Add Hancock to OSS-Fuzz by 0ai-Cyberviser · Pull Request #15315 · google/oss-fuzz

0ai-Cyberviser · 2026-04-08T02:39:07Z

Adds Hancock (AI cybersecurity agent) to OSS-Fuzz with 5 Atheris Python fuzz targets + seed corpora.

Upstream fuzz targets + corpora: https://github.com/0ai-Cyberviser/Hancock/tree/main/fuzz

CIFuzz workflow already enabled in upstream repo.

Submitting for OSS-Fuzz Initial Integration reward (up to $5,000).

github-actions · 2026-04-08T02:40:18Z

0ai-Cyberviser is integrating a new project:
- Main repo: https://github.com/0ai-Cyberviser/Hancock
- Criticality score: N/A

0ai-Cyberviser · 2026-04-08T04:03:16Z

@copilot

Copilot said: PR #63 can't be auto-merged because it's

PR #63 can't be auto-merged because it's still in draft state. You'll need to take two manual steps, then I can handle the rest:

Step 1: Merge PR #63 (manual — requires your action)

Go to PR #63
Click "Ready for review" to take it out of draft
Click "Merge pull request" to merge it into the add-hancock-project branch

This will land the Dockerfile and build.sh fixes onto the same branch that feeds google/oss-fuzz#15315.

Step 2 (after merge): Update #15315 description

Once #63 is merged, the add-hancock-project branch will contain the updated files and the upstream PR will reflect the changes automatically. At that point, you should update the PR description on #15315. Here's the ready-to-paste replacement:

Title: Add Hancock to OSS-Fuzz

Body:

Adds Hancock (AI-powered cybersecurity agent) to OSS-Fuzz with 8 Atheris-based Python fuzz targets + seed corpora.

Fuzz targets

Target Attack surface

fuzz_nvd_parser NVD JSON/feed parsing

fuzz_mitre_parser MITRE ATT&CK data parsing

fuzz_formatter Advisory output formatting

fuzz_formatter_v3 CVSSv3 formatter paths

fuzz_api_inputs API endpoint input validation

fuzz_webhook_signature Webhook HMAC signature verification

fuzz_ghsa_parser GitHub Security Advisory parsing

fuzz_xml_parsing XML/defusedxml parsing

Go merge PR #63 and let me know once that's done — I can help with anything else from there!
Copilot said: PR #63 can't be auto-merged because it's
PR #63 can't be auto-merged because it's still in draft state. You'll need to take two manual steps, then I can handle the rest:
Step 1: Merge PR #63 (manual — requires your action)
Go to [PR #63](https://github.com/0ai-Cyberviser/oss-fuzz/pull/63)
Click "Ready for review" to take it out of draft
Click "Merge pull request" to merge it into the add-hancock-project branch
This will land the Dockerfile and build.sh fixes onto the same branch that feeds google/oss-fuzz#15315.
Step 2 (after merge): Update #15315 description

Once #63 is merged, the add-hancock-project branch will contain the updated files and the upstream PR will reflect the changes automatically. At that point, you should update the PR description on #15315. Here's the ready-to-paste replacement:
Title: Add Hancock to OSS-Fuzz

Body:

Adds [Hancock](https://github.com/0ai-Cyberviser/Hancock) (AI-powered cybersecurity agent) to OSS-Fuzz with 8 Atheris-based Python fuzz targets + seed corpora.
Fuzz targets
Target	Attack surface
fuzz_nvd_parser	NVD JSON/feed parsing
fuzz_mitre_parser	MITRE ATT&CK data parsing
fuzz_formatter	Advisory output formatting
fuzz_formatter_v3	CVSSv3 formatter paths
fuzz_api_inputs	API endpoint input validation
fuzz_webhook_signature	Webhook HMAC signature verification
fuzz_ghsa_parser	GitHub Security Advisory parsing
fuzz_xml_parsing	XML/defusedxml parsing
Integration details

    Language: Python
    Engine: libFuzzer (via Atheris)
    Sanitizers: address, undefined
    License: Apache-2.0
    Upstream fuzz targets + corpora: https://github.com/0ai-Cyberviser/Hancock/tree/main/fuzz
    CIFuzz + continuous-fuzz workflows already enabled in upstream repo

Build verification
bash

python3 infra/helper.py build_image hancock
python3 infra/helper.py build_fuzzers hancock
python3 infra/helper.py run_fuzzer hancock fuzz_nvd_parser
Step 3: Test locally

After merging #63, run this on your machine to confirm everything builds:
bash

git clone https://github.com/0ai-Cyberviser/oss-fuzz.git
cd oss-fuzz
git checkout add-hancock-project

python3 infra/helper.py build_image hancock
python3 infra/helper.py build_fuzzers hancock
python3 infra/helper.py run_fuzzer hancock fuzz_nvd_parser

Step 4: Post results and request review

Once the build succeeds, paste the terminal output as a comment on google/oss-fuzz#15315 with a note like:
✅ Local build + fuzz run verified:
Code

[paste output here]

Ready for review. cc @oliverchang @jonathanmetzman
Summary of what's done vs. what needs your action
Step Status
✅ Hancock upstream: license → Apache-2.0 PR #38 merged
✅ Hancock upstream: atheris in requirements.txt PR #38 merged
✅ OSS-Fuzz fork: Dockerfile + build.sh fixes PR #63 ready (draft — needs you to mark ready & merge)
🔲 Update #15315 description Copy the text above
🔲 Local build test Run the commands above
🔲 Post results + request review Comment on #15315

Go merge PR #63 and let me know once that's done — I can help with anything else from there!

0ai-Cyberviser · 2026-04-08T04:06:44Z

@copilot
Title: Add Hancock to OSS-Fuzz

Body:

Adds Hancock (AI-powered cybersecurity agent) to OSS-Fuzz with 8 Atheris-based Python fuzz targets + seed corpora.
Fuzz targets
Target Attack surface
fuzz_nvd_parser NVD JSON/feed parsing
fuzz_mitre_parser MITRE ATT&CK data parsing
fuzz_formatter Advisory output formatting
fuzz_formatter_v3 CVSSv3 formatter paths
fuzz_api_inputs API endpoint input validation
fuzz_webhook_signature Webhook HMAC signature verification
fuzz_ghsa_parser GitHub Security Advisory parsing
fuzz_xml_parsing XML/defusedxml parsing
Integration details

Language: Python
Engine: libFuzzer (via Atheris)
Sanitizers: address, undefined
License: Apache-2.0
Upstream fuzz targets + corpora: https://github.com/0ai-Cyberviser/Hancock/tree/main/fuzz
CIFuzz + continuous-fuzz workflows already enabled in upstream repo

Build verification
bash

python3 infra/helper.py build_image hancock
python3 infra/helper.py build_fuzzers hancock
python3 infra/helper.py run_fuzzer hancock fuzz_nvd_parser

0ai-Cyberviser · 2026-04-09T17:04:33Z

Local build + fuzz run verified successfully:

┌──(oai㉿0ai)-[~]
└─$ # 1. Clone your own fork (ensures you have the merged #63 changes)
git clone https://github.com/0ai-Cyberviser/oss-fuzz.git
cd oss-fuzz
git checkout add-hancock-project

