jazzer

jazzer copied to clipboard

fmeum

I added the support for org.apache.el.ExpressionFactoryImpl and jakarta.el.ExpressionFactory in Expression Language Injection Detector. With the modification we can catch Expression Language Injection within Tomcat Applications.

henryrneh

fmeum

Docker build optimisation and upgrade to JRE 17

2

sachinsshetty

Increasing Fuzz Input Size

2

What is the right way to increase the input size? Similar to the [example in the README](https://github.com/CodeIntelligenceTesting/jazzer/blob/9187660732a99ffc982795bd121637a0339a0b23/README.md?plain=1#L130), I see the log message: INFO: -max_len is not provided; libFuzzer will not...

l0s

fmeum

Interaction of --keep_going and -ignore_crashes=1

3

While using Libfuzzers fork mode Jazzers --keep_going is naturally not enough and crashes the fuzzing after a while. Using -ignore_crashes=1 seems to work fine. But both together lead to Jazzer...

mschessler

ci: Use recommended BuildBuddy settings

1

fmeum

fmeum

VerifyError thrown while instanciating org.postgresql.jdbc.PgConnection

2

Hello I'm currenlty onboarding [pgjdbc](https://github.com/pgjdbc/pgjdbc) into oss-fuzz. One of the fuzz targets creates a java.sql.Connection to a postgresql server, which works, and then uses this connection to instanciate a `java.sql.Statement`....

aschaich