From 45377fdef258c3f85ed683b2fa6d0878a26b5ced Mon Sep 17 00:00:00 2001
From: psy <patrice.salathe@code-intelligence.com>
Date: Mon, 2 May 2022 17:12:20 +0200
Subject: [PATCH] Update fuzz target to ignore class injection (#7657)

see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47102
---
 projects/logback/JoranFuzzer.java | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/projects/logback/JoranFuzzer.java b/projects/logback/JoranFuzzer.java
index 6065d16ad..043695ecb 100644
--- a/projects/logback/JoranFuzzer.java
+++ b/projects/logback/JoranFuzzer.java
@@ -22,7 +22,14 @@ public class JoranFuzzer {
     }
 
     public static void fuzzerTestOneInput(FuzzedDataProvider data) {
-        InputStream xmlcontent = new ByteArrayInputStream(data.consumeString(1000).getBytes());
+        String content = data.consumeString(1000);
+
+        // https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47102
+        if (content.contains("class=\"")) {
+            return;
+        }
+
+        InputStream xmlcontent = new ByteArrayInputStream(content.getBytes());
         try {
             configurator.doConfigure(xmlcontent);
             logger.debug(data.consumeRemainingAsString());