Skip to content

Commit d8f234e

Browse files
committed
caffeine: Initial integration
1 parent a6d0c93 commit d8f234e

File tree

4 files changed

+127
-0
lines changed

4 files changed

+127
-0
lines changed
+35
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
// Copyright 2025 Google LLC
2+
//
3+
// Licensed under the Apache License, Version 2.0 (the "License");
4+
// you may not use this file except in compliance with the License.
5+
// You may obtain a copy of the License at
6+
//
7+
// http://www.apache.org/licenses/LICENSE-2.0
8+
//
9+
// Unless required by applicable law or agreed to in writing, software
10+
// distributed under the License is distributed on an "AS IS" BASIS,
11+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
// See the License for the specific language governing permissions and
13+
// limitations under the License.
14+
//
15+
////////////////////////////////////////////////////////////////////////////////
16+
import com.code_intelligence.jazzer.api.FuzzedDataProvider;
17+
import com.code_intelligence.jazzer.api.FuzzerSecurityIssueLow;
18+
import com.github.benmanes.caffeine.cache.CaffeineSpec;
19+
import java.lang.IllegalArgumentException;
20+
21+
public class CaffeineSpecFuzzer {
22+
public static void fuzzerTestOneInput(FuzzedDataProvider data) {
23+
try {
24+
CaffeineSpec spec = CaffeineSpec.parse(data.consumeRemainingAsString());
25+
if (spec == null) {
26+
throw new FuzzerSecurityIssueLow("null specification");
27+
}
28+
} catch (IllegalArgumentException e) {
29+
/* documented to be thrown, ignore */
30+
} catch (Exception e) {
31+
e.printStackTrace(System.out);
32+
throw new FuzzerSecurityIssueLow("Undocumented Exception");
33+
}
34+
}
35+
}

projects/caffeine/Dockerfile

+26
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
# Copyright 2025 Google LLC
2+
#
3+
# Licensed under the Apache License, Version 2.0 (the "License");
4+
# you may not use this file except in compliance with the License.
5+
# You may obtain a copy of the License at
6+
#
7+
# http://www.apache.org/licenses/LICENSE-2.0
8+
#
9+
# Unless required by applicable law or agreed to in writing, software
10+
# distributed under the License is distributed on an "AS IS" BASIS,
11+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
# See the License for the specific language governing permissions and
13+
# limitations under the License.
14+
#
15+
################################################################################
16+
17+
FROM gcr.io/oss-fuzz-base/base-builder-jvm
18+
19+
RUN git clone --depth 1 https://github.com/ben-manes/caffeine
20+
21+
RUN apt update && apt install -y openjdk-11-jdk-headless openjdk-21-jdk-headless
22+
ENV JAVA_HOME /usr/lib/jvm/java-21-openjdk-amd64
23+
24+
COPY build.sh $SRC/
25+
COPY *Fuzzer.java $SRC/
26+
WORKDIR $SRC/caffeine

projects/caffeine/build.sh

+56
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
#!/bin/bash -eu
2+
# Copyright 2025 Google LLC
3+
#
4+
# Licensed under the Apache License, Version 2.0 (the "License");
5+
# you may not use this file except in compliance with the License.
6+
# You may obtain a copy of the License at
7+
#
8+
# http://www.apache.org/licenses/LICENSE-2.0
9+
#
10+
# Unless required by applicable law or agreed to in writing, software
11+
# distributed under the License is distributed on an "AS IS" BASIS,
12+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
# See the License for the specific language governing permissions and
14+
# limitations under the License.
15+
#
16+
################################################################################
17+
18+
ALL_JARS=""
19+
20+
pushd "${SRC}/caffeine"
21+
./gradlew --no-daemon caffeine:jar
22+
install -v ./caffeine/build/libs/caffeine-*-SNAPSHOT.jar "$OUT/caffeine.jar"
23+
ALL_JARS="${ALL_JARS} caffeine.jar"
24+
popd
25+
26+
# The classpath at build-time includes the project jars in $OUT as well as the
27+
# Jazzer API.
28+
BUILD_CLASSPATH=$(echo $ALL_JARS | xargs printf -- "$OUT/%s:"):$JAZZER_API_PATH
29+
30+
# All .jar and .class files lie in the same directory as the fuzzer at runtime.
31+
RUNTIME_CLASSPATH=$(echo $ALL_JARS | xargs printf -- "\$this_dir/%s:"):\$this_dir
32+
33+
# compile all java files and copy them to $OUT
34+
javac -cp $SRC:$BUILD_CLASSPATH -g $SRC/*.java
35+
cp $SRC/*.class $OUT/
36+
37+
for fuzzer in $(find $SRC -name '*Fuzzer.java'); do
38+
fuzzer_basename=$(basename -s .java $fuzzer)
39+
40+
# Create an execution wrapper that executes Jazzer with the correct arguments.
41+
echo "#!/bin/bash
42+
# LLVMFuzzerTestOneInput for fuzzer detection.
43+
this_dir=\$(dirname \"\$0\")
44+
if [[ \"\$@\" =~ (^| )-runs=[0-9]+($| ) ]]; then
45+
mem_settings='-Xmx1900m:-Xss900k'
46+
else
47+
mem_settings='-Xmx2048m:-Xss1024k'
48+
fi
49+
LD_LIBRARY_PATH=\"$JVM_LD_LIBRARY_PATH\":\$this_dir \
50+
\$this_dir/jazzer_driver --agent_path=\$this_dir/jazzer_agent_deploy.jar \
51+
--cp=$RUNTIME_CLASSPATH \
52+
--target_class=$fuzzer_basename \
53+
--jvm_args=\"\$mem_settings\" \
54+
\$@" > $OUT/$fuzzer_basename
55+
chmod u+x $OUT/$fuzzer_basename
56+
done

projects/caffeine/project.yaml

+10
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
homepage: "https://github.com/ben-manes/caffeine"
2+
language: jvm
3+
main_repo: "https://github.com/ben-manes/caffeine.git"
4+
primary_contact: "[email protected]"
5+
auto_ccs:
6+
7+
fuzzing_engines:
8+
- libfuzzer
9+
sanitizers:
10+
- address

0 commit comments

Comments
 (0)