v0.12.0

What's Changed

• Breaking change: Autofuzz API methods (consume and autofuzz) have moved from the
  Jazzer class to the dedicated Autofuzz class
• Major feature: Added JUnit 5 integration for fuzzing and regression tests using the
  @FuzzTest annotation (available as com.code-intelligence:jazzer-junit)
• Feature: Added sanitizer for SQL injections
• Feature: Hooks can be selectively disabled by specifying their full class name using the new
  --disabled_hooks flag
• Fix: Remove memory leaks in native code
• Fix: Don't instrument internal Azul JDK classes
• Fix: Classes with local variable annotations are now instrumented without errors

This release also includes smaller improvements and bugfixes, as well as a major refactoring and
Java rewrite of native components.

New Contributors

• @vargen made their first contribution in #416
• @henryrneh made their first contribution in #439

Full Changelog: v0.11.0...v0.12.0

v0.11.0

• Feature: Add sanitizer for context lookups
• Feature: Add sanitizer for OS command injection
• Feature: Add sanitizer for regex injection
• Feature: Add sanitizer for LDAP injections
• Feature: Add sanitizer for arbitrary class loading
• Feature: Guide fuzzer to generate proper map lookups keys
• Feature: Generate standalone Java reproducers for autofuzz
• Feature: Hooks targeting interfaces and abstract classes hook all implementations
• Feature: Enable multiple BEFORE and AFTER hooks for the same target
• Feature: Greatly improve performance of coverage instrumentation
• Feature: Improve performance of interactions between Jazzer and libFuzzer
• Feature: Export JaCoCo coverage dump using --coverage_dump flag
• Feature: Honor JAVA_OPTS
• API: Add exploreState to help the fuzzer maximize state coverage
• API: Provide additionalClassesToHook field in MethodHook annotation to hook dependent classes
• Fix: Synchronize coverage ID generation
• Fix: Support REPLACE hooks for constructors
• Fix: Do not apply REPLACE hooks in Java 6 class files

This release also includes smaller improvements and bugfixes.

v0.10.0

• Added support for macOS and Windows (both x64)
• Added an --autofuzz flag that allows fuzzing a method without writing a fuzz target
• Added bug detectors for insecure reflective calls, deserialization, and validation expression language injection
• Improved compilation time and fuzzing performance

v0.9.1

• Breaking change: The static fuzzerTestOneInput method in a fuzz target now has to return void instead of boolean. Fuzz targets that previously returned true should now throw an exception or use assert.
• Fixed: jazzer wrapper can find jazzer_driver even if not in the working directory
• Fixed: Switch instrumentation no longer causes an out-of-bounds read in the driver
• Feature: assert can be used in fuzz targets
• Feature: Coverage is now collision-free and more fine-grained (based on JaCoCo)
• API: Added pickValue(Collection c) and consumeChar(char min, char max) to FuzzedDataProvider
• API: Added FuzzerSecurityIssue* exceptions to allow specifiying the severity of findings

v0.9

This is the initial release of Jazzer.