Apache Log4cxx  Version 1.4.0
All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Modules Pages
Fuzzing

Table of Contents

Log4cxx contains fuzz tests implemented using LibFuzzer. These tests are located in the src/fuzzers directory.

Google OSS-Fuzz

OSS-Fuzz is a Google service that continuously runs fuzz tests of critical F/OSS projects on a beefy cluster and reports its findings (bugs, vulnerabilities, etc.) privately to project maintainers. Log4cxx provides OSS-Fuzz integration with following helpers:

  • Dockerfile to create a container image for running tests
  • oss-fuzz-build.sh to generate fuzz test runner scripts along with all necessary dependencies

Running tests locally

  1. Clone the OSS-Fuzz repository:
    git clone --depth 1 https://github.com/google/oss-fuzz google-oss-fuzz && cd $_
  1. Build the container image:
    python infra/helper.py build_image apache-logging-log4cxx
  1. Run the container image to build the Log4cxx project and generate runner scripts along with dependencies:
    python infra/helper.py build_fuzzers \
    --sanitizer address --engine libfuzzer --architecture x86_64 \
    apache-logging-log4cxx
  1. List generated runner scripts:
    ls -al build/out/apache-logging-log4cxx
  1. Check one of the generated runner scripts:
    python infra/helper.py check_build \
    --sanitizer address --engine libfuzzer --architecture x86_64 \
    apache-logging-log4cxx PatternLayoutFuzzer
  1. Execute one of the generated runner scripts:
    python infra/helper.py run_fuzzer \
    --sanitizer address --engine libfuzzer --architecture x86_64 \
    apache-logging-log4cxx PatternLayoutFuzzer

Viewing fuzzing failures detected by OSS-Fuzz

The system running fuzzers registered to OSS-Fuzz is called ClusterFuzz, which provides a web interface for maintainers to monitor the fuzzing results. Test output and the input for any failed test (required for reproduction) are stored in a Google Cloud Storage bucket.

Reproducing fuzzing failures detected by OSS-Fuzz

Download the associated .testcase file from the Google Cloud Storage bucket, and run the following command:

python infra/helper.py reproduce \
apache-logging-log4cxx <FUZZ-TARGET-NAME> <TESTCASE-FILE-PATH>

Refer to the related OSS-Fuzz documentation for details.

Access to both the web interface and the storage bucket is restricted, and only those allowed to configure the oss-fuzz project.