2. Build the Docker image

python3 infra/helper.py build_image hancock

3. Build the fuzzers

python3 infra/helper.py build_fuzzers hancock

4. Run at least ONE fuzzer (recommend fuzz_nvd_parser as it's simple and representative)

python3 infra/helper.py run_fuzzer hancock fuzz_nvd_parser -- -max_total_time=60
fatal: destination path 'oss-fuzz' already exists and is not an empty directory.
error: pathspec 'add-hancock-project' did not match any file(s) known to git
Pull latest base images (compiler/runtime)? (y/N): y
INFO:main:Pulling latest base images...
INFO:common_utils:Running: docker pull gcr.io/oss-fuzz-base/base-image
Using default tag: latest
latest: Pulling from oss-fuzz-base/base-image
b549f31133a9: Already exists
03b6b7f2c06b: Pull complete
9cd5d87caec1: Pull complete
Digest: sha256:a8a3532c3920268d617c3bf6300ff489a188edf508696cfa214102fb02ae2d75
Status: Downloaded newer image for gcr.io/oss-fuzz-base/base-image:latest
gcr.io/oss-fuzz-base/base-image:latest
INFO:common_utils:Running: docker pull gcr.io/oss-fuzz-base/base-clang
Using default tag: latest
latest: Pulling from oss-fuzz-base/base-clang
b549f31133a9: Already exists
03b6b7f2c06b: Already exists
9cd5d87caec1: Already exists
b66d21e7eeab: Pull complete
32b7e35715c9: Pull complete
7bbe3a0ba1d8: Pull complete
ee21dc76390e: Pull complete
Digest: sha256:4ae2aba9c155c3acf677550b3ee87c66ea088770322e9bbbc4e68cac02503db5
Status: Downloaded newer image for gcr.io/oss-fuzz-base/base-clang:latest
gcr.io/oss-fuzz-base/base-clang:latest
INFO:common_utils:Running: docker pull gcr.io/oss-fuzz-base/base-builder
Using default tag: latest
latest: Pulling from oss-fuzz-base/base-builder
b549f31133a9: Already exists
03b6b7f2c06b: Already exists
9cd5d87caec1: Already exists
b66d21e7eeab: Already exists
32b7e35715c9: Already exists
7bbe3a0ba1d8: Already exists
ee21dc76390e: Already exists
e37fa3e18517: Pulling fs layer
018865be34e0: Pulling fs layer
c76c3983e848: Pulling fs layer
20a9a812b284: Waiting
2c9c01ab3498: Waiting
8cd3633eefb9: Waiting
4995b87ccf9d: Waiting
52434a49962f: Waiting
004fad2c33de: Pull complete
40ae89b59cd8: Pull complete
b90d1c25b09d: Pull complete
c7bea01221bb: Pull complete
6fc4270276d8: Pull complete
6559c0d725b4: Pull complete
755f25fd38f8: Pull complete
8c399697e033: Pull complete
3654b7b1c81b: Pull complete
57cc74994bf6: Pull complete
fd608e18d7d2: Pull complete
022dbc6e3111: Pull complete
c3ff8641ebc3: Pull complete
1b36e71ddda9: Pull complete
ec612afa8227: Pull complete
f56c9ca57bf4: Pull complete
8205f266f2e9: Pull complete
f6c6a6c985ea: Pull complete
420d01354c13: Pull complete
b4d3ef793b3a: Pull complete
8634c5734c91: Pull complete
88c495588d00: Pull complete
91632e809d6f: Pull complete
Digest: sha256:14112c4cb9ef1b61c3563111abaca0ecafa6072de7184e0b1d445cb86a48c8ab
Status: Downloaded newer image for gcr.io/oss-fuzz-base/base-builder:latest
gcr.io/oss-fuzz-base/base-builder:latest
INFO:common_utils:Running: docker pull gcr.io/oss-fuzz-base/base-runner
Using default tag: latest
latest: Pulling from oss-fuzz-base/base-runner
b549f31133a9: Already exists
03b6b7f2c06b: Already exists
9cd5d87caec1: Already exists
7f41b7e3ff13: Pulling fs layer
e473fe587e32: Pulling fs layer
12543f776f9c: Pull complete
38db47bec4d1: Pull complete
7ab8bc54e72c: Pull complete
082dd7e46b2a: Pull complete
a6027eb70d28: Pull complete
06b4ec8b7581: Pull complete
58b722d2b333: Pull complete
570cbc3afa39: Pull complete
8c4ab089b1d2: Pull complete
f9a5835906b9: Pull complete
87cd7f0a3641: Pull complete
54de83a08926: Pull complete
21e8aa8feceb: Pull complete
9ec92bd75634: Pull complete
c0f6ab4cac7e: Pull complete
be210e8f61cb: Pull complete
58610a2f78a1: Pull complete
d018a638a57d: Pull complete
e62e3dbfe038: Pull complete
7a388ba0d7c5: Pull complete
db86a95cc75e: Pull complete
2a7a38aa46ef: Pull complete
bb04bd3ddafc: Pull complete
Digest: sha256:d1101e4e578159bff1a163a5a3421472e52116229a3c31ea4cae88ca4516a9d3
Status: Downloaded newer image for gcr.io/oss-fuzz-base/base-runner:latest
gcr.io/oss-fuzz-base/base-runner:latest
INFO:common_utils:Running: docker pull gcr.io/oss-fuzz-base/base-runner-debug
Using default tag: latest
latest: Pulling from oss-fuzz-base/base-runner-debug
b549f31133a9: Already exists
03b6b7f2c06b: Already exists
9cd5d87caec1: Already exists
7f41b7e3ff13: Already exists
e473fe587e32: Already exists
12543f776f9c: Already exists
38db47bec4d1: Already exists
7ab8bc54e72c: Already exists
082dd7e46b2a: Already exists
a6027eb70d28: Already exists
06b4ec8b7581: Already exists
58b722d2b333: Already exists
570cbc3afa39: Already exists
8c4ab089b1d2: Already exists
f9a5835906b9: Already exists
87cd7f0a3641: Already exists
54de83a08926: Already exists
21e8aa8feceb: Already exists
9ec92bd75634: Already exists
c0f6ab4cac7e: Already exists
be210e8f61cb: Already exists
58610a2f78a1: Already exists
d018a638a57d: Already exists
e62e3dbfe038: Already exists
7a388ba0d7c5: Already exists
db86a95cc75e: Already exists
2a7a38aa46ef: Already exists
bb04bd3ddafc: Already exists
0fe3b1f3aeb0: Pull complete
b8ef1b954645: Pull complete
Digest: sha256:b5f8f617f5f5a8603059d023d4c282348f823805fa1249c97f0ad098734fe8c5
Status: Downloaded newer image for gcr.io/oss-fuzz-base/base-runner-debug:latest
gcr.io/oss-fuzz-base/base-runner-debug:latest
INFO:common_utils:Running: docker pull gcr.io/oss-fuzz-base/base-builder-python
Using default tag: latest
latest: Pulling from oss-fuzz-base/base-builder-python
b549f31133a9: Already exists
03b6b7f2c06b: Already exists
9cd5d87caec1: Already exists
b66d21e7eeab: Already exists
32b7e35715c9: Already exists
7bbe3a0ba1d8: Already exists
ee21dc76390e: Already exists
e37fa3e18517: Already exists
018865be34e0: Already exists
c76c3983e848: Already exists
20a9a812b284: Already exists
2c9c01ab3498: Already exists
8cd3633eefb9: Already exists
4995b87ccf9d: Already exists
52434a49962f: Already exists
004fad2c33de: Already exists
40ae89b59cd8: Already exists
b90d1c25b09d: Already exists
c7bea01221bb: Already exists
6fc4270276d8: Already exists
6559c0d725b4: Already exists
755f25fd38f8: Already exists
8c399697e033: Already exists
3654b7b1c81b: Already exists
57cc74994bf6: Already exists
fd608e18d7d2: Already exists
022dbc6e3111: Already exists
c3ff8641ebc3: Already exists
1b36e71ddda9: Already exists
ec612afa8227: Already exists
f56c9ca57bf4: Already exists
8205f266f2e9: Already exists
f6c6a6c985ea: Already exists
420d01354c13: Already exists
b4d3ef793b3a: Already exists
8634c5734c91: Already exists
88c495588d00: Already exists
91632e809d6f: Already exists
912a6c6b781e: Pull complete
Digest: sha256:60e8ef87f2c0367254ff979a4dea61dad2684b001e3e666e2cc6fe992064dbbf
Status: Downloaded newer image for gcr.io/oss-fuzz-base/base-builder-python:latest
gcr.io/oss-fuzz-base/base-builder-python:latest
INFO:common_utils:Running: docker build --no-cache -t gcr.io/oss-fuzz/hancock --file /home/oai/oss-fuzz/projects/hancock/Dockerfile /home/oai/oss-fuzz/projects/hancock.
[+] Building 2.8s (9/9) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 868B 0.0s
=> [internal] load metadata for gcr.io/oss-fuzz-base/base-builder-python 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [1/4] FROM gcr.io/oss-fuzz-base/base-builder-python:latest 0.7s
=> [internal] load build context 0.0s
=> => transferring context: 1.06kB 0.0s
=> [2/4] RUN git clone --depth 1 https://github.com/0ai-Cyberviser/Hanco 1.8s
=> [3/4] COPY build.sh /src/ 0.0s
=> [4/4] WORKDIR /src/hancock 0.0s
=> exporting to image 0.2s
=> => exporting layers 0.1s
=> => writing image sha256:3384a4bbf4159d12d653e2fc8824eb2b9ba108b41e883 0.0s
=> => naming to gcr.io/oss-fuzz/hancock 0.0s
INFO:common_utils:Running: docker build -t gcr.io/oss-fuzz/hancock --file /home/oai/oss-fuzz/projects/hancock/Dockerfile /home/oai/oss-fuzz/projects/hancock.
[+] Building 0.1s (9/9) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 868B 0.0s
=> [internal] load metadata for gcr.io/oss-fuzz-base/base-builder-python 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [1/4] FROM gcr.io/oss-fuzz-base/base-builder-python:latest 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 30B 0.0s
=> CACHED [2/4] RUN git clone --depth 1 https://github.com/0ai-Cybervise 0.0s
=> CACHED [3/4] COPY build.sh /src/ 0.0s
=> CACHED [4/4] WORKDIR /src/hancock 0.0s
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:3384a4bbf4159d12d653e2fc8824eb2b9ba108b41e883 0.0s
=> => naming to gcr.io/oss-fuzz/hancock 0.0s
INFO:main:Keeping existing build artifacts as-is (if any).
INFO:main:Running: docker run --privileged --shm-size=2g --platform linux/amd64 --rm -i -e FUZZING_ENGINE=libfuzzer -e SANITIZER=address -e ARCHITECTURE=x86_64 -e PROJECT_NAME=hancock -e HELPER=True -e FUZZING_LANGUAGE=python -v /home/oai/oss-fuzz/build/out/hancock/:/out -v /home/oai/oss-fuzz/build/work/hancock:/work -t gcr.io/oss-fuzz/hancock.

vm.mmap_rnd_bits = 28
Compiling libFuzzer to /usr/lib/libFuzzingEngine.a... done.

CC=clang
CXX=clang++
CFLAGS=-O1 -fno-omit-frame-pointer -gline-tables-only -Wno-error=incompatible-function-pointer-types -Wno-error=int-conversion -Wno-error=deprecated-declarations -Wno-error=implicit-function-declaration -Wno-error=implicit-int -Wno-error=unknown-warning-option -Wno-error=vla-cxx-extension -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address -fsanitize-address-use-after-scope -fsanitize=fuzzer-no-link -fno-sanitize=function,leak,vptr,
CXXFLAGS=-O1 -fno-omit-frame-pointer -gline-tables-only -Wno-error=incompatible-function-pointer-types -Wno-error=int-conversion -Wno-error=deprecated-declarations -Wno-error=implicit-function-declaration -Wno-error=implicit-int -Wno-error=unknown-warning-option -Wno-error=vla-cxx-extension -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address -fsanitize-address-use-after-scope -fsanitize=fuzzer-no-link -stdlib=libc++ -fno-sanitize=function,leak,vptr
RUSTFLAGS=--cfg fuzzing -Zsanitizer=address -Cdebuginfo=1 -Cforce-frame-pointers

