00tdaemon]

When trying to run jazzer docker image by specifying --custom_hooks flag it throws the following error.

ERROR: com.example.ExampleFuzzer must define exactly one of the following two functions:
public static void fuzzerTestOneInput(byte[] ...)
public static void fuzzerTestOneInput(FuzzedDataProvider ...)
Note: Fuzz targets returning boolean are no longer supported; exceptions should be thrown instead of returning true.

Steps to reproduce -

• Build a jar containing https://github.com/CodeIntelligenceTesting/jazzer/blob/main/examples/src/main/java/com/example/ExampleFuzzer.java, https://github.com/CodeIntelligenceTesting/jazzer/blob/main/examples/src/main/java/com/example/ExampleFuzzerHooks.java
• Run the following command docker run --rm -v $(pwd):/fuzzing cifuzz/jazzer --cp=<path to jar> --target_class=com.example.ExampleFuzzer --custom_hooks=com.example.ExampleFuzzerHooks
• Error is thrown.

If you run the same command without --custom_hooks flag it works fine. I have not tried running jazzer with release binary

[fmeum]

Custom hooks need to be packaged into separate JAR files (see https://github.com/CodeIntelligenceTesting/jazzer/blob/main/docs/advanced.md#custom-hooks, although this arguably shouldn't be hidden in the last paragraph of that section). The JAR files that contain them are added to the bootstrap class path and if that happens to your fuzz target, FuzzedDataProvider will be loaded twice in different class loaders.

Could you try whether moving the hook to a separate jar file resolves the issue?

[r00tdaemon]

When I tried running the following command with release binary it worked - ~/tools/jazzer --cp=~/tools/jazzer_standalone.jar:build/libs/hooks_examples-uber.jar --target_class=com.example.ExampleFuzzer --custom_hooks=com.example.ExampleFuzzerHooks

I can try with separate jars but since above command worked I'm guessing it might be an issue with the docker image

[ghost]

Hi @r00tdaemon ! We actually went down this root with another prodsec team. Jazzer didn't end up being the right solution for them and they pivoted to our closed source fuzzer. It was easier and they found bugs. Want to discuss more? david[dot]merian [at] code-intelligence[dot]com