diff options
Diffstat (limited to 'sanitizers/src/test/java/com/example/ExpressionLanguageInjection.java')
-rw-r--r-- | sanitizers/src/test/java/com/example/ExpressionLanguageInjection.java | 31 |
1 files changed, 9 insertions, 22 deletions
diff --git a/sanitizers/src/test/java/com/example/ExpressionLanguageInjection.java b/sanitizers/src/test/java/com/example/ExpressionLanguageInjection.java index e26a9117..7d0192ab 100644 --- a/sanitizers/src/test/java/com/example/ExpressionLanguageInjection.java +++ b/sanitizers/src/test/java/com/example/ExpressionLanguageInjection.java @@ -15,33 +15,20 @@ package com.example; import com.code_intelligence.jazzer.api.FuzzedDataProvider; -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; -import javax.validation.*; - -class UserData { - public UserData(String email) { - this.email = email; - } - - @ValidEmailConstraint private String email; -} - -@Constraint(validatedBy = InsecureEmailValidator.class) -@Target({ElementType.METHOD, ElementType.FIELD}) -@Retention(RetentionPolicy.RUNTIME) -@interface ValidEmailConstraint { - String message() default "Invalid email address"; - Class<?>[] groups() default {}; - Class<? extends Payload>[] payload() default {}; -} +import com.example.el.UserData; +import java.util.logging.Level; +import java.util.logging.LogManager; +import javax.validation.Validation; +import javax.validation.Validator; public class ExpressionLanguageInjection { final private static Validator validator = Validation.buildDefaultValidatorFactory().getValidator(); + public static void fuzzerInitialize() { + LogManager.getLogManager().getLogger("").setLevel(Level.SEVERE); + } + public static void fuzzerTestOneInput(FuzzedDataProvider data) { UserData uncheckedUserData = new UserData(data.consumeRemainingAsString()); validator.validate(uncheckedUserData); |