Add Log utility adapted from Jazzer

Author: serj

agent/src/main/java/com/github/serj/jcapslock/agent/CapabilityTransformer.java

@@ -61,7 +61,7 @@ public byte[] transform(ClassLoader loader, String className, Class<?> classBein
             cr.accept(cv, ClassReader.EXPAND_FRAMES);
             return cw.toByteArray();
         } catch (Exception e) {
-            System.err.println(PolicyChecker.LOG_PREFIX + "Failed to transform " + className + ": " + e.getMessage());
+            Log.error("Failed to transform " + className + ": " + e.getMessage());
             return null;
         }
     }

agent/src/main/java/com/github/serj/jcapslock/agent/CapslockAgent.java

@@ -22,7 +22,7 @@
 public class CapslockAgent {
 
     public static void premain(String args, Instrumentation inst) {
-        System.err.println(PolicyChecker.LOG_PREFIX + "Runtime capability monitoring enabled");
+        Log.info("Runtime capability monitoring enabled");
 
         // Load policy if provided
         if (args != null && !args.isEmpty()) {
@@ -35,7 +35,7 @@ public static void premain(String args, Instrumentation inst) {
                     .getCodeSource().getLocation().toURI().getPath();
             inst.appendToBootstrapClassLoaderSearch(new JarFile(new File(agentJarPath)));
         } catch (Exception e) {
-            System.err.println(PolicyChecker.LOG_PREFIX + "Warning: Could not add to bootstrap classpath: " + e.getMessage());
+            Log.warn("Could not add to bootstrap classpath: " + e.getMessage());
         }
 
         inst.addTransformer(new CapabilityTransformer(), true);
@@ -51,7 +51,7 @@ public static void premain(String args, Instrumentation inst) {
             } catch (ClassNotFoundException e) {
                 // Class not yet loaded, transformer will catch it later
             } catch (Exception e) {
-                System.err.println(PolicyChecker.LOG_PREFIX + "Warning: Could not retransform " + javaClassName + ": " + e.getMessage());
+                Log.warn("Could not retransform " + javaClassName + ": " + e.getMessage());
             }
         }
     }
@@ -63,11 +63,11 @@ public static void premain(String args, Instrumentation inst) {
     private static void loadPolicy(String policyPath) {
         File policyFile = new File(policyPath);
         if (!policyFile.exists()) {
-            System.err.println(PolicyChecker.LOG_PREFIX + "Policy file not found: " + policyPath);
+            Log.error("Policy file not found: " + policyPath);
             return;
         }
 
-        System.err.println(PolicyChecker.LOG_PREFIX + "Loading policy from: " + policyPath);
+        Log.info("Loading policy from: " + policyPath);
 
         // Simple YAML parsing (no external deps)
         Map<String, Set<String>> capabilityToPackages = new HashMap<>();
@@ -97,7 +97,7 @@ private static void loadPolicy(String policyPath) {
                 }
             }
         } catch (Exception e) {
-            System.err.println(PolicyChecker.LOG_PREFIX + "Failed to load policy: " + e.getMessage());
+            Log.error("Failed to load policy: " + e.getMessage());
             return;
         }
 
@@ -106,7 +106,7 @@ private static void loadPolicy(String policyPath) {
             String propName = "capslock.block." + entry.getKey();
             String propValue = String.join(",", entry.getValue());
             System.setProperty(propName, propValue);
-            System.err.println(PolicyChecker.LOG_PREFIX + "Policy: " + entry.getKey() + " blocked for: " + propValue);
+            Log.info("Policy: " + entry.getKey() + " blocked for: " + propValue);
         }
     }
 }

