Hi! I built an experimental class that triggers OS Command Injection sanitizer, similar to OsCommandInjectionRuntimeExec in the exemplar folder of jazzer.
I am trying to offline-instrument the sanitizers of jazzer to my class and then run the instrumented jar file to see if the OS Command Injection sanitizer can be successfully triggered.
Here is how I implemented my class:
import java.util.concurrent.TimeUnit;
import static java.lang.Runtime.getRuntime;
import java.nio.file.*;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
public class OsCommandInjectionRuntimeExec {
public static void main(String[] args) {
Path path = Paths.get("the path to an input file generated previously by jazzer");
try {
byte[] fileBytes = Files.readAllBytes(path);
System.out.println("File read successfully.");
String fileContent = new String(fileBytes, StandardCharsets.US_ASCII);
System.out.println("File content as ASCII string:");
System.out.println(fileContent);
Process process = getRuntime().exec(fileContent, new String[] {});
if (!process.waitFor(10, TimeUnit.MILLISECONDS)) {
process.destroyForcibly();
}
} catch (IOException e) {
e.printStackTrace();
} catch (Exception ignored) {
// Ignore execution and setup exceptions
}
}
}
Here is the script of how I tried to build the instrumented jar and run it:
Exception in thread "main" java.lang.NoClassDefFoundError: com/code_intelligence/jazzer/runtime/CoverageMap
at OsCommandInjectionRuntimeExec.main(OsCommandInjectionRuntimeExec.java:25)
Caused by: java.lang.ClassNotFoundException: com.code_intelligence.jazzer.runtime.CoverageMap
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:641)
at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:188)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:525)
... 1 more
I am wondering why this class (com/code_intelligence/jazzer/runtime/CoverageMap) is not included in jazzer-0.22.1.jar. What will be the correct way to run offline-instrumented jar files?
Hi! I built an experimental class that triggers OS Command Injection sanitizer, similar to OsCommandInjectionRuntimeExec in the exemplar folder of jazzer.
I am trying to offline-instrument the sanitizers of jazzer to my class and then run the instrumented jar file to see if the OS Command Injection sanitizer can be successfully triggered.
Here is how I implemented my class:
Here is the script of how I tried to build the instrumented jar and run it:
These are the jar files in
$(find jazzer -name '*.jar' | tr '\n' ':'):After I run my script, here is the error message:
I am wondering why this class (
com/code_intelligence/jazzer/runtime/CoverageMap) is not included injazzer-0.22.1.jar. What will be the correct way to run offline-instrumented jar files?Thanks!