Skip to content

Releases: CodeIntelligenceTesting/jazzer.js

Release 2.1.0

23 Oct 13:00
Compare
Choose a tag to compare

What's Changed

Full Changelog: v2.0.0...v2.1.0

Release 2.0.0

20 Sep 11:52
Compare
Choose a tag to compare

Jazzer.js now supports all Jest features 🎉 This introduces a small but breaking change, though. See the migration guide on how to convert the fuzz test projects from previous versions of Jazzer.js.

What's Changed

Full Changelog: v1.7.0...v2.0.0

Release 1.7.0

04 Sep 08:16
Compare
Choose a tag to compare

Summary

Handling application parameters is a hassle, so we simplified it.

All parameters can now be passed in with consistent names and clear priorities regarding their origin. Along the way support for environment variables was added as well to make integration into scripts and pipelines easier. More details can be found at Configuration options.

What's Changed

  • Feat: Streamline option handling (#530)
  • Fix: FuzzedDataProvider crash on float length (#552)
  • Fix: Always log internal messages to stderr (#576)

Full Changelog: v1.6.1...v1.7.0

Release 1.6.1

08 Aug 14:48
Compare
Choose a tag to compare

This release enables instrumentation in Jest when in fuzzing mode, and thus reverts the change introduced in version 1.6.0.
In addition, from now on the version of each workspace is now pinned, which prevents the @jazzer.js packages to use wrong versions of each other.

What's Changed

Release 1.6.0

04 Aug 09:24
Compare
Choose a tag to compare

This release contains two main additions: the Prototype Pollution bug detector, and handling of SIGINT/SIGSEGV signals.

Jazzer.js can now detect Prototype Pollution---a widespread vulnerability that is easy to introduce and hard to detect by manual code review.

Jazzer.js will now gracefully shut down when Ctrl+C is pressed, and will report coverage (if requested) and other information that was previously only available on crash or when the fuzzer exited by itself. In addition, Jazzer.js will now save crash files when segmentation faults occur, which allows a quick reproduction of the issue.

What's Changed

Release 1.5.1

27 Jun 15:47
Compare
Choose a tag to compare

Summary

This release fixes Jest fuzz tests written in TypeScript.

What's Changed

  • Bugfix: TypeScript support for Jest now works in standalone projects by @oetr in #485
  • Actions: send release event to datadog by @WillRoque in #480

New Contributors

Full Changelog: v1.5.0...v1.5.1

Release 1.5.0

16 Jun 06:45
Compare
Choose a tag to compare

Summary

This release contains two main additions: Bug detectors and TypeScript support for Jest fuzz tests.

Hooks can now be used to raise findings that escape all try/catch blocks and force the fuzzer to report a crash. Such hooks are called bug detectors. This release of Jazzer.js already contains two bug detectors, one for command injections and one for path traversals.

As TypeScript is used in many projects in the JavaScript ecosystem, many tests are also written in TypeScript. To better support already existing development workflows, Jazzer.js now supports the direct execution of Jest fuzz tests written in TypeScript. Simply set up your TypeScript project, like you would normally do, and enjoy running Jest fuzz tests written in TypeScript without the need to transpile them before the actual execution.

What's Changed

  • Feature: Support Jest fuzz tests written in TypeScript by @bertschneider (#449)
  • Feature: Add command injection bug detector by @oetr (#407)
  • Feature: Add path traversal bug detector by @0xricksanchez (#419)
  • Feature: Log coverage input directories on startup by @zgtm (#450)
  • Feature: Use wording from jazzer for logging corpus inputs on startup by @zgtm (#469)
  • Feature: Update llvm version by @br-lewis in (#416)
  • Feature: Streamline CLI arguments for a more intuitive Jazzer.js usage by @0xricksanchez (#429)
  • Bugfix: Fix async bug detector wrapper by @bertschneider (#460)
  • Bugfix: Deep-copy default Jest config to prevent tests changing each other's configurations by @oetr (#451)
  • Documentation: Note Jest TypeScript limitation by @br-lewis (#340)
  • Pipeline: Use rebase in Dependabot auto-merge by @bertschneider (#348)
  • Pipeline: Demote jest to a dev dependency by @0xricksanchez (#363)

New Contributors

Full Changelog: v1.4.0...v1.5.0

Release 1.4.0

23 Feb 10:02
Compare
Choose a tag to compare

Summary

This release enables using absolute paths to the fuzz targets. It also includes cleanups and CI improvements.

What's Changed

Full Changelog: v1.3.0...v1.4.0

Release 1.3.0

03 Feb 09:07
b7a265a
Compare
Choose a tag to compare

Summary

The main additions in this release are the ability to collecting coverage information and generate coverage reports, and the ability to leverage the FuzzedDataProvider to return arbitrary combinations of ASCII printable and/or lossy strings without having to rely on libfuzzers -only_ascii flag.

What's Changed

  • Fix a broken link by @ligurio in #292
  • Introduce toggle for FuzzedDataProvider to only return printable strings by @0xricksanchez in #268
  • Un-hide fuzz function flag by @kyakdan in #294
  • Gracefully handle none-string types when intercepting string comparisons by @kyakdan in #296
  • Jazzer.js now supports coverage report generation. Simply add "--coverage". by @oetr in #272
  • fuzztests: check error code of each individual fuzztest by @oetr in #297
  • Added simple detection mechanism for synchronous return values by @0xricksanchez in #283

New Contributors

Full Changelog: v1.2.0...v1.3.0

Release 1.2.0

24 Jan 15:41
Compare
Choose a tag to compare

Summary

This release enables using libFuzzer's fork mode with Jazzer.js.

What's Changed

Full Changelog: v1.1.0...v1.2.0