pip3 install -r requirements.txt
Collecting openai (from -r requirements.txt (line 1))
Downloading openai-2.31.0-py3-none-any.whl.metadata (31 kB)
Collecting flask (from -r requirements.txt (line 2))
Downloading flask-3.1.3-py3-none-any.whl.metadata (3.2 kB)
Collecting python-dotenv (from -r requirements.txt (line 3))
Downloading python_dotenv-1.2.2-py3-none-any.whl.metadata (27 kB)
Collecting xmltodict (from -r requirements.txt (line 4))
Downloading xmltodict-1.0.4-py3-none-any.whl.metadata (14 kB)
Collecting requests>=2.33.0 (from -r requirements.txt (line 5))
Downloading requests-2.33.1-py3-none-any.whl.metadata (4.8 kB)
Collecting prometheus-client (from -r requirements.txt (line 6))
Downloading prometheus_client-0.24.1-py3-none-any.whl.metadata (2.1 kB)
Collecting python-json-logger (from -r requirements.txt (line 7))
Downloading python_json_logger-4.1.0-py3-none-any.whl.metadata (3.7 kB)
Collecting defusedxml (from -r requirements.txt (line 8))
Downloading defusedxml-0.7.1-py2.py3-none-any.whl.metadata (32 kB)
Collecting pytest (from -r requirements.txt (line 9))
Downloading pytest-9.0.3-py3-none-any.whl.metadata (7.6 kB)
Collecting maxminddb (from -r requirements.txt (line 10))
Downloading maxminddb-3.1.1-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl.metadata (5.3 kB)
Collecting python-nmap (from -r requirements.txt (line 11))
Downloading python-nmap-0.7.1.tar.gz (44 kB)
Installing build dependencies ... done
Getting requirements to build wheel ... done
Preparing metadata (pyproject.toml) ... done
Requirement already satisfied: atheris in /usr/local/lib/python3.11/site-packages (from -r requirements.txt (line 12)) (3.0.0)
Collecting anyio<5,>=3.5.0 (from openai->-r requirements.txt (line 1))
Downloading anyio-4.13.0-py3-none-any.whl.metadata (4.5 kB)
Collecting distro<2,>=1.7.0 (from openai->-r requirements.txt (line 1))
Downloading distro-1.9.0-py3-none-any.whl.metadata (6.8 kB)
Collecting httpx<1,>=0.23.0 (from openai->-r requirements.txt (line 1))
Downloading httpx-0.28.1-py3-none-any.whl.metadata (7.1 kB)
Collecting jiter<1,>=0.10.0 (from openai->-r requirements.txt (line 1))
Downloading jiter-0.13.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (5.2 kB)
Collecting pydantic<3,>=1.9.0 (from openai->-r requirements.txt (line 1))
Downloading pydantic-2.12.5-py3-none-any.whl.metadata (90 kB)
Collecting sniffio (from openai->-r requirements.txt (line 1))
Downloading sniffio-1.3.1-py3-none-any.whl.metadata (3.9 kB)
Collecting tqdm>4 (from openai->-r requirements.txt (line 1))
Downloading tqdm-4.67.3-py3-none-any.whl.metadata (57 kB)
Collecting typing-extensions<5,>=4.11 (from openai->-r requirements.txt (line 1))
Downloading typing_extensions-4.15.0-py3-none-any.whl.metadata (3.3 kB)
Collecting idna>=2.8 (from anyio<5,>=3.5.0->openai->-r requirements.txt (line 1))
Downloading idna-3.11-py3-none-any.whl.metadata (8.4 kB)
Collecting certifi (from httpx<1,>=0.23.0->openai->-r requirements.txt (line 1))
Downloading certifi-2026.2.25-py3-none-any.whl.metadata (2.5 kB)
Collecting httpcore==1.* (from httpx<1,>=0.23.0->openai->-r requirements.txt (line 1))
Downloading httpcore-1.0.9-py3-none-any.whl.metadata (21 kB)
Collecting h11>=0.16 (from httpcore==1.->httpx<1,>=0.23.0->openai->-r requirements.txt (line 1))
Downloading h11-0.16.0-py3-none-any.whl.metadata (8.3 kB)
Collecting annotated-types>=0.6.0 (from pydantic<3,>=1.9.0->openai->-r requirements.txt (line 1))
Downloading annotated_types-0.7.0-py3-none-any.whl.metadata (15 kB)
Collecting pydantic-core==2.41.5 (from pydantic<3,>=1.9.0->openai->-r requirements.txt (line 1))
Downloading pydantic_core-2.41.5-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (7.3 kB)
Collecting typing-inspection>=0.4.2 (from pydantic<3,>=1.9.0->openai->-r requirements.txt (line 1))
Downloading typing_inspection-0.4.2-py3-none-any.whl.metadata (2.6 kB)
Collecting blinker>=1.9.0 (from flask->-r requirements.txt (line 2))
Downloading blinker-1.9.0-py3-none-any.whl.metadata (1.6 kB)
Collecting click>=8.1.3 (from flask->-r requirements.txt (line 2))
Downloading click-8.3.2-py3-none-any.whl.metadata (2.6 kB)
Collecting itsdangerous>=2.2.0 (from flask->-r requirements.txt (line 2))
Downloading itsdangerous-2.2.0-py3-none-any.whl.metadata (1.9 kB)
Collecting jinja2>=3.1.2 (from flask->-r requirements.txt (line 2))
Downloading jinja2-3.1.6-py3-none-any.whl.metadata (2.9 kB)
Collecting markupsafe>=2.1.1 (from flask->-r requirements.txt (line 2))
Downloading markupsafe-3.0.3-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl.metadata (2.7 kB)
Collecting werkzeug>=3.1.0 (from flask->-r requirements.txt (line 2))
Downloading werkzeug-3.1.8-py3-none-any.whl.metadata (4.0 kB)
Collecting charset_normalizer<4,>=2 (from requests>=2.33.0->-r requirements.txt (line 5))
Downloading charset_normalizer-3.4.7-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl.metadata (40 kB)
Collecting urllib3<3,>=1.26 (from requests>=2.33.0->-r requirements.txt (line 5))
Downloading urllib3-2.6.3-py3-none-any.whl.metadata (6.9 kB)
Collecting iniconfig>=1.0.1 (from pytest->-r requirements.txt (line 9))
Downloading iniconfig-2.3.0-py3-none-any.whl.metadata (2.5 kB)
Requirement already satisfied: packaging>=22 in /usr/local/lib/python3.11/site-packages (from pytest->-r requirements.txt (line 9)) (26.0)
Collecting pluggy<2,>=1.5 (from pytest->-r requirements.txt (line 9))
Downloading pluggy-1.6.0-py3-none-any.whl.metadata (4.8 kB)
Collecting pygments>=2.7.2 (from pytest->-r requirements.txt (line 9))
Downloading pygments-2.20.0-py3-none-any.whl.metadata (2.5 kB)
Downloading openai-2.31.0-py3-none-any.whl (1.2 MB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1.2/1.2 MB 2.2 MB/s 0:00:00
Downloading anyio-4.13.0-py3-none-any.whl (114 kB)
Downloading distro-1.9.0-py3-none-any.whl (20 kB)
Downloading httpx-0.28.1-py3-none-any.whl (73 kB)
Downloading httpcore-1.0.9-py3-none-any.whl (78 kB)
Downloading jiter-0.13.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (362 kB)
Downloading pydantic-2.12.5-py3-none-any.whl (463 kB)
Downloading pydantic_core-2.41.5-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (2.1 MB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 2.1/2.1 MB 3.0 MB/s 0:00:00
Downloading typing_extensions-4.15.0-py3-none-any.whl (44 kB)
Downloading flask-3.1.3-py3-none-any.whl (103 kB)
Downloading python_dotenv-1.2.2-py3-none-any.whl (22 kB)
Downloading xmltodict-1.0.4-py3-none-any.whl (13 kB)
Downloading requests-2.33.1-py3-none-any.whl (64 kB)
Downloading charset_normalizer-3.4.7-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (214 kB)
Downloading idna-3.11-py3-none-any.whl (71 kB)
Downloading urllib3-2.6.3-py3-none-any.whl (131 kB)
Downloading prometheus_client-0.24.1-py3-none-any.whl (64 kB)
Downloading python_json_logger-4.1.0-py3-none-any.whl (15 kB)
Downloading defusedxml-0.7.1-py2.py3-none-any.whl (25 kB)
Downloading pytest-9.0.3-py3-none-any.whl (375 kB)
Downloading pluggy-1.6.0-py3-none-any.whl (20 kB)
Downloading maxminddb-3.1.1-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (98 kB)
Downloading annotated_types-0.7.0-py3-none-any.whl (13 kB)
Downloading blinker-1.9.0-py3-none-any.whl (8.5 kB)
Downloading certifi-2026.2.25-py3-none-any.whl (153 kB)
Downloading click-8.3.2-py3-none-any.whl (108 kB)
Downloading h11-0.16.0-py3-none-any.whl (37 kB)
Downloading iniconfig-2.3.0-py3-none-any.whl (7.5 kB)
Downloading itsdangerous-2.2.0-py3-none-any.whl (16 kB)
Downloading jinja2-3.1.6-py3-none-any.whl (134 kB)
Downloading markupsafe-3.0.3-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (22 kB)
Downloading pygments-2.20.0-py3-none-any.whl (1.2 MB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1.2/1.2 MB 3.4 MB/s 0:00:00
Downloading tqdm-4.67.3-py3-none-any.whl (78 kB)
Downloading typing_inspection-0.4.2-py3-none-any.whl (14 kB)
Downloading werkzeug-3.1.8-py3-none-any.whl (226 kB)
Downloading sniffio-1.3.1-py3-none-any.whl (10 kB)
Building wheels for collected packages: python-nmap
Building wheel for python-nmap (pyproject.toml) ... done
Created wheel for python-nmap: filename=python_nmap-0.7.1-py2.py3-none-any.whl size=20679 sha256=3b3c27b6793ff232a05790cf67c10c96532fccaac830b9a89a06375da8cfa948
Stored in directory: /root/.cache/pip/wheels/4a/8c/1a/aaade88fbb18b99e001cea0921931af9c05bca4c4a72868b51
Successfully built python-nmap
Installing collected packages: python-nmap, xmltodict, urllib3, typing-extensions, tqdm, sniffio, python-json-logger, python-dotenv, pygments, prometheus-client, pluggy, maxminddb, markupsafe, jiter, itsdangerous, iniconfig, idna, h11, distro, defusedxml, click, charset_normalizer, certifi, blinker, annotated-types, werkzeug, typing-inspection, requests, pytest, pydantic-core, jinja2, httpcore, anyio, pydantic, httpx, flask, openai
Successfully installed annotated-types-0.7.0 anyio-4.13.0 blinker-1.9.0 certifi-2026.2.25 charset_normalizer-3.4.7 click-8.3.2 defusedxml-0.7.1 distro-1.9.0 flask-3.1.3 h11-0.16.0 httpcore-1.0.9 httpx-0.28.1 idna-3.11 iniconfig-2.3.0 itsdangerous-2.2.0 jinja2-3.1.6 jiter-0.13.0 markupsafe-3.0.3 maxminddb-3.1.1 openai-2.31.0 pluggy-1.6.0 prometheus-client-0.24.1 pydantic-2.12.5 pydantic-core-2.41.5 pygments-2.20.0 pytest-9.0.3 python-dotenv-1.2.2 python-json-logger-4.1.0 python-nmap-0.7.1 requests-2.33.1 sniffio-1.3.1 tqdm-4.67.3 typing-extensions-4.15.0 typing-inspection-0.4.2 urllib3-2.6.3 werkzeug-3.1.8 xmltodict-1.0.4
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager, possibly rendering your system unusable. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv. Use the --root-user-action option if you know what you are doing and want to suppress this warning.
++ find /src/hancock/fuzz -name 'fuzz_.py'
for fuzzer in $(find $SRC/hancock/fuzz -name 'fuzz_*.py')
compile_python_fuzzer /src/hancock/fuzz/fuzz_xml_parsing.py
fuzzer_path=/src/hancock/fuzz/fuzz_xml_parsing.py
shift 1
++ basename -s .py /src/hancock/fuzz/fuzz_xml_parsing.py
fuzzer_basename=fuzz_xml_parsing
fuzzer_package=fuzz_xml_parsing.pkg
PYFUZZ_WORKPATH=/src/pyfuzzworkdir/
FUZZ_WORKPATH=/src/pyfuzzworkdir//fuzz_xml_parsing
[[ address = introspector ]]
[[ address = coverage ]]
[[ 0 != \0 ]]
rm -rf /src/pyfuzzworkdir/
mkdir /src/pyfuzzworkdir/ /src/pyfuzzworkdir//fuzz_xml_parsing
pyinstaller --distpath /out --workpath=/src/pyfuzzworkdir//fuzz_xml_parsing --onefile --name fuzz_xml_parsing.pkg /src/hancock/fuzz/fuzz_xml_parsing.py
41 INFO: PyInstaller: 6.10.0, contrib hooks: 2026.4
41 INFO: Python: 3.11.13
42 INFO: Platform: Linux-6.18.12+kali-amd64-x86_64-with-glibc2.31
42 INFO: Python environment: /usr/local
44 INFO: wrote /src/hancock/fuzz_xml_parsing.pkg.spec
46 INFO: Module search paths (PYTHONPATH):
['/usr/local/lib/python311.zip',
'/usr/local/lib/python3.11',
'/usr/local/lib/python3.11/lib-dynload',
'/usr/local/lib/python3.11/site-packages',
'/src/hancock']
125 INFO: checking Analysis
126 INFO: Building Analysis because Analysis-00.toc is non existent
126 INFO: Running Analysis Analysis-00.toc
126 INFO: Target bytecode optimization level: 0
126 INFO: Initializing module dependency graph...
126 INFO: Caching module graph hooks...
134 INFO: Analyzing base_library.zip ...
658 INFO: Processing standard module hook 'hook-heapq.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
754 INFO: Processing standard module hook 'hook-encodings.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
1984 INFO: Processing standard module hook 'hook-pickle.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
3301 INFO: Caching module dependency graph...
3361 INFO: Looking for Python shared library...
3371 INFO: Using Python shared library: /usr/local/lib/libpython3.11.so.1.0
3371 INFO: Analyzing /src/hancock/fuzz/fuzz_xml_parsing.py
3373 INFO: Processing standard module hook 'hook-atheris.py' from '/usr/local/lib/python3.11/site-packages/atheris'
3429 INFO: Processing standard module hook 'hook-xml.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
3431 INFO: Processing standard module hook 'hook-xml.etree.cElementTree.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
3507 INFO: Processing standard module hook 'hook-xml.dom.domreg.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
4175 INFO: Processing standard module hook 'hook-platform.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
4192 INFO: Processing standard module hook 'hook-sysconfig.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
4244 INFO: Processing module hooks (post-graph stage)...
4263 INFO: Performing binary vs. data reclassification (2 entries)
4290 INFO: Looking for ctypes DLLs
4301 INFO: Analyzing run-time hooks ...
4302 INFO: Including run-time hook 'pyi_rth_inspect.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
4304 INFO: Including run-time hook 'pyi_rth_pkgutil.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
4308 INFO: Looking for dynamic libraries
4805 INFO: Warnings written to /src/pyfuzzworkdir/fuzz_xml_parsing/fuzz_xml_parsing.pkg/warn-fuzz_xml_parsing.pkg.txt
4815 INFO: Graph cross-reference written to /src/pyfuzzworkdir/fuzz_xml_parsing/fuzz_xml_parsing.pkg/xref-fuzz_xml_parsing.pkg.html
4823 INFO: checking PYZ
4823 INFO: Building PYZ because PYZ-00.toc is non existent
4823 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_xml_parsing/fuzz_xml_parsing.pkg/PYZ-00.pyz
5045 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_xml_parsing/fuzz_xml_parsing.pkg/PYZ-00.pyz completed successfully.
5055 INFO: checking PKG
5055 INFO: Building PKG because PKG-00.toc is non existent
5055 INFO: Building PKG (CArchive) fuzz_xml_parsing.pkg.pkg
14815 INFO: Building PKG (CArchive) fuzz_xml_parsing.pkg.pkg completed successfully.
14817 INFO: Bootloader /usr/local/lib/python3.11/site-packages/PyInstaller/bootloader/Linux-64bit-intel/run
14817 INFO: checking EXE
14817 INFO: Building EXE because EXE-00.toc is non existent
14817 INFO: Building EXE from EXE-00.toc
14820 INFO: Copying bootloader EXE to /out/fuzz_xml_parsing.pkg
14820 INFO: Appending PKG archive to custom ELF section in EXE
14867 INFO: Building EXE from EXE-00.toc completed successfully.
chmod -x /out/fuzz_xml_parsing.pkg
[[ address = coverage ]]
echo '#!/bin/sh