agent/src/main/java/com/github/serj/jcapslock/agent/Log.java

@@ -0,0 +1,112 @@
+/*
+ * Copyright 2024 Code Intelligence GmbH
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file was adapted from Jazzer (https://github.com/CodeIntelligenceTesting/jazzer)
+ * to keep the agent lean by avoiding external logging dependencies.
+ */
+
+package com.github.serj.jcapslock.agent;
+
+import java.io.PrintStream;
+
+/**
+ * Provides static functions that should be used for any kind of output emitted by the agent.
+ *
+ * <p>Output is printed to {@link System#err} and {@link System#out} until {@link
+ * Log#fixOutErr(PrintStream, PrintStream)} is called, which locks in the {@link PrintStream}s to be
+ * used from there on.
+ */
+public class Log {
+
+    private static final String PREFIX = "[CAPSLOCK] ";
+
+    // Don't use directly, always use getOut() and getErr() instead - when these fields haven't been
+    // set yet, we want to resolve them dynamically as System.out and System.err, which may change
+    // over the course of the agent's lifetime.
+    private static PrintStream fixedOut;
+    private static PrintStream fixedErr;
+
+    // Whether to print debug messages. This is controlled by the CAPSLOCK_DEBUG environment variable.
+    private static final boolean isDebug = System.getenv("CAPSLOCK_DEBUG") != null;
+
+    /** The {@link PrintStream}s to use for all output from this call on. */
+    public static void fixOutErr(PrintStream out, PrintStream err) {
+        if (out == null) {
+            throw new IllegalArgumentException("out must not be null");
+        }
+        if (err == null) {
+            throw new IllegalArgumentException("err must not be null");
+        }
+        Log.fixedOut = out;
+        Log.fixedErr = err;
+    }
+
+    public static void println(String message) {
+        getErr().println(message);
+    }
+
+    public static void structuredOutput(String output) {
+        getOut().println(output);
+    }
+
+    public static void debug(String message) {
+        if (isDebug) {
+            println(PREFIX, "DEBUG: " + message, null);
+        }
+    }
+
+    public static void info(String message) {
+        println(PREFIX, message, null);
+    }
+
+    public static void warn(String message) {
+        warn(message, null);
+    }
+
+    public static void warn(String message, Throwable t) {
+        println(PREFIX, "WARN: " + message, t);
+    }
+
+    public static void error(String message) {
+        error(message, null);
+    }
+
+    public static void error(Throwable t) {
+        error(null, t);
+    }
+
+    public static void error(String message, Throwable t) {
+        println(PREFIX, "ERROR: " + message, t);
+    }
+
+    private static void println(String prefix, String message, Throwable t) {
+        PrintStream err = getErr();
+        err.print(prefix);
+        if (message != null) {
+            err.println(message + (t != null ? ":" : ""));
+        }
+        if (t != null) {
+            t.printStackTrace(err);
+        }
+    }
+
+    private static PrintStream getOut() {
+        return fixedOut != null ? fixedOut : System.out;
+    }
+
+    private static PrintStream getErr() {
+        return fixedErr != null ? fixedErr : System.err;
+    }
+}

agent/src/main/java/com/github/serj/jcapslock/agent/PolicyChecker.java

@@ -12,7 +12,6 @@
 public class PolicyChecker {
 
     public static final String PROP_PREFIX = "capslock.block.";
-    public static final String LOG_PREFIX = "[CAPSLOCK] ";
 
     /**
      * Check if capability is allowed for the current call stack.
@@ -32,7 +31,7 @@ public static void check(String capability) {
         if (blockedPackages != null) {
             String violator = findViolator(appFrames, blockedPackages);
             if (violator != null) {
-                throw new SecurityException(LOG_PREFIX + capability + " blocked for " + violator);
+                throw new SecurityException("[CAPSLOCK] " + capability + " blocked for " + violator);
             }
         }
     }
@@ -50,11 +49,11 @@ private static List<StackTraceElement> collectAppFrames() {
 
     private static void logFrames(String capability, List<StackTraceElement> frames) {
         StringBuilder sb = new StringBuilder();
-        sb.append(LOG_PREFIX).append(capability).append(":\n");
+        sb.append(capability).append(":");
         for (StackTraceElement frame : frames) {
-            sb.append("  ").append(frame.getClassName()).append(".").append(frame.getMethodName()).append("()\n");
+            sb.append("\n  ").append(frame.getClassName()).append(".").append(frame.getMethodName()).append("()");
         }
-        System.err.print(sb);
+        Log.info(sb.toString());
     }
 
     private static String findViolator(List<StackTraceElement> frames, String[] blockedPackages) {