Amount of callsites blocked	Calltree index	Parent function	Callsite	Largest blocked function
75	0	EP	call site: 00000	[dev.sigstore.fulcio.client.FulcioVerifier].newFulcioVerifier(java.util.List ,java.util.List )

1


           [util.Tuf].certificateAuthoritiesFrom(com.code_intelligence.jazzer.api.FuzzedDataProvider)

[function] [call site] 00001

2


             [util.Tuf].genCA(com.code_intelligence.jazzer.api.FuzzedDataProvider)

[function] [call site] 00002

3


               [dev.sigstore.trustroot.ImmutableCertificateAuthority].builder()

[function] [call site] 00003

3


               [dev.sigstore.trustroot.ImmutableValidFor].builder()

[function] [call site] 00004

3


               [util.Tuf].start(util.Tuf)

[function] [call site] 00005

3


               [util.Tuf].build()

[function] [call site] 00006

3


               [util.Tuf].validFor(util.Tuf)

[function] [call site] 00007

3


               [dev.sigstore.trustroot.ImmutableSubject].builder()

[function] [call site] 00008

3


               [util.Tuf].commonName(String)

[function] [call site] 00009

3


               [util.Tuf].organization(String)

[function] [call site] 00010

3


               [util.Tuf].build()

[function] [call site] 00011

3


               [util.Tuf].subject(util.Tuf)

[function] [call site] 00012

3


               [util.Tuf].genCertPath(com.code_intelligence.jazzer.api.FuzzedDataProvider)

[function] [call site] 00013

4


                 [java.util.ArrayList].<init>()

[function] [call site] 00014

4


                 [java.security.cert.CertificateFactory].getInstance(String)

[function] [call site] 00015

4


                 [com.code_intelligence.jazzer.api.FuzzedDataProvider].consumeBytes(int)

[function] [call site] 00016

4


                 [java.io.ByteArrayInputStream].<init>(byte[])

[function] [call site] 00017

4


                 [util.Tuf].generateCertificate(java.io.ByteArrayInputStream)

[function] [call site] 00018

4


                 [java.util.ArrayList].add(util.Tuf)

[function] [call site] 00019

4


                 [com.code_intelligence.jazzer.api.FuzzedDataProvider].consumeBytes(int)

[function] [call site] 00020

4


                 [java.io.ByteArrayInputStream].<init>(byte[])

[function] [call site] 00021

4


                 [util.Tuf].generateCertificate(java.io.ByteArrayInputStream)

[function] [call site] 00022

4


                 [java.util.ArrayList].add(util.Tuf)

[function] [call site] 00023

4


                 [util.Tuf].generateCertPath(java.util.ArrayList)

[function] [call site] 00024

3


               [util.Tuf].certPath(java.security.cert.CertPath)

[function] [call site] 00025

3


               [java.net.URI].create(String)

[function] [call site] 00026

3


               [util.Tuf].uri(util.Tuf)

[function] [call site] 00027

3


               [util.Tuf].build()

[function] [call site] 00028

2


             [java.util.List].of(dev.sigstore.trustroot.CertificateAuthority)

[function] [call site] 00029

1


           [util.Tuf].transparencyLogsFrom(com.code_intelligence.jazzer.api.FuzzedDataProvider)

[function] [call site] 00030

2


             [util.Tuf].genTlog(com.code_intelligence.jazzer.api.FuzzedDataProvider)

[function] [call site] 00031

3


               [dev.sigstore.trustroot.ImmutablePublicKey].builder()

[function] [call site] 00032

3


               [util.Tuf].keyDetails(String)

[function] [call site] 00033

3


               [com.code_intelligence.jazzer.api.FuzzedDataProvider].consumeBytes(int)

[function] [call site] 00034

3


               [util.Tuf].rawBytes(byte[])

[function] [call site] 00035

3


               [dev.sigstore.trustroot.ImmutableValidFor].builder()

[function] [call site] 00036

3


               [util.Tuf].start(util.Tuf)

[function] [call site] 00037

3


               [util.Tuf].build()

[function] [call site] 00038

3


               [util.Tuf].validFor(util.Tuf)

[function] [call site] 00039

3


               [util.Tuf].build()

