jest-runner: Always instrument in fuzzing mode

Author: bertschneider

packages/jest-runner/config.ts

@@ -61,6 +61,10 @@ export function loadConfig(optionsKey = "jazzerjs"): Options {
 		config.mode = "fuzzing";
 	}
 
+	if (config.mode === "fuzzing") {
+		config.dryRun = false;
+	}
+
 	if (config.verbose) {
 		process.env.JAZZER_DEBUG = "1";
 	}

tests/bug-detectors/prototype-pollution.test.js

@@ -393,24 +393,6 @@ describe("Prototype Pollution Jest tests", () => {
 			"Prototype Pollution: Prototype of Object changed",
 		);
 	});
-
-	it("Fuzzing mode instrumentation off - variable declaration", () => {
-		const fuzzTest = new FuzzTestBuilder()
-			.runs(0)
-			.customHooks([
-				path.join(bugDetectorDirectory, "instrument-all.config.js"),
-			])
-			.dir(bugDetectorDirectory)
-			.dryRun(true)
-			.jestRunInFuzzingMode(true)
-			.jestTestFile("tests.fuzz.js")
-			.jestTestName("Variable declarations")
-			.build();
-		expect(() => {
-			fuzzTest.execute();
-		}).toThrow();
-		expect(fuzzTest.stderr).toContain("[Prototype Pollution Configuration]");
-	});
 });
 
 describe("Prototype Pollution instrumentation correctness tests", () => {

tests/jest_integration/integration.test.js

@@ -0,0 +1,122 @@
+/*
+ * Copyright 2023 Code Intelligence GmbH
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+const {
+	FuzzTestBuilder,
+	FuzzingExitCode,
+	WindowsExitCode,
+} = require("../helpers.js");
+const path = require("path");
+const fs = require("fs");
+
+describe("Jest integration", () => {
+	const projectDir = path.join(__dirname, "jest_project");
+	const jestTestFile = "integration.fuzz";
+
+	beforeEach(() => {
+		fs.rmSync(path.join(projectDir, ".jazzerjsrc.json"), {
+			force: true,
+		});
+		fs.rmSync(path.join(projectDir, ".cifuzz-corpus"), {
+			force: true,
+			recursive: true,
+		});
+		fs.rmSync(path.join(projectDir, jestTestFile), {
+			force: true,
+			recursive: true,
+		});
+	});
+
+	describe("Fuzzing mode", () => {
+		const fuzzingExitCode =
+			process.platform === "win32" ? WindowsExitCode : FuzzingExitCode;
+		const fuzzTestBuilder = new FuzzTestBuilder()
+			.dir(projectDir)
+			.runs(1_000_000)
+			.jestRunInFuzzingMode(true)
+			.jestTestFile(jestTestFile + ".js");
+
+		it("executes sync test", () => {
+			const fuzzTest = fuzzTestBuilder
+				.jestTestName("execute sync test")
+				.build();
+			expect(() => {
+				fuzzTest.execute();
+			}).toThrow(fuzzingExitCode);
+		});
+
+		it("execute async test", () => {
+			const fuzzTest = fuzzTestBuilder
+				.jestTestName("execute async test")
+				.build();
+			expect(() => {
+				fuzzTest.execute();
+			}).toThrow(fuzzingExitCode);
+		});
+
+		it("execute async test returning a promise", () => {
+			const fuzzTest = fuzzTestBuilder
+				.jestTestName("execute async test returning a promise")
+				.build();
+			expect(() => {
+				fuzzTest.execute();
+			}).toThrow(fuzzingExitCode);
+		});
+
+		it("execute async test using a callback", () => {
+			const fuzzTest = fuzzTestBuilder
+				.jestTestName("execute async test using a callback")
+				.build();
+			expect(() => {
+				fuzzTest.execute();
+			}).toThrow(fuzzingExitCode);
+		});
+	});
+
+	describe("Regression mode", () => {
+		const regressionTestBuilder = new FuzzTestBuilder()
+			.dir(projectDir)
+			.jestTestFile(jestTestFile + ".js");
+
+		it("executes sync test", () => {
+			const fuzzTest = regressionTestBuilder
+				.jestTestName("execute sync test")
+				.build()
+				.execute();
+		});
+
+		it("execute async test", () => {
+			const fuzzTest = regressionTestBuilder
+				.jestTestName("execute async test")
+				.build()
+				.execute();
+		});
+
+		it("execute async test returning a promise", () => {
+			const fuzzTest = regressionTestBuilder
+				.jestTestName("execute async test returning a promise")
+				.build()
+				.execute();
+		});
+
+		it("execute async test using a callback", () => {
+			const fuzzTest = regressionTestBuilder
+				.jestTestName("execute async test using a callback")
+				.build()
+				.execute();
+		});
+	});
+});

