From 335d8533513c1ef3368f9e9496e6070a4b97355d Mon Sep 17 00:00:00 2001
From: wojtekCodeInt <75366403+wojtekCodeInt@users.noreply.github.com>
Date: Sun, 19 Feb 2023 23:46:58 +0100
Subject: [PATCH] [jboss-logging] initial integration (#9662)
---
projects/jboss-logging/.gitignore | 4 +
projects/jboss-logging/Dockerfile | 33 ++++++++
projects/jboss-logging/build.sh | 80 +++++++++++++++++++
.../project-parent/fuzz-targets/pom.xml | 55 +++++++++++++
.../test/java/com/example/LoggingFuzzer.java | 43 ++++++++++
projects/jboss-logging/project-parent/pom.xml | 16 ++++
projects/jboss-logging/project.yaml | 10 +++
7 files changed, 241 insertions(+)
create mode 100644 projects/jboss-logging/.gitignore
create mode 100644 projects/jboss-logging/Dockerfile
create mode 100644 projects/jboss-logging/build.sh
create mode 100644 projects/jboss-logging/project-parent/fuzz-targets/pom.xml
create mode 100644 projects/jboss-logging/project-parent/fuzz-targets/src/test/java/com/example/LoggingFuzzer.java
create mode 100644 projects/jboss-logging/project-parent/pom.xml
create mode 100644 projects/jboss-logging/project.yaml
diff --git a/projects/jboss-logging/.gitignore b/projects/jboss-logging/.gitignore
new file mode 100644
index 000000000..dc53d4052
--- /dev/null
+++ b/projects/jboss-logging/.gitignore
@@ -0,0 +1,4 @@
+project-parent/jboss-logging
+project-parent/fuzz-targets/target
+project-parent/fuzz-targets/src/test/resources
+project-parent/fuzz-targets/pom.xml.versionsBackup
\ No newline at end of file
diff --git a/projects/jboss-logging/Dockerfile b/projects/jboss-logging/Dockerfile
new file mode 100644
index 000000000..da5835bd3
--- /dev/null
+++ b/projects/jboss-logging/Dockerfile
@@ -0,0 +1,33 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder-jvm
+
+RUN curl -L https://downloads.apache.org/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.zip -o maven.zip && \
+ unzip maven.zip -d $SRC/maven && \
+ rm -rf maven.zip
+
+ENV MVN $SRC/maven/apache-maven-3.6.3/bin/mvn
+
+# if not set python infra helper cannot be used for local testing
+
+COPY project-parent $SRC/project-parent/
+
+RUN rm -rf $SRC/project-parent/jboss-logging
+RUN git clone --depth 1 https://github.com/jboss-logging/jboss-logging $SRC/project-parent/jboss-logging
+
+COPY build.sh $SRC/
+WORKDIR $SRC/
\ No newline at end of file
diff --git a/projects/jboss-logging/build.sh b/projects/jboss-logging/build.sh
new file mode 100644
index 000000000..f84d63fc5
--- /dev/null
+++ b/projects/jboss-logging/build.sh
@@ -0,0 +1,80 @@
+#!/bin/bash -eu
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+PROJECT=jboss-logging
+PROJECT_GROUP_ID=org.jboss.logging
+PROJECT_ARTIFACT_ID=jboss-logging
+MAIN_REPOSITORY=https://github.com/jboss-logging/jboss-logging
+
+function set_project_version_in_fuzz_targets_dependency {
+ #PROJECT_VERSION=$(cd $PROJECT && $MVN org.apache.maven.plugins:maven-help-plugin:3.2.0:evaluate -Dexpression=project.version -q -DforceStdout)
+ PROJECT_VERSION=3.5.1.Final-SNAPSHOT #workaround to make it faster
+ # set dependency project version in fuzz-targets
+ (cd fuzz-targets && $MVN versions:use-dep-version -Dincludes=$PROJECT_GROUP_ID:$PROJECT_ARTIFACT_ID -DdepVersion=$PROJECT_VERSION -DforceVersion=true)
+}
+
+cd project-parent
+
+# LOCAL_DEV env variable need to be set in local development env
+if [[ -v LOCAL_DEV ]]; then
+ MVN=mvn
+
+ # checkout latest project version
+ git -C $PROJECT pull || git clone $MAIN_REPOSITORY $PROJECT
+
+ set_project_version_in_fuzz_targets_dependency
+
+ #install
+ mvn -pl $PROJECT install -DskipTests
+ mvn -pl fuzz-targets install
+
+else
+ # Move seed corpus and dictionary.
