Exemple #1
0
    def get_fuzzing_blocks(self, config):
        """ Returns the fuzzing request blocks per the config

        @return: The list of request blocks
        @rtype : List[str]

        """
        # default value
        default_value = config.get_default_value(
            self.tag, primitives.FUZZABLE_BOOL
        )
        default_value = str(default_value).lower()

        if not self.is_fuzzable():
            return [primitives.restler_static_string(default_value)]

        if not config.merge_fuzzable_values:
            return [primitives.restler_fuzzable_bool(default_value)]

        # get the set of fuzzable variables
        fuzzable_values_raw = config.get_fuzzable_values(
            self.tag, primitives.FUZZABLE_BOOL
        )

        fuzzable_values = [
            str(value) for value in fuzzable_values_raw
        ]

        # merge default + fuzzable values
        fuzzable_group = config.cleanup_fuzzable_group(
            default_value, fuzzable_values
        )
        return [primitives.restler_fuzzable_group(FUZZABLE_GROUP_TAG, fuzzable_group)]
Exemple #2
0
    def get_blocks(self, config=None):
        """ Gets request blocks for the Enum Parameters

        @return: Request blocks
        @rtype : List[str]

        """
        contents_str = []

        for content in self._contents:
            content_str = f'"{content}"' if self.content_type == 'String' else content
            contents_str.append(content_str)

        return [primitives.restler_fuzzable_group(FUZZABLE_GROUP_TAG, contents_str)]
Exemple #3
0
    def get_fuzzing_blocks(self, config):
        """ Returns the fuzzing request blocks per the config

        @return: The list of request blocks
        @rtype : List[str]

        """

        # helper function to sanitize raw object string
        def formalize_object_value(raw_object):
            object_str = str(raw_object)
            object_tmp = object_str.replace("'", '"')
            object_tmp = object_tmp.replace('u"', '"')
            try:
                test_object = json.loads(object_tmp)
                if str(test_object) == raw_object:
                    return object_tmp
            except Exception:
                return '{ "fuzz" : false }'

            return object_str

        # default value
        default_value = config.get_default_value(self.tag,
                                                 primitives.FUZZABLE_OBJECT)
        default_value = formalize_object_value(default_value)

        # not fuzzalbe --> constant
        if not self.is_fuzzable():
            return [primitives.restler_static_string(default_value)]

        # fuzz as normal fuzzable object using wordbook
        if not config.merge_fuzzable_values:
            return [primitives.restler_fuzzable_object(default_value)]

        # get the set of fuzzable values
        fuzzable_values_raw = config.get_fuzzable_values(
            self.tag, primitives.FUZZABLE_OBJECT)

        fuzzable_values = [
            formalize_object_value(value) for value in fuzzable_values_raw
        ]

        # merge default + fuzzable values
        fuzzable_group = config.cleanup_fuzzable_group(default_value,
                                                       fuzzable_values)
        return [
            primitives.restler_fuzzable_group(FUZZABLE_GROUP_TAG,
                                              fuzzable_group)
        ]
Exemple #4
0
    def get_fuzzing_blocks(self, config):
        """ Returns the fuzzing request blocks per the config

        @return: The list of request blocks
        @rtype : List[str]

        """
        contents_str = []

        for content in self._contents:
            # string
            if self._type == 'String':
                content_str = f'"{content}"'
            # others
            else:
                content_str = content

            contents_str.append(content_str)

        return [primitives.restler_fuzzable_group(FUZZABLE_GROUP_TAG, contents_str)]
Exemple #5
0
],
                           requestId="/city/{cityName}")
req_collection.add_request(request)

request = requests.Request([
    primitives.restler_static_string("GET "),
    primitives.restler_static_string("/"),
    primitives.restler_static_string("city"),
    primitives.restler_static_string("/"),
    primitives.restler_static_string(_city_put_name.reader()),
    primitives.restler_static_string("?"),
    primitives.restler_static_string("location="),
    primitives.restler_custom_payload("location"),
    primitives.restler_static_string("&"),
    primitives.restler_static_string("group="),
    primitives.restler_fuzzable_group("fuzzable_group_tag",
                                      ['A', 'BB', 'CCC']),
    primitives.restler_static_string(" HTTP/1.1\r\n"),
    primitives.restler_static_string("Accept: application/json\r\n"),
    primitives.restler_static_string("Host: restler.unit.test.server.com\r\n"),
    primitives.restler_static_string("Content-Type: application/json\r\n"),
    primitives.restler_refreshable_authentication_token(
        "authentication_token_tag"),
    primitives.restler_static_string("\r\n")
],
                           requestId="/city/{cityName}")
req_collection.add_request(request)

request = requests.Request([
    primitives.restler_static_string("DELETE "),
    primitives.restler_static_string("/"),
    primitives.restler_static_string("city"),
Exemple #6
0
    def get_fuzzing_blocks(self, config):
        """ Returns the fuzzing request blocks per the config

        @return: The list of request blocks
        @rtype : List[str]

        """
        # default value
        default_value = config.get_default_value(
            self.tag, primitives.FUZZABLE_STRING, self._content
        )

        def not_like_string(val):
            """ Tests if a value seems to be some type other
            than a string (i.e. array, dict, bool, int) """

            if not val or not isinstance(val, str):
                return True

            if val[0] == '[' and val[-1] == ']':
                return True
            if val[0] == '{' and val[-1] == '}':
                return True
            if val.lower() == 'true' or val.lower() == 'false':
                return True

            try:
                v = int(val)
                return True
            except Exception:
                pass

            return False

        if self.is_unknown and not_like_string(default_value):
            # Try to get a new default value without a hint
            default_value = config.get_default_value(
                self.tag, primitives.FUZZABLE_STRING, hint=None
            )
            if not_like_string(default_value):
                return [primitives.restler_static_string(default_value, quoted=False)]

        if not self.is_fuzzable():
            return [primitives.restler_static_string(default_value, quoted=True)]

        # fuzz as normal fuzzable string
        if not config.merge_fuzzable_values:
            blocks = []
            blocks.append(primitives.restler_fuzzable_string(default_value), quoted=True)
            return blocks

        # get the set of fuzzable values
        fuzzable_values_raw = config.get_fuzzable_values(
            self.tag, primitives.FUZZABLE_STRING
        )

        fuzzable_values = [
            f'"{value}"' for value in fuzzable_values_raw
        ]

        # merge default + fuzzable values
        fuzzable_group = config.cleanup_fuzzable_group(
            f'"{default_value}"', fuzzable_values
        )
        return [primitives.restler_fuzzable_group(FUZZABLE_GROUP_TAG, fuzzable_group)]