LLVMFuzzerTestOneInput for fuzzer detection.

this_dir=$(dirname "$0")
chmod +x $this_dir/fuzz_xml_parsing.pkg
LD_PRELOAD=$this_dir/sanitizer_with_fuzzer.so ASAN_OPTIONS=$ASAN_OPTIONS:symbolize=1:external_symbolizer_path=$this_dir/llvm-symbolizer:detect_leaks=0 $this_dir/fuzz_xml_parsing.pkg $@'

chmod +x /out/fuzz_xml_parsing
for fuzzer in $(find $SRC/hancock/fuzz -name 'fuzz_*.py')
compile_python_fuzzer /src/hancock/fuzz/fuzz_formatter.py
fuzzer_path=/src/hancock/fuzz/fuzz_formatter.py
shift 1
++ basename -s .py /src/hancock/fuzz/fuzz_formatter.py
fuzzer_basename=fuzz_formatter
fuzzer_package=fuzz_formatter.pkg
PYFUZZ_WORKPATH=/src/pyfuzzworkdir/
FUZZ_WORKPATH=/src/pyfuzzworkdir//fuzz_formatter
[[ address = introspector ]]
[[ address = coverage ]]
[[ 0 != \0 ]]
rm -rf /src/pyfuzzworkdir/
mkdir /src/pyfuzzworkdir/ /src/pyfuzzworkdir//fuzz_formatter
pyinstaller --distpath /out --workpath=/src/pyfuzzworkdir//fuzz_formatter --onefile --name fuzz_formatter.pkg /src/hancock/fuzz/fuzz_formatter.py
39 INFO: PyInstaller: 6.10.0, contrib hooks: 2026.4
39 INFO: Python: 3.11.13
40 INFO: Platform: Linux-6.18.12+kali-amd64-x86_64-with-glibc2.31
40 INFO: Python environment: /usr/local
41 INFO: wrote /src/hancock/fuzz_formatter.pkg.spec
42 INFO: Module search paths (PYTHONPATH):
['/usr/local/lib/python311.zip',
'/usr/local/lib/python3.11',
'/usr/local/lib/python3.11/lib-dynload',
'/usr/local/lib/python3.11/site-packages',
'/src/hancock']
139 INFO: checking Analysis
139 INFO: Building Analysis because Analysis-00.toc is non existent
139 INFO: Running Analysis Analysis-00.toc
139 INFO: Target bytecode optimization level: 0
140 INFO: Initializing module dependency graph...
140 INFO: Caching module graph hooks...
150 INFO: Analyzing base_library.zip ...
529 INFO: Processing standard module hook 'hook-encodings.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
864 INFO: Processing standard module hook 'hook-heapq.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
1249 INFO: Processing standard module hook 'hook-pickle.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
3334 INFO: Caching module dependency graph...
3405 INFO: Looking for Python shared library...
3414 INFO: Using Python shared library: /usr/local/lib/libpython3.11.so.1.0
3414 INFO: Analyzing /src/hancock/fuzz/fuzz_formatter.py
3420 INFO: Processing standard module hook 'hook-atheris.py' from '/usr/local/lib/python3.11/site-packages/atheris'
3502 INFO: Processing module hooks (post-graph stage)...
3508 INFO: Performing binary vs. data reclassification (2 entries)
3511 INFO: Looking for ctypes DLLs
3521 INFO: Analyzing run-time hooks ...
3523 INFO: Including run-time hook 'pyi_rth_inspect.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
3526 INFO: Looking for dynamic libraries
3990 INFO: Warnings written to /src/pyfuzzworkdir/fuzz_formatter/fuzz_formatter.pkg/warn-fuzz_formatter.pkg.txt
3998 INFO: Graph cross-reference written to /src/pyfuzzworkdir/fuzz_formatter/fuzz_formatter.pkg/xref-fuzz_formatter.pkg.html
4005 INFO: checking PYZ
4005 INFO: Building PYZ because PYZ-00.toc is non existent
4005 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_formatter/fuzz_formatter.pkg/PYZ-00.pyz
4153 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_formatter/fuzz_formatter.pkg/PYZ-00.pyz completed successfully.
4163 INFO: checking PKG
4163 INFO: Building PKG because PKG-00.toc is non existent
4164 INFO: Building PKG (CArchive) fuzz_formatter.pkg.pkg
13690 INFO: Building PKG (CArchive) fuzz_formatter.pkg.pkg completed successfully.
13691 INFO: Bootloader /usr/local/lib/python3.11/site-packages/PyInstaller/bootloader/Linux-64bit-intel/run
13691 INFO: checking EXE
13691 INFO: Building EXE because EXE-00.toc is non existent
13691 INFO: Building EXE from EXE-00.toc
13691 INFO: Copying bootloader EXE to /out/fuzz_formatter.pkg
13691 INFO: Appending PKG archive to custom ELF section in EXE
13752 INFO: Building EXE from EXE-00.toc completed successfully.
chmod -x /out/fuzz_formatter.pkg
[[ address = coverage ]]
echo '#!/bin/sh

LLVMFuzzerTestOneInput for fuzzer detection.

this_dir=$(dirname "$0")
chmod +x $this_dir/fuzz_formatter.pkg
LD_PRELOAD=$this_dir/sanitizer_with_fuzzer.so ASAN_OPTIONS=$ASAN_OPTIONS:symbolize=1:external_symbolizer_path=$this_dir/llvm-symbolizer:detect_leaks=0 $this_dir/fuzz_formatter.pkg $@'

chmod +x /out/fuzz_formatter
for fuzzer in $(find $SRC/hancock/fuzz -name 'fuzz_*.py')
compile_python_fuzzer /src/hancock/fuzz/fuzz_mitre_parser.py
fuzzer_path=/src/hancock/fuzz/fuzz_mitre_parser.py
shift 1
++ basename -s .py /src/hancock/fuzz/fuzz_mitre_parser.py
fuzzer_basename=fuzz_mitre_parser
fuzzer_package=fuzz_mitre_parser.pkg
PYFUZZ_WORKPATH=/src/pyfuzzworkdir/
FUZZ_WORKPATH=/src/pyfuzzworkdir//fuzz_mitre_parser
[[ address = introspector ]]
[[ address = coverage ]]
[[ 0 != \0 ]]
rm -rf /src/pyfuzzworkdir/
mkdir /src/pyfuzzworkdir/ /src/pyfuzzworkdir//fuzz_mitre_parser
pyinstaller --distpath /out --workpath=/src/pyfuzzworkdir//fuzz_mitre_parser --onefile --name fuzz_mitre_parser.pkg /src/hancock/fuzz/fuzz_mitre_parser.py
38 INFO: PyInstaller: 6.10.0, contrib hooks: 2026.4
38 INFO: Python: 3.11.13
40 INFO: Platform: Linux-6.18.12+kali-amd64-x86_64-with-glibc2.31
40 INFO: Python environment: /usr/local
41 INFO: wrote /src/hancock/fuzz_mitre_parser.pkg.spec
42 INFO: Module search paths (PYTHONPATH):
['/usr/local/lib/python311.zip',
'/usr/local/lib/python3.11',
'/usr/local/lib/python3.11/lib-dynload',
'/usr/local/lib/python3.11/site-packages',
'/src/hancock']
122 INFO: checking Analysis
122 INFO: Building Analysis because Analysis-00.toc is non existent
122 INFO: Running Analysis Analysis-00.toc
122 INFO: Target bytecode optimization level: 0
122 INFO: Initializing module dependency graph...
123 INFO: Caching module graph hooks...
131 INFO: Analyzing base_library.zip ...
480 INFO: Processing standard module hook 'hook-encodings.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
818 INFO: Processing standard module hook 'hook-heapq.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
1925 INFO: Processing standard module hook 'hook-pickle.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
3127 INFO: Caching module dependency graph...
3186 INFO: Looking for Python shared library...
3196 INFO: Using Python shared library: /usr/local/lib/libpython3.11.so.1.0
3196 INFO: Analyzing /src/hancock/fuzz/fuzz_mitre_parser.py
3203 INFO: Processing standard module hook 'hook-atheris.py' from '/usr/local/lib/python3.11/site-packages/atheris'
3288 INFO: Processing module hooks (post-graph stage)...
3293 INFO: Performing binary vs. data reclassification (2 entries)
3296 INFO: Looking for ctypes DLLs
3306 INFO: Analyzing run-time hooks ...
3307 INFO: Including run-time hook 'pyi_rth_inspect.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
3311 INFO: Looking for dynamic libraries
3781 INFO: Warnings written to /src/pyfuzzworkdir/fuzz_mitre_parser/fuzz_mitre_parser.pkg/warn-fuzz_mitre_parser.pkg.txt
3788 INFO: Graph cross-reference written to /src/pyfuzzworkdir/fuzz_mitre_parser/fuzz_mitre_parser.pkg/xref-fuzz_mitre_parser.pkg.html
3795 INFO: checking PYZ
3796 INFO: Building PYZ because PYZ-00.toc is non existent
3796 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_mitre_parser/fuzz_mitre_parser.pkg/PYZ-00.pyz
3941 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_mitre_parser/fuzz_mitre_parser.pkg/PYZ-00.pyz completed successfully.
3952 INFO: checking PKG
3952 INFO: Building PKG because PKG-00.toc is non existent
3952 INFO: Building PKG (CArchive) fuzz_mitre_parser.pkg.pkg
13413 INFO: Building PKG (CArchive) fuzz_mitre_parser.pkg.pkg completed successfully.
13414 INFO: Bootloader /usr/local/lib/python3.11/site-packages/PyInstaller/bootloader/Linux-64bit-intel/run
13414 INFO: checking EXE
13414 INFO: Building EXE because EXE-00.toc is non existent
13414 INFO: Building EXE from EXE-00.toc
13414 INFO: Copying bootloader EXE to /out/fuzz_mitre_parser.pkg
13415 INFO: Appending PKG archive to custom ELF section in EXE
13487 INFO: Building EXE from EXE-00.toc completed successfully.
chmod -x /out/fuzz_mitre_parser.pkg
[[ address = coverage ]]
echo '#!/bin/sh

