Problem Faced While Running Offline-Instrumented Jar Files: java.lang.NoClassDefFoundError: com/code_intelligence/jazzer/runtime/CoverageMap

[MuxiLyuLucy]

Hi! I built an experimental class that triggers OS Command Injection sanitizer, similar to OsCommandInjectionRuntimeExec in the exemplar folder of jazzer.

I am trying to offline-instrument the sanitizers of jazzer to my class and then run the instrumented jar file to see if the OS Command Injection sanitizer can be successfully triggered.

Here is how I implemented my class:

import java.util.concurrent.TimeUnit;
import static java.lang.Runtime.getRuntime;
import java.nio.file.*;
import java.io.IOException;
import java.nio.charset.StandardCharsets;

public class OsCommandInjectionRuntimeExec {
    public static void main(String[] args) {
        Path path = Paths.get("the path to an input file generated previously by jazzer");
        try {
            byte[] fileBytes = Files.readAllBytes(path);
            System.out.println("File read successfully.");
            String fileContent = new String(fileBytes, StandardCharsets.US_ASCII);
            System.out.println("File content as ASCII string:");
            System.out.println(fileContent);
            Process process = getRuntime().exec(fileContent, new String[] {});
            if (!process.waitFor(10, TimeUnit.MILLISECONDS)) {
                process.destroyForcibly();
            }
        } catch (IOException e) {
            e.printStackTrace();
        } catch (Exception ignored) {
            // Ignore execution and setup exceptions
        }
    }
}

Here is the script of how I tried to build the instrumented jar and run it:

mvn clean package
jazzer/jazzer --instrument_only=target/jazzer-jqf-test-1.0-SNAPSHOT.jar --dump_classes_dir=/tmp
java -cp jazzer-jqf-test-1.0-SNAPSHOT.instrumented.jar:$(find jazzer -name '*.jar' | tr '\n' ':') OsCommandInjectionRuntimeExec

These are the jar files in $(find jazzer -name '*.jar' | tr '\n' ':'):

jazzer-0.22.1.jar  jazzer-api-0.22.1.jar  jazzer-junit-0.22.1.jar  jazzer_standalone.jar

After I run my script, here is the error message:

Exception in thread "main" java.lang.NoClassDefFoundError: com/code_intelligence/jazzer/runtime/CoverageMap
        at OsCommandInjectionRuntimeExec.main(OsCommandInjectionRuntimeExec.java:25)
Caused by: java.lang.ClassNotFoundException: com.code_intelligence.jazzer.runtime.CoverageMap
        at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:641)
        at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:188)
        at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:525)
        ... 1 more

I am wondering why this class (com/code_intelligence/jazzer/runtime/CoverageMap) is not included in jazzer-0.22.1.jar. What will be the correct way to run offline-instrumented jar files?

Thanks!