Skip to content

Google OSS-Fuzz integration #2949

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 65 commits into from
Sep 17, 2024
Merged

Google OSS-Fuzz integration #2949

merged 65 commits into from
Sep 17, 2024

Conversation

vy
Copy link
Member

@vy vy commented Sep 13, 2024

As a deliverable of #2891 and #2892, implements Google OSS-Fuzz integration. See the added FUZZING.adoc for details.

vy added 30 commits July 12, 2024 08:06
@vy
Add the very first log4j-fuzz-test
bbeee8a
@vy
Move away from tests to fuzzerTestOneInput() approach
e32ca7f
@vy
Replace Jackson with the reference JSON implementation
231e2f7
@vy
Improve function naming
a28314e
@vy
Delete JSON fuzzing dictionary, it will be provided while running the…
4d5f53d 
… fuzzer
@vy
Switch to using the downloaded jazzer_standalone.jar
dd5eeb1
@vy
Fix generate-uber-jar execution
8471a78
@vy
Split tests into dedicated modules
7fc3eb2
@vy
Consolidate parameterized and non-parameterized tests
2843690
@vy
Fix Spotless failures
7bb87ad
@vy
Merge remote-tracking branch 'origin/2.x' into fuzzing
efd670b
@vy
Add SLF4J-to-Log4j Bridge fuzzers
3993ec0
@vy
Add oss-fuzz-build.sh
0de4707
@vy
Merge remote-tracking branch 'origin/2.x' into fuzzing
a307946
@vy
Port develocity.xml from 2.x
b45934a
@vy
Fix broken log4j-osgi-test/pom.xml
f557569
@vy
Fix build scripts
1f1c2e4
@vy
Explain how to use dictionary and corpus
6bb3d83
@vy
Switch Maven Wrapper from bin to only-script distribution
fb037d0 
`only-script` is the new default type and it supports `MAVEN_ARGS`
@vy
Merge remote-tracking branch 'origin/2.x' into fuzzing
c86d2f5
@vy
Fix fuzzer detection
5ef11a0
@vy
Fix script folder detection
755ccb4
@vy
Fix classpath detection
034fe35
@vy
Reflect OSS-Fuzz project path change
22c5016
@vy
Merge remote-tracking branch 'origin/2.x' into fuzzing
a2ebafe
@vy
Make wget/git quiet
ea32623
@vy
Merge remote-tracking branch 'origin/2.x' into fuzzing
96033d9
@vy
Merge remote-tracking branch 'origin/2.x' into fuzzing
7726392
@vy
Increase verbosity for troubleshooting (google/oss-fuzz#12349)
0c6cd0b
@vy
Add classpath verification
cc7ee49
@vy vy added the tests Pull requests or issues related to tests label Sep 13, 2024
@vy vy added this to the 2.25.0 milestone Sep 13, 2024
@vy vy requested a review from ppkarwasz September 13, 2024 11:33
@vy vy self-assigned this Sep 13, 2024
ppkarwasz
ppkarwasz requested changes Sep 17, 2024
View reviewed changes
Copy link
Contributor

@ppkarwasz ppkarwasz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great job! 💯

I only have some minor remarks on this huge PR:

@vy
Copy link
Member Author

vy commented Sep 17, 2024

@ppkarwasz, what do your FQCN fixes address in the context of fuzzing?

@ppkarwasz
Copy link
Contributor

@ppkarwasz, what do your FQCN fixes address in the context of fuzzing?

Probably nothing, I just wanted to give a good example to users, if they apply the code somewhere else.

@vy vy merged commit caa0f1d into 2.x Sep 17, 2024
9 checks passed
@vy vy deleted the fuzzing branch September 17, 2024 19:13
@vy vy mentioned this pull request Sep 18, 2024
Merged
jonathanmetzman pushed a commit to google/oss-fuzz that referenced this pull request Sep 18, 2024
@vy
log4j2: Switch to the Log4j 2 development branch (#12514)
afc8ca9 
In #12304, we used `fuzzing` branch of the `apache/logging-log4j2`
repository while developing the Log4j 2 integration. This work was
successful and we eventually merged the `fuzzing` branch to
`2.x`<sup>1</sup> in apache/logging-log4j2#2949. Now we can point
OSS-Fuzz to the permanent location of the Log4j 2 fuzz tests.

<sup>1</sup> [`2.x` is the main branch where Log4j 2 development takes
place.](https://logging.apache.org/log4j/2.x/development.html#branching)
vy added a commit that referenced this pull request Sep 19, 2024
@vy
Clean-up fuzzer reports on false positives (#2949)
0a05180
vy added a commit that referenced this pull request Sep 19, 2024
@vy
Fix typo (#2949)
c0acbdd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ppkarwasz ppkarwasz ppkarwasz approved these changes

Assignees

@vy vy

Labels
tests Pull requests or issues related to tests
Projects
None yet
Milestone
2.25.0
Development

Successfully merging this pull request may close these issues.
2 participants
@vy @ppkarwasz