oss-fuzz/projects/spring-boot-actuator/SanitizerFuzzer.java

import com.code_intelligence.jazzer.api.FuzzedDataProvider;
import com.code_intelligence.jazzer.api.FuzzerSecurityIssueMedium;
import org.springframework.boot.actuate.endpoint.Sanitizer;

public class SanitizerFuzzer {
    public static void fuzzerTestOneInput(FuzzedDataProvider data) {
        String key = data.consumeString(50);
        String value = data.consumeRemainingAsString();

        if (value.isEmpty() || key.isEmpty()) {
            return;
        }

        Sanitizer sanitizer = new Sanitizer();
        sanitizer.keysToSanitize(key);
        String result = (String) sanitizer.sanitize(key, value);
        if (!result.equals("******")) {
            throw new FuzzerSecurityIssueMedium("Value not sanitized. key: " + key + " value:" + value + " result:" + result);
        }
    } 
}
spring-boot-actuator: initial integration (#7849) * Initial integration * Improve fuzz target, fix build error 2022-06-15 15:41:22 +00:00			`import com.code_intelligence.jazzer.api.FuzzedDataProvider;`
			`import com.code_intelligence.jazzer.api.FuzzerSecurityIssueMedium;`
			`import org.springframework.boot.actuate.endpoint.Sanitizer;`

			`public class SanitizerFuzzer {`
			`public static void fuzzerTestOneInput(FuzzedDataProvider data) {`
			`String key = data.consumeString(50);`
			`String value = data.consumeRemainingAsString();`

			`if (value.isEmpty() \|\| key.isEmpty()) {`
			`return;`
			`}`

			`Sanitizer sanitizer = new Sanitizer();`
			`sanitizer.keysToSanitize(key);`
			`String result = (String) sanitizer.sanitize(key, value);`
			`if (!result.equals("******")) {`
			`throw new FuzzerSecurityIssueMedium("Value not sanitized. key: " + key + " value:" + value + " result:" + result);`
			`}`
			`}`
			`}`