Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failing instrumentation #2

Closed
floyd-fuh opened this issue Feb 1, 2018 · 5 comments
Closed

Failing instrumentation #2

floyd-fuh opened this issue Feb 1, 2018 · 5 comments

Comments

@floyd-fuh
Copy link

Hi there,

When instrumenting code with kelinci, I often get:

$ java -cp ../../instrumentor/build/libs/kelinci.jar edu.cmu.sv.kelinci.instrumentor.Instrumentor -i example.jar -o example-instrumented.jar
Instrumenting class: org/example/test/Parser.class
Exception in thread "main" java.lang.RuntimeException: java.lang.ClassNotFoundException: com.otherexample.other.SomeClassname
        at org.objectweb.asm.ClassWriter.getCommonSuperClass(Unknown Source)
        at org.objectweb.asm.ClassWriter.a(Unknown Source)
        at org.objectweb.asm.Frame.a(Unknown Source)
        at org.objectweb.asm.Frame.a(Unknown Source)
        at org.objectweb.asm.MethodWriter.visitMaxs(Unknown Source)
        at org.objectweb.asm.MethodVisitor.visitMaxs(Unknown Source)
        at org.objectweb.asm.ClassReader.a(Unknown Source)
        at org.objectweb.asm.ClassReader.b(Unknown Source)
        at org.objectweb.asm.ClassReader.accept(Unknown Source)
        at org.objectweb.asm.ClassReader.accept(Unknown Source)
        at edu.cmu.sv.kelinci.instrumentor.Instrumentor.main(Instrumentor.java:63)

For now I just make sure it will use the non-instrumented classes when it fails in my fork (see floyd-fuh@32f405e), however, I think that's not the best option. Any idea why it could fail? Are there any dependencies that could be missing during instrumentation or anything like that?
@rodykersten
Copy link
Contributor

Hi Floyd, thanks for your feedback! Is the "com.otherexample" package in example.jar? Kelinci uses ASM for instrumentation. ASM requires superclasses of the classes to instrument to be on the classpath. Adding the "com.otherexample" package to the classpath should fix this.

@rodykersten
Copy link
Contributor

BTW I agree that it makes more sense to skip a class when a RuntimeException is thrown than to quit instrumenting. Thanks for the tip.

@floyd-fuh floyd-fuh mentioned this issue Feb 7, 2018
Closed
@floyd-fuh
Copy link
Author

The "com.otherexample" package is not in example.jar and you are probably right. However, in my case I was simply too lazy and just skipped instrumentation, in most cases instrumenting 99% of the code is probably fine.

Ok, I sent you a pull request #5 that catches the errors

@rodykersten
Copy link
Contributor

I gave this more though. The RuntimeException is actually caused by a ClassNotFoundException. In that case, it does not make sense to try and add it to the JAR, since it will not be loadable.

@floyd-fuh floyd-fuh mentioned this issue Mar 6, 2018
Closed
@floyd-fuh
Copy link
Author

Ok, so here's the challenge for you I'm now able to disclose: Instrument tika-app.jar of the Apache Tika project https://tika.apache.org/ and try to do a fuzzing run

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@floyd-fuh @rodykersten