+ # mv $SRC/{*.zip,*.dict} $OUT
+
+ set_project_version_in_fuzz_targets_dependency
+
+ #install
+ $MVN -pl $PROJECT install -DskipTests -Dmaven.repo.local=$OUT/m2
+ $MVN -pl fuzz-targets install -Dmaven.repo.local=$OUT/m2
+
+ # build classpath
+ $MVN -pl fuzz-targets dependency:build-classpath -Dmdep.outputFile=cp.txt -Dmaven.repo.local=$OUT/m2
+ cp -r $SRC/project-parent/fuzz-targets/target/test-classes/ $OUT/test-classes
+ RUNTIME_CLASSPATH_ABSOLUTE="$(cat fuzz-targets/cp.txt):$OUT/test-classes"
+ RUNTIME_CLASSPATH_RELATIVE=$(echo $RUNTIME_CLASSPATH_ABSOLUTE | sed "s|$OUT|.|g")
+
+ for fuzzer in $(find $SRC/project-parent -name '*Fuzzer.java'); do
+ fuzzer_basename=$(basename -s .java $fuzzer)
+
+ # Create an execution wrapper for every fuzztarget
+ echo "#!/bin/bash
+ # LLVMFuzzerTestOneInput comment for fuzzer detection by infrastructure.
+ if [[ \"\$@\" =~ (^| )-runs=[0-9]+($| ) ]]; then
+ mem_settings='-Xmx1900m -Xss900k'
+ else
+ mem_settings='-Xmx2048m -Xss1024k'
+ fi
+ java -cp $RUNTIME_CLASSPATH_RELATIVE \
+ \$mem_settings \
+ com.code_intelligence.jazzer.Jazzer \
+ --target_class=com.example.$fuzzer_basename \
+ \$@" > $OUT/$fuzzer_basename
+ chmod u+x $OUT/$fuzzer_basename
+ done
+
+fi
diff --git a/projects/jboss-logging/project-parent/fuzz-targets/pom.xml b/projects/jboss-logging/project-parent/fuzz-targets/pom.xml
new file mode 100644
index 000000000..d60788023
--- /dev/null
+++ b/projects/jboss-logging/project-parent/fuzz-targets/pom.xml
@@ -0,0 +1,55 @@
+
+
+
+ 4.0.0
+ com.fuzzer
+ fuzz-targets
+ 0.0.1-SNAPSHOT
+ fuzz
+ fuzz
+
+
+ 11
+ 11
+ 11
+
+
+
+
+
+ com.code-intelligence
+ jazzer-junit
+ 0.14.0
+
+
+
+ org.junit.jupiter
+ junit-jupiter-engine
+ 5.9.0
+ test
+
+
+
+ org.jboss.logging
+ jboss-logging
+ Fuzzing-SNAPSHOT
+
+
+
+
+
+
+
+ maven-surefire-plugin
+ 2.22.2
+
+
+
+
+ ${project.basedir}/src/test/resources
+
+
+
+
+
diff --git a/projects/jboss-logging/project-parent/fuzz-targets/src/test/java/com/example/LoggingFuzzer.java b/projects/jboss-logging/project-parent/fuzz-targets/src/test/java/com/example/LoggingFuzzer.java
new file mode 100644
index 000000000..4062c026a
--- /dev/null
+++ b/projects/jboss-logging/project-parent/fuzz-targets/src/test/java/com/example/LoggingFuzzer.java
@@ -0,0 +1,43 @@
+// Copyright 2023 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+package com.example;
+
+import com.code_intelligence.jazzer.api.FuzzedDataProvider;
+import com.code_intelligence.jazzer.junit.FuzzTest;
+
+import org.jboss.logging.*;
+import java.util.Properties;
+
+
+class LoggingFuzzer {
+ private static final Logger LOGGER = Logger.getLogger(LoggingFuzzer.class);
+ @FuzzTest
+ void myFuzzTest(FuzzedDataProvider data) {
+ String[] logManagers = { "jboss","jdk","log4j2","log4j","slf4j"};
+ String logManager = data.pickValue(logManagers);
+ Properties props = System.getProperties();
+ props.setProperty("org.jboss.logging.provider", logManager);
+ int i1 = data.consumeInt();
+ int i2 = data.consumeInt();
+ String s2 = data.consumeString(10);
+ String s1 = data.consumeRemainingAsString();
+ LOGGER.debugf(s1,i1,i2,s2);
+ LOGGER.tracef(s1,i1,i2,s2);
+ LOGGER.errorf(s1,i1,i2,s2);
+
+ }
+}
diff --git a/projects/jboss-logging/project-parent/pom.xml b/projects/jboss-logging/project-parent/pom.xml
new file mode 100644
index 000000000..353add4d9
--- /dev/null
+++ b/projects/jboss-logging/project-parent/pom.xml
@@ -0,0 +1,16 @@
+
+
+ 4.0.0
+
+ com.fuzzer
+ project-parent
+ 0.1.0
+ pom
+
+
+ jboss-logging
+ fuzz-targets
+
+
+
\ No newline at end of file
diff --git a/projects/jboss-logging/project.yaml b/projects/jboss-logging/project.yaml
new file mode 100644
index 000000000..5600c4570
--- /dev/null
+++ b/projects/jboss-logging/project.yaml
@@ -0,0 +1,10 @@
+homepage: "https://github.com/jboss-logging/jboss-logging"
+language: jvm
+fuzzing_engines:
+ - libfuzzer
+main_repo: "https://github.com/jboss-logging/jboss-logging"
+sanitizers:
+ - address
+vendor_ccs:
+ - "bug-disclosure@code-intelligence.com"
+ - "hlin@code-intelligence.com"
\ No newline at end of file