-
Notifications
You must be signed in to change notification settings - Fork 129
/
Copy pathjvm_requirement_test_to_harness.txt
104 lines (97 loc) · 6.45 KB
/
jvm_requirement_test_to_harness.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
This is a Java programming language so the harness should be written in Java.
The fuzzing harness should be executable under the Jazzer fuzzing framework.
Here is a list of requirements that you MUST follow.
<requirements>
<item>Try as many variations of these inputs as possible.</item>
<item>Try creating the harness as complex as possible.</item>
<item>Try adding some nested loop to invoke the target method for multiple times.</item>
<item>The generated fuzzing harness should be wrapped with the <java_code> tag.</item>
<item>NEVER use any methods from the <code>java.lang.Random</code> class in the generated code.</item>
<item>NEVER use any classes or methods in the <code>java.lang.reflect</code> package in the generated code.</item>
<item>NEVER use the @FuzzTest annotation for specifying the fuzzing method.</item>
<item>NEVER use any assert, printing and logging statements in the generated harness.</item>
<item>Please avoid using any multithreading or multi-processing approach.</item>
<item>Please add import statements for necessary classes, except for classes in the java.lang package.</item>
<item>You MUST create the object before calling the target method.</item>
<item>Please use {HARNESS_NAME} as the Java class name.</item>
<item>You MUST invoke the close method of any resource class objects that implements the java.lang.AutoCloseable interface in the finally block after the target method is invoked.</item>
<item>You MUST use similar approach as the examples and tests to catch exceptions.</item>
<item>
Here is a comma separated list of public project methods. You must include the invocation of at least one of them in the generated harness. Each of the method signatures follows the format of <code>[Full qualified name of the class].method_name(method_arguments)</code>.
{PUBLIC_METHODS}
</item>
<item>
<item>Do not create new variables with the same names as existing variables.
WRONG:
<code>
public static void testing(int test) {
String test = "Testing";
}
</code></item>
<item>Always create the fuzzing harness from the following templates:
<code>
import com.code_intelligence.jazzer.api.FuzzedDataProvider;
// Other imports
public class {HARNESS_NAME} {
public static void fuzzerInitialize() {
// Initializing objects for fuzzing
}
public static void fuzzerTearDown() {
// Tear down objects after fuzzing
}
public static void fuzzerTestOneInput(FuzzedDataProvider data) {
// Use the FuzzedDataProvider object to generate random data for fuzzing
// Fuzz by invoking the target method with random parameters / objects generated above.
}
}
</code></item>
<item>
Here is a comma-separated list of all publicly accessible classes in this project. You can use any of these classes, as well as classes from the JVM library. Please AVOID using other classes in the project, even if it exists in the following test or sample code as they are not publicly accessible. Please import all necessary classes from this list.
{PUBLIC_CLASSES}
</item>
<item>
Here is a list of import statements that you MUST add to the generated harness.
{IMPORT_STATEMENTS}
</item>
<item>
Here is a list of other import statements for reference that you may need to make the generated harness compiles. Please only add them if necessary.
{OTHER_IMPORT_STATEMENTS}
</item>
<item>
You MUST ONLY use any of the following methods from the FuzzedDataProvider of the Jazzer framework for generating random data for fuzzing.
If the needed return value is not found in the table, try to use constructors or methods to create the needed random object. But you MUST try your best to randomise the random object with the methods in the table.
| Method | Return Value |
|---------------------------------------------|---------------------------------------|
| `consumeBytes(int length)` | `byte[]` |
| `consumeRemainingAsBytes()` | `byte[]` |
| `consumeString(int length)` | `String` |
| `consumeRemainingAsString()` | `String` |
| `consumeBoolean()` | `boolean` |
| `consumeInt(int min, int max)` | `int` |
| `consumeInt()` | `int` |
| `consumeLong(long min, long max)` | `long` |
| `consumeLong()` | `long` |
| `consumeFloat(float min, float max)` | `float` |
| `consumeFloat()` | `float` |
| `consumeDouble(double min, double max)` | `double` |
| `consumeDouble()` | `double` |
| `consumeChar()` | `char` |
| `consumeChar(char min, char max)` | `char` |
| `consumeShort(short min, short max)` | `short` |
| `consumeShort()` | `short` |
| `consumeRemainingAsCharSequence()` | `CharSequence` |
| `consumeBytestring()` | `byte[]` |
| `consumeBigInteger(int minNumBits)` | `BigInteger` |
| `consumeEnum(Class<E> enumType)` | `E` (Enum type) |
| `consumeProbabilityDouble()` | `double` |
| `consumeFraction()` | `double` |
| `pickValue(T... values)` | `T` (Type of value) |
| `pickValue(List<T> values)` | `T` (Type of value) |
| `consumeByte()` | `byte` |
| `consumeIntList(int length)` | `List<Integer>` |
| `consumeLongList(int length)` | `List<Long>` |
| `consumeFloatList(int length)` | `List<Float>` |
| `consumeDoubleList(int length)` | `List<Double>` |
| `consumeCharList(int length)` | `List<Character>` |
</item>
</requirements>