()
| 118 | } |
| 119 | |
| 120 | private static void reportFinding() { |
| 121 | Jazzer.reportFindingFromHook( |
| 122 | new FuzzerSecurityIssueHigh( |
| 123 | "Remote Code Execution\n" |
| 124 | + "Unrestricted class/object creation based on externally controlled data may" |
| 125 | + " allow\n" |
| 126 | + "remote code execution depending on available classes on the classpath.")); |
| 127 | } |
| 128 | |
| 129 | private static boolean isSanitizerEnabled(byte sanitizerId) { |
| 130 | // FIXME: This does not take into account disabled hooks set via CLI args or env. |
no test coverage detected