def test_get_all_uniq_ids_iter(self):
i1 = MockInfo()
kb.append('a', 'b', i1)
uniq_ids = [u for u in kb.get_all_uniq_ids_iter()]
self.assertEqual(uniq_ids, [i1.get_uniq_id()])
def test_get_all_uniq_ids_iter_include_ids(self):
i1 = MockInfo()
kb.append('a', 'b', i1)
uniq_ids = [u for u in kb.get_all_uniq_ids_iter(include_ids=[i1.get_uniq_id()])]
self.assertEqual(uniq_ids, [i1.get_uniq_id()])
def test_add(self):
i1 = MockInfo(ids=1)
i2 = MockInfo(ids=2)
iset = InfoSet([i1])
added = iset.add(i2)
self.assertEqual(iset.get_id(), [1, 2])
self.assertTrue(added)
def test_eq(self):
i = MockInfo()
iset1 = InfoSet([i])
i = MockInfo()
iset2 = InfoSet([i])
self.assertEqual(iset1, iset2)
def test_return_all_for_plugin(self):
i1 = MockInfo()
i2 = MockInfo()
i3 = MockInfo()
kb.append('a', 'b', i1)
kb.append('a', 'b', i2)
kb.append('a', 'b', i3)
self.assertEqual(kb.get('a', 'b'), [i1, i2, i3])
def test_observer_update(self):
observer1 = Mock()
info = MockInfo()
kb.add_observer(observer1)
kb.append('a', 'b', info)
old_info = copy.deepcopy(info)
info.set_name('new name')
kb.update(old_info, info)
observer1.update.assert_called_once_with(old_info, info)
def test_observer_update(self):
observer1 = Mock()
info = MockInfo()
kb.add_observer(observer1)
kb.append('a', 'b', info)
old_info = copy.deepcopy(info)
info.set_name('new name')
kb.update(old_info, info)
observer1.update.assert_called_once_with(old_info, info)
def test_append(self):
i1 = MockInfo()
i2 = MockInfo()
i3 = MockInfo()
kb.append('a', 'b', i1)
kb.append('a', 'b', i1)
kb.append('a', 'b', i1)
kb.append('a', 'b', i2)
kb.append('a', 'b', i3)
self.assertEqual(kb.get('a', 'b'), [i1, i1, i1, i2, i3])
def test_add_more_than_max(self):
i1 = MockInfo(ids=1)
i2 = MockInfo(ids=2)
iset = InfoSet([i1])
iset.MAX_INFO_INSTANCES = 2
added = iset.add(i1)
self.assertTrue(added)
added = iset.add(i2)
self.assertFalse(added)
def test_append_uniq_var_bug_10Dec2012(self):
i1 = MockInfo()
i1.set_uri(URL('http://moth/abc.html'))
i1.set_var('id')
i2 = MockInfo()
i2.set_uri(URL('http://moth/abc.html'))
i2.set_var('id')
kb.append_uniq('a', 'b', i1)
kb.append_uniq('a', 'b', i2)
self.assertEqual(kb.get('a', 'b'), [i1, ])
def test_match_same_itag(self):
"""
https://github.com/andresriancho/w3af/issues/10286
"""
itag_1 = 'hello'
i1 = MockInfo(ids=1)
i1[itag_1] = 1
iset_1 = InfoSet([i1])
iset_1.ITAG = itag_1
i2 = MockInfo(ids=2)
i2[itag_1] = 1
self.assertTrue(iset_1.match(i2))
def test_save_append(self):
"""
Although calling raw_write and then append is highly discouraged,
someone would want to use it.
