Casr-js

README.md

@@ -187,8 +187,8 @@ Triage Atheris crashes with casr-libfuzzer:
     $ casr-libfuzzer -i casr/tests/casr_tests/casrep/atheris_crashes_ruamel_yaml -o casr/tests/tmp_tests_casr/casr_libfuzzer_atheris_out -- casr/tests/casr_tests/python/yaml_fuzzer.py
 
 Triage Jazzer.js crashes with casr-libfuzzer:
-    $ unzip casr/tests/casr_tests/js/crashes.zip -d crashes
-    $ casr-libfuzzer -i ./crashes -o casr/tests/tmp_tests_casr/casr_libfuzzer_jazzer_js_out -- npx jazzer casr/tests/casr_tests/js/test_casr_libfuzzer_jazzer_js.js
+    $ unzip casr/tests/casr_tests/js/xml2js.zip -d xml2js
+    $ casr-libfuzzer -i ./xml2js -o casr/tests/tmp_tests_casr/casr_libfuzzer_jazzer_js_xml2js_out -- npx jazzer casr/tests/casr_tests/js/test_casr_libfuzzer_jazzer_js_xml2js.js
 
 Upload new and unique CASR reports to
 [DefectDojo](https://github.com/DefectDojo/django-DefectDojo):

casr/src/bin/casr-js.rs

@@ -71,7 +71,7 @@ fn main() -> Result<()> {
         )
         .get_matches();
 
-    init_ignored_frames!("js");
+    init_ignored_frames!("js", "cpp");
     if let Some(path) = matches.get_one::<PathBuf>("ignore") {
         util::add_custom_ignored_frames(path)?;
     }
@@ -107,11 +107,16 @@ fn main() -> Result<()> {
     let mut path_to_tool = PathBuf::new();
     path_to_tool.push(argv[0]);
     if argv.len() > 1 {
-        if let Some(fname) = Path::new(argv[0]).file_name() {
-            let Ok(full_path_to_tool) = which::which(fname) else {
-                bail!("Could not get the full path of {}", argv[0]);
+        let fpath = Path::new(argv[0]);
+        if let Some(fname) = fpath.file_name() {
+            path_to_tool = if !fpath.is_absolute() {
+                let Ok(full_path_to_tool) = which::which(fname) else {
+                    bail!("Could not get the full path of {}", argv[0]);
+                };
+                full_path_to_tool
+            } else {
+                fpath.to_path_buf()
             };
-            path_to_tool = full_path_to_tool;
             let fname = fname.to_string_lossy();
             if (fname == "node" || fname == "jsfuzz") && argv[1].ends_with(".js") {
                 report.executable_path = argv[1].to_string();

casr/tests/tests.rs

@@ -5447,8 +5447,11 @@ fn test_casr_libfuzzer_jazzer_js_xml2js() {
         String::from_utf8_lossy(&output.stderr)
     );
     let err = String::from_utf8_lossy(&output.stderr);
+    let out = String::from_utf8_lossy(&output.stdout);
 
     assert!(!err.is_empty());
+    println!("STDOUT: {out}");
+    println!("STDERR: {err}");
 
     assert!(err.contains("NOT_EXPLOITABLE"));
     assert!(err.contains("TypeError"));

docs/usage.md

@@ -546,8 +546,8 @@ Atheris example:
     $ casr-libfuzzer -i casr/tests/casr_tests/casrep/atheris_crashes_ruamel_yaml -o casr/tests/tmp_tests_casr/casr_libfuzzer_atheris_out -- casr/tests/casr_tests/python/yaml_fuzzer.py
 
 Jazzer.js example:
-    $ unzip casr/tests/casr_tests/js/crashes.zip -d crashes
-    $ casr-libfuzzer -i ./crashes -o casr/tests/tmp_tests_casr/casr_libfuzzer_jazzer_js_out -- npx jazzer casr/tests/casr_tests/js/test_casr_libfuzzer_jazzer_js.js
+    $ unzip casr/tests/casr_tests/js/xml2js.zip -d xml2js
+    $ casr-libfuzzer -i ./xml2js -o casr/tests/tmp_tests_casr/casr_libfuzzer_jazzer_js_xml2js_out -- npx jazzer casr/tests/casr_tests/js/test_casr_libfuzzer_jazzer_js_xml2js.js
 
 You can set environment variable `RUST_BACKTRACE=(1|full)` for `casr-libfuzzer`. This
 variable may be used by [casr-san](#casr-san).