init

Author: 0xricksanchez

examples/node-jsonwebtoken/fuzz.js

@@ -0,0 +1,22 @@
+// The code in this file is based on the examples available in JSFuzz:
+// https://gitlab.com/gitlab-org/security-products/analyzers/fuzzers/jsfuzz/-/blob/34a694a8c73bfe0895c4e24784ba5b6dfe964b94/examples/xml/fuzz.js
+// The original code is available under the Apache License 2.0.
+
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const jwt = require("jsonwebtoken");
+
+/**
+ * @param { Buffer } data
+ */
+module.exports.fuzz = async function (data) {
+	try {
+	} catch (error) {
+		if (!ignoredError(error)) throw error;
+	}
+};
+
+function ignoredError(error) {
+	return !!ignored.find((message) => error.message.startsWith(message));
+}
+
+const ignored = ["Unencoded"];

examples/node-jsonwebtoken/package.json

@@ -0,0 +1,16 @@
+{
+	"name": "jwt-fuzz",
+	"version": "1.0.0",
+	"main": "fuzz.js",
+	"license": "ISC",
+	"dependencies": {
+		"jsonwebtoken": "8.5.1"
+	},
+	"scripts": {
+		"fuzz": "jazzer fuzz -i node-jsonwebtoken -e nothing",
+		"dryRun": "jazzer fuzz -i node-jsonwebtoken -e nothing -- -runs=100 -seed=123456789"
+	},
+	"devDependencies": {
+		"@jazzer.js/core": "file:../../packages/core"
+	}
+}