LLVMFuzzerTestOneInput for fuzzer detection.

this_dir=$(dirname "$0")
chmod +x $this_dir/fuzz_mitre_parser.pkg
LD_PRELOAD=$this_dir/sanitizer_with_fuzzer.so ASAN_OPTIONS=$ASAN_OPTIONS:symbolize=1:external_symbolizer_path=$this_dir/llvm-symbolizer:detect_leaks=0 $this_dir/fuzz_mitre_parser.pkg $@'

chmod +x /out/fuzz_mitre_parser
for fuzzer in $(find $SRC/hancock/fuzz -name 'fuzz_*.py')
compile_python_fuzzer /src/hancock/fuzz/fuzz_ghsa_parser.py
fuzzer_path=/src/hancock/fuzz/fuzz_ghsa_parser.py
shift 1
++ basename -s .py /src/hancock/fuzz/fuzz_ghsa_parser.py
fuzzer_basename=fuzz_ghsa_parser
fuzzer_package=fuzz_ghsa_parser.pkg
PYFUZZ_WORKPATH=/src/pyfuzzworkdir/
FUZZ_WORKPATH=/src/pyfuzzworkdir//fuzz_ghsa_parser
[[ address = introspector ]]
[[ address = coverage ]]
[[ 0 != \0 ]]
rm -rf /src/pyfuzzworkdir/
mkdir /src/pyfuzzworkdir/ /src/pyfuzzworkdir//fuzz_ghsa_parser
pyinstaller --distpath /out --workpath=/src/pyfuzzworkdir//fuzz_ghsa_parser --onefile --name fuzz_ghsa_parser.pkg /src/hancock/fuzz/fuzz_ghsa_parser.py
39 INFO: PyInstaller: 6.10.0, contrib hooks: 2026.4
39 INFO: Python: 3.11.13
40 INFO: Platform: Linux-6.18.12+kali-amd64-x86_64-with-glibc2.31
40 INFO: Python environment: /usr/local
41 INFO: wrote /src/hancock/fuzz_ghsa_parser.pkg.spec
42 INFO: Module search paths (PYTHONPATH):
['/usr/local/lib/python311.zip',
'/usr/local/lib/python3.11',
'/usr/local/lib/python3.11/lib-dynload',
'/usr/local/lib/python3.11/site-packages',
'/src/hancock']
124 INFO: checking Analysis
124 INFO: Building Analysis because Analysis-00.toc is non existent
125 INFO: Running Analysis Analysis-00.toc
125 INFO: Target bytecode optimization level: 0
125 INFO: Initializing module dependency graph...
125 INFO: Caching module graph hooks...
133 INFO: Analyzing base_library.zip ...
723 INFO: Processing standard module hook 'hook-encodings.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
1951 INFO: Processing standard module hook 'hook-pickle.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
2974 INFO: Processing standard module hook 'hook-heapq.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
3256 INFO: Caching module dependency graph...
3317 INFO: Looking for Python shared library...
3326 INFO: Using Python shared library: /usr/local/lib/libpython3.11.so.1.0
3326 INFO: Analyzing /src/hancock/fuzz/fuzz_ghsa_parser.py
3332 INFO: Processing standard module hook 'hook-atheris.py' from '/usr/local/lib/python3.11/site-packages/atheris'
3411 INFO: Processing standard module hook 'hook-urllib3.py' from '/usr/local/lib/python3.11/site-packages/_pyinstaller_hooks_contrib/stdhooks'
3567 INFO: Processing pre-safe-import-module hook 'hook-typing_extensions.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
3567 INFO: SetuptoolsInfo: initializing cached setuptools info...
7083 INFO: Processing standard module hook 'hook-multiprocessing.util.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
7146 INFO: Processing standard module hook 'hook-xml.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
8317 INFO: Processing standard module hook 'hook-charset_normalizer.py' from '/usr/local/lib/python3.11/site-packages/_pyinstaller_hooks_contrib/stdhooks'
8405 INFO: Processing standard module hook 'hook-certifi.py' from '/usr/local/lib/python3.11/site-packages/_pyinstaller_hooks_contrib/stdhooks'
8479 INFO: Processing module hooks (post-graph stage)...
8522 INFO: Performing binary vs. data reclassification (4 entries)
8525 INFO: Looking for ctypes DLLs
8540 INFO: Analyzing run-time hooks ...
8541 INFO: Including run-time hook 'pyi_rth_inspect.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
8543 INFO: Including run-time hook 'pyi_rth_pkgutil.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
8544 INFO: Including run-time hook 'pyi_rth_multiprocessing.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
8550 INFO: Looking for dynamic libraries
9133 INFO: Warnings written to /src/pyfuzzworkdir/fuzz_ghsa_parser/fuzz_ghsa_parser.pkg/warn-fuzz_ghsa_parser.pkg.txt
9148 INFO: Graph cross-reference written to /src/pyfuzzworkdir/fuzz_ghsa_parser/fuzz_ghsa_parser.pkg/xref-fuzz_ghsa_parser.pkg.html
9157 INFO: checking PYZ
9157 INFO: Building PYZ because PYZ-00.toc is non existent
9157 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_ghsa_parser/fuzz_ghsa_parser.pkg/PYZ-00.pyz
9443 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_ghsa_parser/fuzz_ghsa_parser.pkg/PYZ-00.pyz completed successfully.
9455 INFO: checking PKG
9455 INFO: Building PKG because PKG-00.toc is non existent
9455 INFO: Building PKG (CArchive) fuzz_ghsa_parser.pkg.pkg
19534 INFO: Building PKG (CArchive) fuzz_ghsa_parser.pkg.pkg completed successfully.
19535 INFO: Bootloader /usr/local/lib/python3.11/site-packages/PyInstaller/bootloader/Linux-64bit-intel/run
19535 INFO: checking EXE
19535 INFO: Building EXE because EXE-00.toc is non existent
19535 INFO: Building EXE from EXE-00.toc
19535 INFO: Copying bootloader EXE to /out/fuzz_ghsa_parser.pkg
19535 INFO: Appending PKG archive to custom ELF section in EXE
19579 INFO: Building EXE from EXE-00.toc completed successfully.
chmod -x /out/fuzz_ghsa_parser.pkg
[[ address = coverage ]]
echo '#!/bin/sh

LLVMFuzzerTestOneInput for fuzzer detection.

this_dir=$(dirname "$0")
chmod +x $this_dir/fuzz_ghsa_parser.pkg
LD_PRELOAD=$this_dir/sanitizer_with_fuzzer.so ASAN_OPTIONS=$ASAN_OPTIONS:symbolize=1:external_symbolizer_path=$this_dir/llvm-symbolizer:detect_leaks=0 $this_dir/fuzz_ghsa_parser.pkg $@'

chmod +x /out/fuzz_ghsa_parser
for fuzzer in $(find $SRC/hancock/fuzz -name 'fuzz_*.py')
compile_python_fuzzer /src/hancock/fuzz/fuzz_api_inputs.py
fuzzer_path=/src/hancock/fuzz/fuzz_api_inputs.py
shift 1
++ basename -s .py /src/hancock/fuzz/fuzz_api_inputs.py
fuzzer_basename=fuzz_api_inputs
fuzzer_package=fuzz_api_inputs.pkg
PYFUZZ_WORKPATH=/src/pyfuzzworkdir/
FUZZ_WORKPATH=/src/pyfuzzworkdir//fuzz_api_inputs
[[ address = introspector ]]
[[ address = coverage ]]
[[ 0 != \0 ]]
rm -rf /src/pyfuzzworkdir/
mkdir /src/pyfuzzworkdir/ /src/pyfuzzworkdir//fuzz_api_inputs
pyinstaller --distpath /out --workpath=/src/pyfuzzworkdir//fuzz_api_inputs --onefile --name fuzz_api_inputs.pkg /src/hancock/fuzz/fuzz_api_inputs.py
39 INFO: PyInstaller: 6.10.0, contrib hooks: 2026.4
39 INFO: Python: 3.11.13
40 INFO: Platform: Linux-6.18.12+kali-amd64-x86_64-with-glibc2.31
40 INFO: Python environment: /usr/local
41 INFO: wrote /src/hancock/fuzz_api_inputs.pkg.spec
42 INFO: Module search paths (PYTHONPATH):
['/usr/local/lib/python311.zip',
'/usr/local/lib/python3.11',
'/usr/local/lib/python3.11/lib-dynload',
'/usr/local/lib/python3.11/site-packages',
'/src/hancock']
122 INFO: checking Analysis
122 INFO: Building Analysis because Analysis-00.toc is non existent
122 INFO: Running Analysis Analysis-00.toc
122 INFO: Target bytecode optimization level: 0
123 INFO: Initializing module dependency graph...
123 INFO: Caching module graph hooks...
131 INFO: Analyzing base_library.zip ...
499 INFO: Processing standard module hook 'hook-encodings.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
852 INFO: Processing standard module hook 'hook-heapq.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
1917 INFO: Processing standard module hook 'hook-pickle.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
3136 INFO: Caching module dependency graph...
3206 INFO: Looking for Python shared library...
3216 INFO: Using Python shared library: /usr/local/lib/libpython3.11.so.1.0
3216 INFO: Analyzing /src/hancock/fuzz/fuzz_api_inputs.py
3224 INFO: Processing standard module hook 'hook-atheris.py' from '/usr/local/lib/python3.11/site-packages/atheris'
3339 INFO: Processing pre-safe-import-module hook 'hook-typing_extensions.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
3339 INFO: SetuptoolsInfo: initializing cached setuptools info...
6748 INFO: Processing standard module hook 'hook-multiprocessing.util.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
6869 INFO: Processing standard module hook 'hook-xml.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
7407 INFO: Processing standard module hook 'hook-pydantic.py' from '/usr/local/lib/python3.11/site-packages/_pyinstaller_hooks_contrib/stdhooks'
7698 INFO: Processing standard module hook 'hook-platform.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
7967 INFO: Processing standard module hook 'hook-zoneinfo.py' from '/usr/local/lib/python3.11/site-packages/_pyinstaller_hooks_contrib/stdhooks'
7986 INFO: Processing standard module hook 'hook-sysconfig.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
9334 INFO: Processing standard module hook 'hook-certifi.py' from '/usr/local/lib/python3.11/site-packages/_pyinstaller_hooks_contrib/stdhooks'
9408 INFO: Processing standard module hook 'hook-anyio.py' from '/usr/local/lib/python3.11/site-packages/_pyinstaller_hooks_contrib/stdhooks'
10244 INFO: Processing standard module hook 'hook-difflib.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
10313 INFO: Processing standard module hook 'hook-pygments.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
13459 INFO: Processing standard module hook 'hook-jinja2.py' from '/usr/local/lib/python3.11/site-packages/_pyinstaller_hooks_contrib/stdhooks'
13923 INFO: Processing pre-safe-import-module hook 'hook-importlib_metadata.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
13923 INFO: Setuptools: 'importlib_metadata' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.importlib_metadata'!
13939 INFO: Processing standard module hook 'hook-setuptools.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
13946 INFO: Processing pre-safe-import-module hook 'hook-distutils.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
13946 INFO: Processing pre-find-module-path hook 'hook-distutils.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_find_module_path'
14103 INFO: Processing standard module hook 'hook-distutils.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
14153 INFO: Processing standard module hook 'hook-distutils.util.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
14332 INFO: Processing pre-safe-import-module hook 'hook-packaging.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
14332 INFO: Processing standard module hook 'hook-packaging.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
14444 INFO: Processing pre-safe-import-module hook 'hook-more_itertools.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
14444 INFO: Setuptools: 'more_itertools' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.more_itertools'!
14572 INFO: Processing pre-safe-import-module hook 'hook-importlib_resources.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
14572 INFO: Setuptools: 'importlib_resources' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.importlib_resources'!
14589 INFO: Processing pre-safe-import-module hook 'hook-zipp.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
14589 INFO: Setuptools: 'zipp' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.zipp'!
14648 INFO: Processing pre-safe-import-module hook 'hook-ordered_set.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
14648 INFO: Setuptools: 'ordered_set' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.ordered_set'!
14661 INFO: Processing pre-safe-import-module hook 'hook-jaraco.text.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
14661 INFO: Setuptools: 'jaraco.text' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.jaraco.text'!
14668 INFO: Processing pre-safe-import-module hook 'hook-jaraco.functools.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
14668 INFO: Setuptools: 'jaraco.functools' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.jaraco.functools'!
14675 INFO: Processing pre-safe-import-module hook 'hook-jaraco.context.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
14676 INFO: Setuptools: 'jaraco.context' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.jaraco.context'!
14756 INFO: Processing pre-safe-import-module hook 'hook-tomli.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
14756 INFO: Setuptools: 'tomli' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.tomli'!
15266 INFO: Processing standard module hook 'hook-pkg_resources.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
15406 INFO: Processing pre-safe-import-module hook 'hook-platformdirs.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
15406 INFO: Setuptools: 'platformdirs' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.platformdirs'!
15470 INFO: Processing pre-safe-import-module hook 'hook-wheel.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
15470 INFO: Setuptools: 'wheel' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.wheel'!
15686 INFO: Processing standard module hook 'hook-urllib3.py' from '/usr/local/lib/python3.11/site-packages/_pyinstaller_hooks_contrib/stdhooks'
15989 INFO: Processing standard module hook 'hook-charset_normalizer.py' from '/usr/local/lib/python3.11/site-packages/_pyinstaller_hooks_contrib/stdhooks'
16206 INFO: Processing module hooks (post-graph stage)...
18436 INFO: Processing pre-safe-import-module hook 'hook-autocommand.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
18436 INFO: Setuptools: 'autocommand' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.autocommand'!
18589 INFO: Processing pre-safe-import-module hook 'hook-typeguard.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
18589 INFO: Setuptools: 'typeguard' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.typeguard'!
19304 INFO: Performing binary vs. data reclassification (114 entries)
19310 INFO: Looking for ctypes DLLs
19467 INFO: Analyzing run-time hooks ...
19475 INFO: Including run-time hook 'pyi_rth_inspect.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
19477 INFO: Including run-time hook 'pyi_rth_pkgutil.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
19478 INFO: Including run-time hook 'pyi_rth_multiprocessing.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
19479 INFO: Including run-time hook 'pyi_rth_setuptools.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
19480 INFO: Including run-time hook 'pyi_rth_pkgres.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
19514 INFO: Looking for dynamic libraries
20213 INFO: Warnings written to /src/pyfuzzworkdir/fuzz_api_inputs/fuzz_api_inputs.pkg/warn-fuzz_api_inputs.pkg.txt
20311 INFO: Graph cross-reference written to /src/pyfuzzworkdir/fuzz_api_inputs/fuzz_api_inputs.pkg/xref-fuzz_api_inputs.pkg.html
20350 INFO: checking PYZ
20350 INFO: Building PYZ because PYZ-00.toc is non existent
20350 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_api_inputs/fuzz_api_inputs.pkg/PYZ-00.pyz
21369 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_api_inputs/fuzz_api_inputs.pkg/PYZ-00.pyz completed successfully.
21409 INFO: checking PKG
21410 INFO: Building PKG because PKG-00.toc is non existent
21410 INFO: Building PKG (CArchive) fuzz_api_inputs.pkg.pkg
32013 INFO: Building PKG (CArchive) fuzz_api_inputs.pkg.pkg completed successfully.
32016 INFO: Bootloader /usr/local/lib/python3.11/site-packages/PyInstaller/bootloader/Linux-64bit-intel/run
32016 INFO: checking EXE
32016 INFO: Building EXE because EXE-00.toc is non existent
32016 INFO: Building EXE from EXE-00.toc
32016 INFO: Copying bootloader EXE to /out/fuzz_api_inputs.pkg
32017 INFO: Appending PKG archive to custom ELF section in EXE
32063 INFO: Building EXE from EXE-00.toc completed successfully.
chmod -x /out/fuzz_api_inputs.pkg
[[ address = coverage ]]
echo '#!/bin/sh

