Arthur Chan
Arthur Chan
Closing this PR. New approach with fuzzing server is working in progress #8420
PR #537 aim to create base java testcases for step 1.
PR #539 aim to manage testcases and add build script for the test cases. It also import necessary jar library for the built and calling to java-callgraph. Handling step 1...
This PR is old trial test for Wala, could be merged or could be ignored since we are not using wala now. Merged to keep record of earlier work only.
Thanks for the suggestions. The data-flow analysis are indeed important. We may take a look of that once we finish the base analysing of the sink coverage of fuzzers.
General `RuntimeException` and `FuzzerSecurityIssueXXX` from Jazzer are quite different IMO, those `RuntimeException` could be caught easily. But those `FuzzerSecurityIssueXXX` are not that easy to be caught in the fuzzer logic...
Oh..... I may have complicated and over-interpreted the question......... The simple answer is, NO. Java has two categories of throwable objects, one is Exceptions and the other is Errors. And...
Two reason lead to this error. 1) Angus-mail project code uses package name that has prefix commonly considered as native code and java standard libraries. 2) Soot has a default...
This is still under process. Not ready to review yet.
Part of the process to push fuzers to keycloak upstream repository. (https://github.com/keycloak/keycloak/issues/22547)