t2 = test2_setup()
t2a = Test2()
t2a.name = 9241
t2a.value = 'firstthing'
t2.add(t2a)
t2b = Test2()
t2b.name = 5
t2b.value = 'another'
t2.add(t2b)
t2c = Test2()
t2c.name = -23
t2c.value = 'yy'
t2.add(t2c)
t2.commit()
print 'Testing f..'
fuzzy.concolic_test(test_f, verbose=10)
f_expected = (924, 22)
if all(x in f_results for x in f_expected):
print "Found all cases for f"
else:
print "Missing some cases for f:", set(f_expected) - set(f_results)
print 'Testing g..'
fuzzy.concolic_test(test_g, verbose=10)
g_expected = ('firstthing', 'another', 'yy')
if all(x in g_results for x in g_expected):
print "Found all cases for g"
else:
print "Missing some cases for g:", set(g_expected) - set(g_results)
environ["PATH_INFO"] = "trans" + fuzzy.mk_str("path")
if environ["PATH_INFO"].startswith("//"):
## Don't bother trying to construct paths with lots of slashes;
## otherwise, the lstrip() code generates lots of paths..
return
resp = zoobar.app(environ, startresp)
if verbose:
for x in resp:
print x
## Exercise 6: your code here.
## Detect balance mismatch.
## When detected, call report_balance_mismatch()
pdb = zoobar.zoodb.person_setup()
balancet = sum([p.zoobars for p in pdb.query(zoobar.zoodb.Person).all()])
if balance1 != balancet:
report_balance_mismatch()
## Detect zoobar theft.
## When detected, call report_zoobar_theft()
tdb = zoobar.zoodb.transfer_setup()
for p in pdb.query(zoobar.zoodb.Person).all():
if tdb.query(zoobar.zoodb.Transfer).filter_by(sender=p.username).first() == None:
report_zoobar_theft()
fuzzy.concolic_test(test_stuff, maxiter=2000, verbose=1)
whole_pc = fuzzy.const_bool(True)
is_first = True
for pc in fuzzy.cur_path_constr:
if is_first:
whole_pc = pc
is_first = False
else:
whole_pc = fuzzy.sym_and(whole_pc, pc)
pc_query_dict[whole_pc] = query
def test_func():
sym_table_name = fuzzy.mk_str("sym_tname")
table = Table(sym_table_name)
sym_column_1 = fuzzy.mk_str("sym_colname_1")
sym_column_2 = fuzzy.mk_str("sym_colname_2")
query = table.select(getattr(table, sym_column_1), \
getattr(table, sym_column_2))
sym_str = fuzzy.mk_str("sym_str")
query.where = getattr(table, sym_column_2) == sym_str
query = symsqlutils.symStrInterpolation(query)
sym_output(query)
if __name__ == '__main__':
fuzzy.concolic_test(test_func)
for pc, query in pc_query_dict.iteritems():
result, example = symsqlutils.checkSqlInjection(query, pc)
if result == z3.sat:
print("UNSAFE: ", example)
else:
print("SAFE")
t2 = test2_setup()
t2a = Test2()
t2a.name = 9241
t2a.value = 'firstthing'
t2.add(t2a)
t2b = Test2()
t2b.name = 5
t2b.value = 'another'
t2.add(t2b)
t2c = Test2()
t2c.name = -23
t2c.value = 'yy'
t2.add(t2c)
t2.commit()
print 'Testing f..'
fuzzy.concolic_test(test_f, verbose=10)
f_expected = (924, 22)
if all(x in f_results for x in f_expected):
print "Found all cases for f"
else:
print "Missing some cases for f:", set(f_expected) - set(f_results)
print 'Testing g..'
fuzzy.concolic_test(test_g, verbose=10)
g_expected = ('firstthing', 'another', 'yy')
if all(x in g_results for x in g_expected):
print "Found all cases for g"
else:
print "Missing some cases for g:", set(g_expected) - set(g_results)
if User.objects.all().count() == 2:
balance2 = sum([u.person.zoobars for u in User.objects.all()])
if balance1 != balance2:
report_balance_mismatch()
utransfers = [t.sender.user.username for t in Transfer.objects.all()]
for p in User.objects.all():
if p.username not in utransfers:
if p.person.zoobars < 10:
report_zoobar_theft()
# technically, this check could be fooled if an attacker could insert
# rows into the transfer db. Instead, we should keep a log of all
# requests, and which user the request was issued as, but this seems
# outside the scope of the exercise?
start = time.time()
fuzzy.concolic_test(test_stuff,
maxiter=2000,
v=verbose,
uniqueinputs=True,
removeredundant=True,
usecexcache=True)
end = time.time()
print "%.2f seconds" % (end - start)
if cov is not None:
print "Coverage report stored in covhtml/"
cov.html_report(directory='covhtml')
os.remove('.coverage')
finaldb = persondb.query(zoobar.zoodb.Person).all()
transferdb = tdb.query(zoobar.zoodb.Transfer).all()
for i in initdb:
initialZoobars = 0
finalZoobars = 0
personName1 = getattr(i, 'username')
initialZoobars = getattr(i, 'zoobars')
for j in finaldb:
personName2 = getattr(j, 'username')
if personName1 == personName2:
finalZoobars = getattr(j, 'zoobars')
break
transfer = 0
for t in transferdb:
if personName1 == getattr(t, 'sender'):
transfer = transfer + getattr(t, 'amount')
if initialZoobars - transfer != finalZoobars:
report_zoobar_theft()
# for p,q in zip(pdb.query(zoobar.zoodb.Person).all(),persondb.query(zoobar.zoodb.Person).all()):
# if p is not None and q is not None:
# if p.zoobars!=q.zoobars:
# report_zoobar_theft()
fuzzy.concolic_test(test_stuff, maxiter=2000, verbose=1)
print(re.sub("^", "\t", response.content))
print(80 * "-")
if User.objects.all().count() == 2:
balance2 = sum([u.person.zoobars for u in User.objects.all()])
if balance1 != balance2:
report_balance_mismatch()
utransfers = [t.sender.user.username for t in Transfer.objects.all()]
for p in User.objects.all():
if p.username not in utransfers:
if p.person.zoobars < 10:
report_zoobar_theft()
# technically, this check could be fooled if an attacker could insert
# rows into the transfer db. Instead, we should keep a log of all
# requests, and which user the request was issued as, but this seems
# outside the scope of the exercise?
start = time.time()
fuzzy.concolic_test(test_stuff, maxiter=2000, v=verbose,
uniqueinputs = True,
removeredundant = True,
usecexcache = True)
end = time.time()
print "%.2f seconds" %(end-start)
if cov is not None:
print "Coverage report stored in covhtml/"
cov.html_report(directory = 'covhtml')
os.remove('.coverage')
# return -1
# if(x>y):
# return 1
f_results = set()
# def test_f():
# i=fuzzy.mk_int('i')
# j=fuzzy.mk_int('j')
# v=f(i,j)
# print i,j,'->',v
# f_results.add(v)
def test_f():
i = fuzzy.mk_int('i')
print "test_f is called "
v = f(i)
print i, '->', v
f_results.add(v)
print 'Testing f..'
fuzzy.concolic_test(test_f, maxiter=200, verbose=10)
#f_expected = (0,-1,1,2)
f_expected = (100, 70, 80, 33, 1234, 40)
if all(x in f_results for x in f_expected):
print "Found all cases for f"
else:
print "Missing some cases for f:", set(f_expected) - set(f_results)