LLVMFuzzerTestOneInput for fuzzer detection.

this_dir=$(dirname "$0")
chmod +x $this_dir/fuzz_api_inputs.pkg
LD_PRELOAD=$this_dir/sanitizer_with_fuzzer.so ASAN_OPTIONS=$ASAN_OPTIONS:symbolize=1:external_symbolizer_path=$this_dir/llvm-symbolizer:detect_leaks=0 $this_dir/fuzz_api_inputs.pkg $@'

chmod +x /out/fuzz_api_inputs
for fuzzer in $(find $SRC/hancock/fuzz -name 'fuzz_*.py')
compile_python_fuzzer /src/hancock/fuzz/fuzz_webhook_signature.py
fuzzer_path=/src/hancock/fuzz/fuzz_webhook_signature.py
shift 1
++ basename -s .py /src/hancock/fuzz/fuzz_webhook_signature.py
fuzzer_basename=fuzz_webhook_signature
fuzzer_package=fuzz_webhook_signature.pkg
PYFUZZ_WORKPATH=/src/pyfuzzworkdir/
FUZZ_WORKPATH=/src/pyfuzzworkdir//fuzz_webhook_signature
[[ address = introspector ]]
[[ address = coverage ]]
[[ 0 != \0 ]]
rm -rf /src/pyfuzzworkdir/
mkdir /src/pyfuzzworkdir/ /src/pyfuzzworkdir//fuzz_webhook_signature
pyinstaller --distpath /out --workpath=/src/pyfuzzworkdir//fuzz_webhook_signature --onefile --name fuzz_webhook_signature.pkg /src/hancock/fuzz/fuzz_webhook_signature.py
38 INFO: PyInstaller: 6.10.0, contrib hooks: 2026.4
38 INFO: Python: 3.11.13
40 INFO: Platform: Linux-6.18.12+kali-amd64-x86_64-with-glibc2.31
40 INFO: Python environment: /usr/local
41 INFO: wrote /src/hancock/fuzz_webhook_signature.pkg.spec
42 INFO: Module search paths (PYTHONPATH):
['/usr/local/lib/python311.zip',
'/usr/local/lib/python3.11',
'/usr/local/lib/python3.11/lib-dynload',
'/usr/local/lib/python3.11/site-packages',
'/src/hancock']
122 INFO: checking Analysis
122 INFO: Building Analysis because Analysis-00.toc is non existent
122 INFO: Running Analysis Analysis-00.toc
122 INFO: Target bytecode optimization level: 0
122 INFO: Initializing module dependency graph...
123 INFO: Caching module graph hooks...
131 INFO: Analyzing base_library.zip ...
596 INFO: Processing standard module hook 'hook-heapq.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
675 INFO: Processing standard module hook 'hook-encodings.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
1879 INFO: Processing standard module hook 'hook-pickle.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
3058 INFO: Caching module dependency graph...
3119 INFO: Looking for Python shared library...
3127 INFO: Using Python shared library: /usr/local/lib/libpython3.11.so.1.0
3128 INFO: Analyzing /src/hancock/fuzz/fuzz_webhook_signature.py
3133 INFO: Processing standard module hook 'hook-atheris.py' from '/usr/local/lib/python3.11/site-packages/atheris'
3201 INFO: Processing module hooks (post-graph stage)...
3206 INFO: Performing binary vs. data reclassification (2 entries)
3209 INFO: Looking for ctypes DLLs
3219 INFO: Analyzing run-time hooks ...
3220 INFO: Including run-time hook 'pyi_rth_inspect.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
3224 INFO: Looking for dynamic libraries
3678 INFO: Warnings written to /src/pyfuzzworkdir/fuzz_webhook_signature/fuzz_webhook_signature.pkg/warn-fuzz_webhook_signature.pkg.txt
3686 INFO: Graph cross-reference written to /src/pyfuzzworkdir/fuzz_webhook_signature/fuzz_webhook_signature.pkg/xref-fuzz_webhook_signature.pkg.html
3693 INFO: checking PYZ
3693 INFO: Building PYZ because PYZ-00.toc is non existent
3693 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_webhook_signature/fuzz_webhook_signature.pkg/PYZ-00.pyz
3839 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_webhook_signature/fuzz_webhook_signature.pkg/PYZ-00.pyz completed successfully.
3851 INFO: checking PKG
3851 INFO: Building PKG because PKG-00.toc is non existent
3851 INFO: Building PKG (CArchive) fuzz_webhook_signature.pkg.pkg
13275 INFO: Building PKG (CArchive) fuzz_webhook_signature.pkg.pkg completed successfully.
13276 INFO: Bootloader /usr/local/lib/python3.11/site-packages/PyInstaller/bootloader/Linux-64bit-intel/run
13276 INFO: checking EXE
13276 INFO: Building EXE because EXE-00.toc is non existent
13276 INFO: Building EXE from EXE-00.toc
13276 INFO: Copying bootloader EXE to /out/fuzz_webhook_signature.pkg
13277 INFO: Appending PKG archive to custom ELF section in EXE
13322 INFO: Building EXE from EXE-00.toc completed successfully.
chmod -x /out/fuzz_webhook_signature.pkg
[[ address = coverage ]]
echo '#!/bin/sh

LLVMFuzzerTestOneInput for fuzzer detection.