"""
i0 = MockInfo()
self.assertRaises(TypeError, kb.raw_write, 'a', 'b', i0)
i1 = MockInfo()
i2 = MockInfo()
kb.append('a', 'b', i1)
kb.append('a', 'b', i2)
self.assertEqual(kb.get('a', 'b'), [i1, i2])
def test_match_different_itag(self):
"""
https://github.com/andresriancho/w3af/issues/10286
"""
itag_1 = 'hello'
i1 = MockInfo(ids=1)
i1[itag_1] = 1
iset_1 = InfoSet([i1])
iset_1.ITAG = itag_1
itag_2 = 'world'
i2 = MockInfo(ids=2)
i2[itag_2] = 2
self.assertFalse(iset_1.match(i2))
def test_get_by_uniq_id_duplicated_ignores_second(self):
"""
TODO: Analyze this case, i1 and i2 have both the same ID because they
have all the same information (this is very very uncommon in a
real w3af run).
Note that in the get_by_uniq_id call i2 is not returned.
"""
i1 = MockInfo()
i2 = MockInfo()
kb.append('a', 'b', i1)
kb.append('a', 'b', i2)
i1_copy = kb.get_by_uniq_id(i1.get_uniq_id())
self.assertEqual(i1_copy, i1)
def test_deepcopy(self):
i = MockInfo()
iset1 = InfoSet([i])
iset1_copy = copy.deepcopy(iset1)
self.assertEqual(iset1.get_uniq_id(), iset1_copy.get_uniq_id())
def test_get_all_uniq_ids_iter_include_ids_false(self):
i1 = MockInfo()
kb.append('a', 'b', i1)
uniq_ids = [u for u in kb.get_all_uniq_ids_iter(include_ids=[str(uuid.uuid4())])]
self.assertEqual(uniq_ids, [])
def test_pickleable_info(self):
original_info = MockInfo()
kb.append('a', 'b', original_info)
unpickled_info = kb.get('a', 'b')[0]
self.assertEqual(original_info, unpickled_info)
def test_append_save(self):
i1 = MockInfo()
kb.append('a', 'b', i1)
kb.raw_write('a', 'b', 3)
self.assertEqual(kb.raw_read('a', 'b'), 3)
def test_pickle(self):
i = MockInfo()
iset1 = InfoSet([i])
pickled_iset1 = cpickle_dumps(iset1)
iset1_clone = loads(pickled_iset1)
self.assertEqual(iset1.get_uniq_id(), iset1_clone.get_uniq_id())
def test_get_desc_urls(self):
i1 = MockInfo()
i1.set_url(URL('http://w3af.org/1'))
i2 = MockInfo()
i2.set_url(URL('http://w3af.org/2'))
tiset = TemplatedInfoSetPrintUri([i1, i2])
expected = u' - http://w3af.org/2\n - http://w3af.org/1\n'
self.assertEqual(tiset.get_desc(), expected)
def test_get_desc_template_special_chars_unicode(self):
i1 = MockInfo()
i1.set_url(URL('http://w3af.org/1'))
i2 = MockInfo()
i2.set_url(URL('http://w3af.org/2\xc3\xb6'))
tiset = TemplatedInfoSetPrintUri([i1, i2])
expected = u' - http://w3af.org/1\n - http://w3af.org/2ö\n'
self.assertEqual(tiset.get_desc(), expected)
def test_get_desc_template_info_attr_access(self):
value = 'Yuuup!'