tests/jest_integration/jest_project/.gitignore

@@ -0,0 +1,3 @@
+.jazzerjsrc.json
+.cifuzz-corpus
+integration.fuzz

tests/jest_integration/jest_project/integration.fuzz.js

@@ -0,0 +1,35 @@
+/*
+ * Copyright 2023 Code Intelligence GmbH
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+const target = require("./target.js");
+
+describe("Jest Integration", () => {
+	it.fuzz("execute sync test", (data) => {
+		target.fuzzMe(data);
+	});
+
+	it.fuzz("execute async test", async (data) => {
+		await target.asyncFuzzMe(data);
+	});
+
+	it.fuzz("execute async test returning a promise", (data) => {
+		return target.asyncFuzzMe(data);
+	});
+
+	it.fuzz("execute async test using a callback", (data, done) => {
+		target.callbackFuzzMe(data, done);
+	});
+});

tests/jest_integration/jest_project/package.json

@@ -0,0 +1,29 @@
+{
+	"name": "jazzerjs-jest-integration-tests-project",
+	"version": "1.0.0",
+	"scripts": {
+		"test": "jest",
+		"fuzz": "JAZZER_FUZZ=1 jest "
+	},
+	"devDependencies": {
+		"@jazzer.js/jest-runner": "file:../../../packages/jest-runner",
+		"jest": "^29.3.1"
+	},
+	"jest": {
+		"projects": [
+			{
+				"displayName": "test"
+			},
+			{
+				"runner": "@jazzer.js/jest-runner",
+				"displayName": {
+					"name": "Jazzer.js",
+					"color": "cyan"
+				},
+				"testMatch": [
+					"<rootDir>/**/*.fuzz.js"
+				]
+			}
+		]
+	}
+}

tests/jest_integration/jest_project/target.js

@@ -0,0 +1,47 @@
+/*
+ * Copyright 2023 Code Intelligence GmbH
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+const fuzzMe = function (data) {
+	if (data.toString() === "Awesome") {
+		throw Error("Welcome to Awesome Fuzzing!");
+	}
+};
+
+const asyncFuzzMe = function (data) {
+	return new Promise((resolve, reject) => {
+		try {
+			fuzzMe(data);
+			resolve();
+		} catch (e) {
+			reject(e);
+		}
+	});
+};
+
+const callbackFuzzMe = function (data, done) {
+	setImmediate(() => {
+		try {
+			fuzzMe(data);
+			done();
+		} catch (e) {
+			done(e);
+		}
+	});
+};
+
+module.exports.fuzzMe = fuzzMe;
+module.exports.asyncFuzzMe = asyncFuzzMe;
+module.exports.callbackFuzzMe = callbackFuzzMe;

tests/jest_integration/package.json

@@ -0,0 +1,12 @@
+{
+	"name": "jazzerjs-jest-integration-tests",
+	"version": "1.0.0",
+	"description": "Jest integration tests.",
+	"scripts": {
+		"fuzz": "jest"
+	},
+	"devDependencies": {
+		"@types/jest": "^29.5.3",
+		"jest": "^29.6.2"
+	}
+}