Log4cxx contains fuzz tests implemented using LibFuzzer. These tests are located in the src/fuzzers directory.
OSS-Fuzz is a Google service that continuously runs fuzz tests of critical F/OSS projects on a beefy cluster and reports its findings (bugs, vulnerabilities, etc.) privately to project maintainers. Log4cxx provides OSS-Fuzz integration with following helpers:
oss-fuzz-build.sh to generate fuzz test runner scripts along with all necessary dependenciesgit clone --depth 1 https://github.com/google/oss-fuzz google-oss-fuzz && cd $_
python infra/helper.py build_image apache-logging-log4cxx
python infra/helper.py build_fuzzers \ --sanitizer address --engine libfuzzer --architecture x86_64 \ apache-logging-log4cxx
ls -al build/out/apache-logging-log4cxx
python infra/helper.py check_build \ --sanitizer address --engine libfuzzer --architecture x86_64 \ apache-logging-log4cxx PatternLayoutFuzzer
python infra/helper.py run_fuzzer \ --sanitizer address --engine libfuzzer --architecture x86_64 \ apache-logging-log4cxx PatternLayoutFuzzer
The system running fuzzers registered to OSS-Fuzz is called ClusterFuzz, which provides a web interface for maintainers to monitor the fuzzing results. Test output and the input for any failed test (required for reproduction) are stored in a Google Cloud Storage bucket.
Download the associated .testcase file from the Google Cloud Storage bucket, and run the following command:
python infra/helper.py reproduce \ apache-logging-log4cxx <FUZZ-TARGET-NAME> <TESTCASE-FILE-PATH>
Refer to the related OSS-Fuzz documentation for details.
Access to both the web interface and the storage bucket is restricted, and only those allowed to configure the oss-fuzz project.