[function] [call site] 00040

3


               [com.google.common.hash.Hashing].sha256()

[function] [call site] 00041

3


               [util.Tuf].getRawBytes()

[function] [call site] 00042

3


               [util.Tuf].hashBytes(util.Tuf)

[function] [call site] 00043

3


               [util.Tuf].asBytes()

[function] [call site] 00044

3


               [dev.sigstore.trustroot.ImmutableTransparencyLog].builder()

[function] [call site] 00045

3


               [java.net.URI].create(String)

[function] [call site] 00046

3


               [util.Tuf].baseUrl(util.Tuf)

[function] [call site] 00047

3


               [util.Tuf].hashAlgorithm(String)

[function] [call site] 00048

3


               [util.Tuf].publicKey(util.Tuf)

[function] [call site] 00049

3


               [dev.sigstore.trustroot.ImmutableLogId].builder()

[function] [call site] 00050

3


               [util.Tuf].keyId(util.Tuf)

[function] [call site] 00051

3


               [util.Tuf].build()

[function] [call site] 00052

3


               [util.Tuf].logId(util.Tuf)

[function] [call site] 00053

3


               [util.Tuf].build()

[function] [call site] 00054

2


             [java.util.List].of(dev.sigstore.trustroot.TransparencyLog)

[function] [call site] 00055

1


           [java.util.ArrayList].<init>()

[function] [call site] 00056

1


           [java.security.cert.CertificateFactory].getInstance(String)

[function] [call site] 00057

1


           [com.code_intelligence.jazzer.api.FuzzedDataProvider].consumeBytes(int)

[function] [call site] 00058

1


           [java.io.ByteArrayInputStream].<init>(byte[])

[function] [call site] 00059

1


           [fuzzing.FulcioVerifierFuzzer].generateCertificate(java.io.ByteArrayInputStream)

[function] [call site] 00060

1


           [java.util.ArrayList].add(fuzzing.FulcioVerifierFuzzer)

[function] [call site] 00061

1


           [com.code_intelligence.jazzer.api.FuzzedDataProvider].consumeRemainingAsBytes()

[function] [call site] 00062

1


           [java.io.ByteArrayInputStream].<init>(byte[])

[function] [call site] 00063

1


           [fuzzing.FulcioVerifierFuzzer].generateCertificate(java.io.ByteArrayInputStream)

[function] [call site] 00064

1


           [java.util.ArrayList].add(fuzzing.FulcioVerifierFuzzer)

[function] [call site] 00065

1


           [fuzzing.FulcioVerifierFuzzer].generateCertPath(java.util.ArrayList)

[function] [call site] 00066

1


           [dev.sigstore.fulcio.client.FulcioVerifier].newFulcioVerifier(java.util.List<dev.sigstore.trustroot.CertificateAuthority>,java.util.List<dev.sigstore.trustroot.TransparencyLog>)

[function] [call site] 00067

2


             [java.util.ArrayList].<init>()

[function] [call site] 00068

2


             [dev.sigstore.fulcio.client.FulcioVerifier].toJavaPublicKey()

[function] [call site] 00069

2


             [dev.sigstore.fulcio.client.FulcioVerifier].toString()

[function] [call site] 00070

2


             [dev.sigstore.encryption.certificates.transparency.CTLogInfo].<init>(dev.sigstore.fulcio.client.FulcioVerifier,String,dev.sigstore.fulcio.client.FulcioVerifier)

[function] [call site] 00071

2


             [java.util.ArrayList].add(dev.sigstore.encryption.certificates.transparency.CTLogInfo)

[function] [call site] 00072

2


             [dev.sigstore.encryption.certificates.transparency.CTVerifier].<init>()

[function] [call site] 00073

2


             [dev.sigstore.fulcio.client.FulcioVerifier].<init>(java.util.List<dev.sigstore.trustroot.CertificateAuthority>,java.util.List<dev.sigstore.trustroot.TransparencyLog>,dev.sigstore.encryption.certificates.transparency.CTVerifier)

[function] [call site] 00074

1


           [dev.sigstore.fulcio.client.FulcioVerifier].verifySigningCertificate(fuzzing.FulcioVerifierFuzzer)

[function] [call site] 00075

Fuzz blockers

Fuzzer calltree