this_dir=$(dirname "$0")
chmod +x $this_dir/fuzz_webhook_signature.pkg
LD_PRELOAD=$this_dir/sanitizer_with_fuzzer.so ASAN_OPTIONS=$ASAN_OPTIONS:symbolize=1:external_symbolizer_path=$this_dir/llvm-symbolizer:detect_leaks=0 $this_dir/fuzz_webhook_signature.pkg $@'

chmod +x /out/fuzz_webhook_signature
for fuzzer in $(find $SRC/hancock/fuzz -name 'fuzz_*.py')
compile_python_fuzzer /src/hancock/fuzz/fuzz_formatter_v3.py
fuzzer_path=/src/hancock/fuzz/fuzz_formatter_v3.py
shift 1
++ basename -s .py /src/hancock/fuzz/fuzz_formatter_v3.py
fuzzer_basename=fuzz_formatter_v3
fuzzer_package=fuzz_formatter_v3.pkg
PYFUZZ_WORKPATH=/src/pyfuzzworkdir/
FUZZ_WORKPATH=/src/pyfuzzworkdir//fuzz_formatter_v3
[[ address = introspector ]]
[[ address = coverage ]]
[[ 0 != \0 ]]
rm -rf /src/pyfuzzworkdir/
mkdir /src/pyfuzzworkdir/ /src/pyfuzzworkdir//fuzz_formatter_v3
pyinstaller --distpath /out --workpath=/src/pyfuzzworkdir//fuzz_formatter_v3 --onefile --name fuzz_formatter_v3.pkg /src/hancock/fuzz/fuzz_formatter_v3.py
38 INFO: PyInstaller: 6.10.0, contrib hooks: 2026.4
38 INFO: Python: 3.11.13
40 INFO: Platform: Linux-6.18.12+kali-amd64-x86_64-with-glibc2.31
40 INFO: Python environment: /usr/local
40 INFO: wrote /src/hancock/fuzz_formatter_v3.pkg.spec
41 INFO: Module search paths (PYTHONPATH):
['/usr/local/lib/python311.zip',
'/usr/local/lib/python3.11',
'/usr/local/lib/python3.11/lib-dynload',
'/usr/local/lib/python3.11/site-packages',
'/src/hancock']
120 INFO: checking Analysis
120 INFO: Building Analysis because Analysis-00.toc is non existent
121 INFO: Running Analysis Analysis-00.toc
121 INFO: Target bytecode optimization level: 0
121 INFO: Initializing module dependency graph...
122 INFO: Caching module graph hooks...
130 INFO: Analyzing base_library.zip ...
661 INFO: Processing standard module hook 'hook-heapq.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
727 INFO: Processing standard module hook 'hook-encodings.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
2017 INFO: Processing standard module hook 'hook-pickle.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
3113 INFO: Caching module dependency graph...
3173 INFO: Looking for Python shared library...
3183 INFO: Using Python shared library: /usr/local/lib/libpython3.11.so.1.0
3183 INFO: Analyzing /src/hancock/fuzz/fuzz_formatter_v3.py
3189 INFO: Processing standard module hook 'hook-atheris.py' from '/usr/local/lib/python3.11/site-packages/atheris'
3267 INFO: Processing module hooks (post-graph stage)...
3272 INFO: Performing binary vs. data reclassification (2 entries)
3276 INFO: Looking for ctypes DLLs
3286 INFO: Analyzing run-time hooks ...
3287 INFO: Including run-time hook 'pyi_rth_inspect.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
3291 INFO: Looking for dynamic libraries
3748 INFO: Warnings written to /src/pyfuzzworkdir/fuzz_formatter_v3/fuzz_formatter_v3.pkg/warn-fuzz_formatter_v3.pkg.txt
3756 INFO: Graph cross-reference written to /src/pyfuzzworkdir/fuzz_formatter_v3/fuzz_formatter_v3.pkg/xref-fuzz_formatter_v3.pkg.html
3763 INFO: checking PYZ
3763 INFO: Building PYZ because PYZ-00.toc is non existent
3763 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_formatter_v3/fuzz_formatter_v3.pkg/PYZ-00.pyz
3909 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_formatter_v3/fuzz_formatter_v3.pkg/PYZ-00.pyz completed successfully.
3920 INFO: checking PKG
3920 INFO: Building PKG because PKG-00.toc is non existent
3920 INFO: Building PKG (CArchive) fuzz_formatter_v3.pkg.pkg
13344 INFO: Building PKG (CArchive) fuzz_formatter_v3.pkg.pkg completed successfully.
13346 INFO: Bootloader /usr/local/lib/python3.11/site-packages/PyInstaller/bootloader/Linux-64bit-intel/run
13346 INFO: checking EXE
13346 INFO: Building EXE because EXE-00.toc is non existent
13346 INFO: Building EXE from EXE-00.toc
13346 INFO: Copying bootloader EXE to /out/fuzz_formatter_v3.pkg
13346 INFO: Appending PKG archive to custom ELF section in EXE
13397 INFO: Building EXE from EXE-00.toc completed successfully.
chmod -x /out/fuzz_formatter_v3.pkg
[[ address = coverage ]]
echo '#!/bin/sh

LLVMFuzzerTestOneInput for fuzzer detection.

this_dir=$(dirname "$0")
chmod +x $this_dir/fuzz_formatter_v3.pkg
LD_PRELOAD=$this_dir/sanitizer_with_fuzzer.so ASAN_OPTIONS=$ASAN_OPTIONS:symbolize=1:external_symbolizer_path=$this_dir/llvm-symbolizer:detect_leaks=0 $this_dir/fuzz_formatter_v3.pkg $@'

chmod +x /out/fuzz_formatter_v3
for fuzzer in $(find $SRC/hancock/fuzz -name 'fuzz_*.py')
compile_python_fuzzer /src/hancock/fuzz/fuzz_nvd_parser.py
fuzzer_path=/src/hancock/fuzz/fuzz_nvd_parser.py
shift 1
++ basename -s .py /src/hancock/fuzz/fuzz_nvd_parser.py
fuzzer_basename=fuzz_nvd_parser
fuzzer_package=fuzz_nvd_parser.pkg
PYFUZZ_WORKPATH=/src/pyfuzzworkdir/
FUZZ_WORKPATH=/src/pyfuzzworkdir//fuzz_nvd_parser
[[ address = introspector ]]
[[ address = coverage ]]
[[ 0 != \0 ]]
rm -rf /src/pyfuzzworkdir/
mkdir /src/pyfuzzworkdir/ /src/pyfuzzworkdir//fuzz_nvd_parser
pyinstaller --distpath /out --workpath=/src/pyfuzzworkdir//fuzz_nvd_parser --onefile --name fuzz_nvd_parser.pkg /src/hancock/fuzz/fuzz_nvd_parser.py
38 INFO: PyInstaller: 6.10.0, contrib hooks: 2026.4
38 INFO: Python: 3.11.13
40 INFO: Platform: Linux-6.18.12+kali-amd64-x86_64-with-glibc2.31
40 INFO: Python environment: /usr/local
40 INFO: wrote /src/hancock/fuzz_nvd_parser.pkg.spec
41 INFO: Module search paths (PYTHONPATH):
['/usr/local/lib/python311.zip',
'/usr/local/lib/python3.11',
'/usr/local/lib/python3.11/lib-dynload',
'/usr/local/lib/python3.11/site-packages',
'/src/hancock']
122 INFO: checking Analysis
122 INFO: Building Analysis because Analysis-00.toc is non existent
122 INFO: Running Analysis Analysis-00.toc
122 INFO: Target bytecode optimization level: 0
122 INFO: Initializing module dependency graph...
123 INFO: Caching module graph hooks...
131 INFO: Analyzing base_library.zip ...
496 INFO: Processing standard module hook 'hook-encodings.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
750 INFO: Processing standard module hook 'hook-heapq.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
1884 INFO: Processing standard module hook 'hook-pickle.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
3054 INFO: Caching module dependency graph...
3115 INFO: Looking for Python shared library...
3125 INFO: Using Python shared library: /usr/local/lib/libpython3.11.so.1.0
3125 INFO: Analyzing /src/hancock/fuzz/fuzz_nvd_parser.py
3130 INFO: Processing standard module hook 'hook-atheris.py' from '/usr/local/lib/python3.11/site-packages/atheris'
3224 INFO: Processing standard module hook 'hook-urllib3.py' from '/usr/local/lib/python3.11/site-packages/_pyinstaller_hooks_contrib/stdhooks'
3365 INFO: Processing pre-safe-import-module hook 'hook-typing_extensions.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
3365 INFO: SetuptoolsInfo: initializing cached setuptools info...
6733 INFO: Processing standard module hook 'hook-multiprocessing.util.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
6795 INFO: Processing standard module hook 'hook-xml.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
7899 INFO: Processing standard module hook 'hook-charset_normalizer.py' from '/usr/local/lib/python3.11/site-packages/_pyinstaller_hooks_contrib/stdhooks'
8002 INFO: Processing standard module hook 'hook-certifi.py' from '/usr/local/lib/python3.11/site-packages/_pyinstaller_hooks_contrib/stdhooks'
8124 INFO: Processing pre-safe-import-module hook 'hook-importlib_metadata.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
8124 INFO: Setuptools: 'importlib_metadata' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.importlib_metadata'!
8129 INFO: Processing standard module hook 'hook-setuptools.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
8135 INFO: Processing pre-safe-import-module hook 'hook-distutils.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
8136 INFO: Processing pre-find-module-path hook 'hook-distutils.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_find_module_path'
8288 INFO: Processing standard module hook 'hook-distutils.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
8335 INFO: Processing standard module hook 'hook-distutils.util.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
8384 INFO: Processing standard module hook 'hook-sysconfig.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
8560 INFO: Processing standard module hook 'hook-platform.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
8571 INFO: Processing pre-safe-import-module hook 'hook-packaging.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
8571 INFO: Processing standard module hook 'hook-packaging.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
8702 INFO: Processing pre-safe-import-module hook 'hook-more_itertools.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
8703 INFO: Setuptools: 'more_itertools' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.more_itertools'!
8788 INFO: Processing pre-safe-import-module hook 'hook-importlib_resources.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
8788 INFO: Setuptools: 'importlib_resources' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.importlib_resources'!
8804 INFO: Processing pre-safe-import-module hook 'hook-zipp.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
8804 INFO: Setuptools: 'zipp' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.zipp'!
8877 INFO: Processing pre-safe-import-module hook 'hook-ordered_set.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
8877 INFO: Setuptools: 'ordered_set' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.ordered_set'!
8895 INFO: Processing pre-safe-import-module hook 'hook-jaraco.text.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
8895 INFO: Setuptools: 'jaraco.text' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.jaraco.text'!
8903 INFO: Processing pre-safe-import-module hook 'hook-jaraco.functools.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
8903 INFO: Setuptools: 'jaraco.functools' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.jaraco.functools'!
8909 INFO: Processing pre-safe-import-module hook 'hook-jaraco.context.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
8910 INFO: Setuptools: 'jaraco.context' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.jaraco.context'!
9016 INFO: Processing pre-safe-import-module hook 'hook-tomli.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
9016 INFO: Setuptools: 'tomli' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.tomli'!
9439 INFO: Processing standard module hook 'hook-pkg_resources.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks'
9579 INFO: Processing pre-safe-import-module hook 'hook-platformdirs.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
9579 INFO: Setuptools: 'platformdirs' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.platformdirs'!
9673 INFO: Processing pre-safe-import-module hook 'hook-wheel.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
9673 INFO: Setuptools: 'wheel' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.wheel'!
9862 INFO: Processing module hooks (post-graph stage)...
10204 INFO: Processing pre-safe-import-module hook 'hook-autocommand.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
10204 INFO: Setuptools: 'autocommand' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.autocommand'!
10350 INFO: Processing pre-safe-import-module hook 'hook-typeguard.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/pre_safe_import_module'
10351 INFO: Setuptools: 'typeguard' appears to be a setuptools-vendored copy - creating alias to 'setuptools._vendor.typeguard'!
10977 INFO: Performing binary vs. data reclassification (114 entries)
10983 INFO: Looking for ctypes DLLs
11046 INFO: Analyzing run-time hooks ...
11049 INFO: Including run-time hook 'pyi_rth_inspect.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
11050 INFO: Including run-time hook 'pyi_rth_setuptools.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
11051 INFO: Including run-time hook 'pyi_rth_pkgutil.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
11052 INFO: Including run-time hook 'pyi_rth_multiprocessing.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
11054 INFO: Including run-time hook 'pyi_rth_pkgres.py' from '/usr/local/lib/python3.11/site-packages/PyInstaller/hooks/rthooks'
11066 INFO: Looking for dynamic libraries
11692 INFO: Warnings written to /src/pyfuzzworkdir/fuzz_nvd_parser/fuzz_nvd_parser.pkg/warn-fuzz_nvd_parser.pkg.txt
11721 INFO: Graph cross-reference written to /src/pyfuzzworkdir/fuzz_nvd_parser/fuzz_nvd_parser.pkg/xref-fuzz_nvd_parser.pkg.html
11736 INFO: checking PYZ
11736 INFO: Building PYZ because PYZ-00.toc is non existent
11737 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_nvd_parser/fuzz_nvd_parser.pkg/PYZ-00.pyz
12239 INFO: Building PYZ (ZlibArchive) /src/pyfuzzworkdir/fuzz_nvd_parser/fuzz_nvd_parser.pkg/PYZ-00.pyz completed successfully.
12258 INFO: checking PKG
12258 INFO: Building PKG because PKG-00.toc is non existent
12258 INFO: Building PKG (CArchive) fuzz_nvd_parser.pkg.pkg
22230 INFO: Building PKG (CArchive) fuzz_nvd_parser.pkg.pkg completed successfully.
22233 INFO: Bootloader /usr/local/lib/python3.11/site-packages/PyInstaller/bootloader/Linux-64bit-intel/run
22233 INFO: checking EXE
22233 INFO: Building EXE because EXE-00.toc is non existent
22233 INFO: Building EXE from EXE-00.toc
22233 INFO: Copying bootloader EXE to /out/fuzz_nvd_parser.pkg
22234 INFO: Appending PKG archive to custom ELF section in EXE
22292 INFO: Building EXE from EXE-00.toc completed successfully.
chmod -x /out/fuzz_nvd_parser.pkg
[[ address = coverage ]]
echo '#!/bin/sh

