Create a Java-gRPC Application Fuzz Test

How to create a Java-gRPC Application Fuzz Test

To create a fuzz test for a Java gRPC application, go to the sidebar menu in the dashboard and click on the “Add Fuzz Test” button.

Add a Java gRPC Fuzz Test

From the list, choose to create a Java Web App Fuzz Test.

Create a Java Web App Fuzz Test for gRPCAfterwards a new windows pops up and we need to give the fuzz test a name and select the web service name you configured before in Connecting Java gRPC applications

Create a New Fuzz Test

Save the fuzz test.

Now, the fuzz test need to be configured to use the generated shared object file stub.so during Project Setup of Java-gRPC applications.

For the saved fuzz test a fuzz test configuration file is saved in .code-intelligence/fuzz_targets/<FUZZ_NAME>.yaml in addition.  There it is necessary to change the following:

  1. Add run_extra_args option to point to stub.so file:
    run_extra_args:

    - "--proto_stub_path=src/main/proto/libproto_stub.so"
  2. Add base url option + port of your target application:
    base_url: "127.0.0.1:50051"
  3. hange protocol option to grpc:
    protocol: grpc

Click save, then run. After a few seconds, the status of the fuzz test should be running:

Edit Fuzz Test