LLVMFuzzerTestOneInput for fuzzer detection.

this_dir=$(dirname "$0")
chmod +x $this_dir/fuzz_nvd_parser.pkg
LD_PRELOAD=$this_dir/sanitizer_with_fuzzer.so ASAN_OPTIONS=$ASAN_OPTIONS:symbolize=1:external_symbolizer_path=$this_dir/llvm-symbolizer:detect_leaks=0 $this_dir/fuzz_nvd_parser.pkg $@'

chmod +x /out/fuzz_nvd_parser
for corpus_dir in $SRC/hancock/fuzz/corpus/*/
++ basename /src/hancock/fuzz/corpus/api_inputs/
name=api_inputs
zip -j /out/fuzz_api_inputs_seed_corpus.zip /src/hancock/fuzz/corpus/api_inputs//ask.json /src/hancock/fuzz/corpus/api_inputs//triage.json /src/hancock/fuzz/corpus/api_inputs//webhook.json
updating: ask.json (stored 0%)
updating: triage.json (stored 0%)
updating: webhook.json (deflated 4%)
for corpus_dir in $SRC/hancock/fuzz/corpus/*/
++ basename /src/hancock/fuzz/corpus/formatter/
name=formatter
zip -j /out/fuzz_formatter_seed_corpus.zip /src/hancock/fuzz/corpus/formatter//valid_cve_list.json /src/hancock/fuzz/corpus/formatter//valid_kb.json
updating: valid_cve_list.json (deflated 21%)
updating: valid_kb.json (deflated 23%)
for corpus_dir in $SRC/hancock/fuzz/corpus/*/
++ basename /src/hancock/fuzz/corpus/formatter_v3/
name=formatter_v3
zip -j /out/fuzz_formatter_v3_seed_corpus.zip /src/hancock/fuzz/corpus/formatter_v3//ghsa_advisories.json /src/hancock/fuzz/corpus/formatter_v3//kev_entries.json /src/hancock/fuzz/corpus/formatter_v3//nvd_cve_list.json /src/hancock/fuzz/corpus/formatter_v3//valid_cves.json /src/hancock/fuzz/corpus/formatter_v3//valid_ghsa.json
updating: ghsa_advisories.json (deflated 40%)
updating: kev_entries.json (deflated 41%)
updating: nvd_cve_list.json (deflated 26%)
updating: valid_cves.json (deflated 19%)
updating: valid_ghsa.json (deflated 28%)
for corpus_dir in $SRC/hancock/fuzz/corpus/*/
++ basename /src/hancock/fuzz/corpus/ghsa_parser/
name=ghsa_parser
zip -j /out/fuzz_ghsa_parser_seed_corpus.zip /src/hancock/fuzz/corpus/ghsa_parser//empty_fields.json /src/hancock/fuzz/corpus/ghsa_parser//missing_keys.json /src/hancock/fuzz/corpus/ghsa_parser//null_cvss.json /src/hancock/fuzz/corpus/ghsa_parser//valid_advisory.json
updating: empty_fields.json (deflated 16%)
updating: missing_keys.json (deflated 25%)
updating: null_cvss.json (deflated 34%)
updating: valid_advisory.json (deflated 41%)
for corpus_dir in $SRC/hancock/fuzz/corpus/*/
++ basename /src/hancock/fuzz/corpus/mitre_parser/
name=mitre_parser
zip -j /out/fuzz_mitre_parser_seed_corpus.zip /src/hancock/fuzz/corpus/mitre_parser//non_attack.json /src/hancock/fuzz/corpus/mitre_parser//revoked.json /src/hancock/fuzz/corpus/mitre_parser//valid_technique.json
updating: non_attack.json (deflated 18%)
updating: revoked.json (deflated 14%)
updating: valid_technique.json (deflated 40%)
for corpus_dir in $SRC/hancock/fuzz/corpus/*/
++ basename /src/hancock/fuzz/corpus/nvd_parser/
name=nvd_parser
zip -j /out/fuzz_nvd_parser_seed_corpus.zip /src/hancock/fuzz/corpus/nvd_parser//empty.json /src/hancock/fuzz/corpus/nvd_parser//missing_cve.json /src/hancock/fuzz/corpus/nvd_parser//null_metrics.json /src/hancock/fuzz/corpus/nvd_parser//valid_cve.json
updating: empty.json (stored 0%)
updating: missing_cve.json (stored 0%)
updating: null_metrics.json (deflated 19%)
updating: valid_cve.json (deflated 29%)
for corpus_dir in $SRC/hancock/fuzz/corpus/*/
++ basename /src/hancock/fuzz/corpus/webhook_signature/
name=webhook_signature
zip -j /out/fuzz_webhook_signature_seed_corpus.zip /src/hancock/fuzz/corpus/webhook_signature//basic.txt
updating: basic.txt (deflated 3%)
for corpus_dir in $SRC/hancock/fuzz/corpus/*/
++ basename /src/hancock/fuzz/corpus/xml_parsing/
name=xml_parsing
zip -j /out/fuzz_xml_parsing_seed_corpus.zip /src/hancock/fuzz/corpus/xml_parsing//empty_scan.xml /src/hancock/fuzz/corpus/xml_parsing//minimal.xml /src/hancock/fuzz/corpus/xml_parsing//valid_nmap.xml
updating: empty_scan.xml (deflated 12%)
updating: minimal.xml (deflated 21%)
updating: valid_nmap.xml (deflated 33%)
INFO:main:Running: docker run --privileged --shm-size=2g --platform linux/amd64 --rm -i -e FUZZING_ENGINE=libfuzzer -e SANITIZER=address -e RUN_FUZZER_MODE=interactive -e HELPER=True -v /home/oai/oss-fuzz/build/out/hancock:/out -t gcr.io/oss-fuzz-base/base-runner:latest run_fuzzer fuzz_nvd_parser -max_total_time=60.
vm.mmap_rnd_bits = 28
Using seed corpus: fuzz_nvd_parser_seed_corpus.zip
/out/fuzz_nvd_parser -- -rss_limit_mb=2560 -timeout=25 -max_total_time=60 /tmp/fuzz_nvd_parser_corpus < /dev/null
INFO: Using preloaded libfuzzer
INFO: libFuzzer ignores flags that start with '--'
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 3466420583
INFO: 4 files found in /tmp/fuzz_nvd_parser_corpus
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes
INFO: seed corpus: files: 4 min: 3b max: 436b total: 648b rss: 97Mb
Add fuzzer for libchewing #5 INITED exec/s: 0 rss: 97Mb
WARNING: no interesting inputs were found so far. Is the code instrumented for coverage?
This may also happen if the target rejected all inputs we tried so far
#524288 pulse corp: 1/1b lim: 4096 exec/s: 174762 rss: 112Mb
#1048576 pulse corp: 1/1b lim: 4096 exec/s: 174762 rss: 112Mb
#2097152 pulse corp: 1/1b lim: 4096 exec/s: 174762 rss: 112Mb
#4194304 pulse corp: 1/1b lim: 4096 exec/s: 174762 rss: 112Mb
#8388608 pulse corp: 1/1b lim: 4096 exec/s: 171196 rss: 112Mb
#10339165 DONE corp: 1/1b lim: 4096 exec/s: 169494 rss: 112Mb
Done 10339165 runs in 61 second(s)

Ready for review and merge.
cc @oliverchang @jonathanmetzman

Submitting for Initial Integration reward (up to $5,000). CIFuzz already enabled upstream.

Add hancock to OSS-Fuzz

785ca6d

This was referenced Apr 8, 2026

Fix OSS-Fuzz blockers: add atheris dependency and switch to Apache 2.0 license 0ai-Cyberviser/Hancock#38

Merged

Fix hancock OSS-Fuzz integration: system deps, atheris install, copyright year 0ai-Cyberviser/oss-fuzz#63

Merged

0ai-Cyberviser changed the title ~~Add hancock to OSS-Fuzz~~ Add Hancock to OSS-Fuzz Apr 8, 2026

0ai-Cyberviser force-pushed the add-hancock-project branch from 762cdc1 to 785ca6d Compare April 8, 2026 04:20

Merge branch 'master' into add-hancock-project

3bb062a

0ai-Cyberviser added 2 commits April 10, 2026 16:48

Merge branch 'master' into add-hancock-project

fda1f98

Merge branch 'master' into add-hancock-project

f86f51b

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add Hancock to OSS-Fuzz#15315

Add Hancock to OSS-Fuzz#15315
0ai-Cyberviser wants to merge 4 commits intogoogle:masterfrom
0ai-Cyberviser:add-hancock-project

0ai-Cyberviser commented Apr 8, 2026

Uh oh!

github-actions bot commented Apr 8, 2026

Uh oh!

0ai-Cyberviser commented Apr 8, 2026

Copilot said: PR #63 can't be auto-merged because it's

Step 1: Merge PR #63 (manual — requires your action)

Step 2 (after merge): Update #15315 description

Fuzz targets

Uh oh!

0ai-Cyberviser commented Apr 8, 2026

Uh oh!

0ai-Cyberviser commented Apr 9, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

0ai-Cyberviser commented Apr 8, 2026

Uh oh!

github-actions bot commented Apr 8, 2026

Uh oh!

0ai-Cyberviser commented Apr 8, 2026

Copilot said: PR #63 can't be auto-merged because it's

Step 1: Merge PR #63 (manual — requires your action)

Step 2 (after merge): Update #15315 description

Fuzz targets

Uh oh!

0ai-Cyberviser commented Apr 8, 2026

Uh oh!

0ai-Cyberviser commented Apr 9, 2026

2. Build the Docker image

3. Build the fuzzers

4. Run at least ONE fuzzer (recommend fuzz_nvd_parser as it's simple and representative)

vm.mmap_rnd_bits = 28 Compiling libFuzzer to /usr/lib/libFuzzingEngine.a... done.

LLVMFuzzerTestOneInput for fuzzer detection.

LLVMFuzzerTestOneInput for fuzzer detection.

LLVMFuzzerTestOneInput for fuzzer detection.

LLVMFuzzerTestOneInput for fuzzer detection.

LLVMFuzzerTestOneInput for fuzzer detection.

LLVMFuzzerTestOneInput for fuzzer detection.

LLVMFuzzerTestOneInput for fuzzer detection.

LLVMFuzzerTestOneInput for fuzzer detection.

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

vm.mmap_rnd_bits = 28
Compiling libFuzzer to /usr/lib/libFuzzingEngine.a... done.