i = MockInfo()
i['tag'] = value
iset = InfoSet([i])
iset.TEMPLATE = '{{ tag }}'
self.assertEqual(iset.get_desc(), value)
def test_observer_append(self):
observer1 = Mock()
info = MockInfo()
kb.add_observer(observer1)
kb.append('a', 'b', info)
observer1.append.assert_called_once_with('a', 'b', info,
ignore_type=False)
def test_types_observer(self):
observer = Mock()
info_inst = MockInfo()
kb.add_types_observer(Info, observer)
kb.append('a', 'b', info_inst)
observer.assert_called_once_with('a', 'b', info_inst)
observer.reset_mock()
info_inst = MockInfo()
kb.append('a', 'c', info_inst)
observer.assert_called_with('a', 'c', info_inst)
observer.reset_mock()
# Should NOT call it because it is NOT an Info instance
some_int = 3
kb.raw_write('a', 'd', some_int)
self.assertEqual(observer.call_count, 0)
def test_all_of_info_vuln(self):
i1 = MockInfo()
i2 = MockInfo()
v1 = MockVuln()
v2 = MockVuln()
iset = InfoSet([i2])
vset = InfoSet([v2])
kb.append('a', 'b', i1)
kb.append('w', 'z', iset)
kb.append('x', 'y', v1)
kb.append('4', '2', vset)
self.assertEqual(kb.get_all_vulns(), [v1, vset])
self.assertEqual(kb.get_all_infos(), [i1, iset])
self.assertEqual(kb.get_all_findings(), [i1, iset, v1, vset])
def test_update_info(self):
info = MockInfo()
kb.append('a', 'b', info)
update_info = copy.deepcopy(info)
update_info.set_name('a')
update_uniq_id = update_info.get_uniq_id()
kb.update(info, update_info)
self.assertNotEqual(update_info, info)
self.assertEqual(update_info, kb.get_by_uniq_id(update_uniq_id))
def test_observer_all(self):
observer = Mock()
kb.add_observer(None, None, observer)
kb.raw_write('a', 'b', 1)
observer.assert_called_once_with('a', 'b', 1)
observer.reset_mock()
i = MockInfo()
kb.append('a', 'c', i)
observer.assert_called_with('a', 'c', i)
def test_all_of_info_exclude_ids(self):
i1 = MockInfo()
i2 = MockInfo()
v1 = MockVuln()
v2 = MockVuln()
iset = InfoSet([i2])
vset = InfoSet([v2])
kb.append('a', 'b', i1)
kb.append('w', 'z', iset)
kb.append('x', 'y', v1)
kb.append('4', '2', vset)
all_findings = kb.get_all_findings()
all_findings_except_v1 = kb.get_all_findings(exclude_ids=(v1.get_uniq_id(),))
all_findings_except_v1_v2 = kb.get_all_findings(exclude_ids=(v1.get_uniq_id(), vset.get_uniq_id()))
self.assertEqual(all_findings, [i1, iset, v1, vset])
self.assertEqual(all_findings_except_v1, [i1, iset, vset])
self.assertEqual(all_findings_except_v1_v2, [i1, iset])
def test_get_desc_urls(self):
i1 = MockInfo()
i1.set_url(URL('http://w3af.org/1'))
i2 = MockInfo()
i2.set_url(URL('http://w3af.org/2'))
tiset = TemplatedInfoSetPrintUri([i1, i2])
expected = u' - http://w3af.org/2\n - http://w3af.org/1\n'
self.assertEqual(tiset.get_desc(), expected)
def test_get_desc_template_special_chars_unicode(self):
i1 = MockInfo()
i1.set_url(URL('http://w3af.org/1'))
i2 = MockInfo()
i2.set_url(URL('http://w3af.org/2\xc3\xb6'))
tiset = TemplatedInfoSetPrintUri([i1, i2])
expected = u' - http://w3af.org/1\n - http://w3af.org/2ö\n'
self.assertEqual(tiset.get_desc(), expected)
def test_observer_location_b(self):
observer = Mock()
kb.add_observer('a', 'b', observer)
kb.raw_write('a', 'b', 1)
observer.assert_called_once_with('a', 'b', 1)
observer.reset_mock()
# Shouldn't call the observer
kb.raw_write('a', 'xyz', 1)
self.assertFalse(observer.called)
i = MockInfo()
kb.append('a', 'b', i)
observer.assert_called_with('a', 'b', i)
def test_raw_read_error(self):
kb.append('a', 'b', MockInfo())
kb.append('a', 'b', MockInfo())
self.assertRaises(RuntimeError, kb.raw_read,'a', 'b')
def test_get_by_uniq_id(self):
i1 = MockInfo()
kb.append('a', 'b', i1)
i1_copy = kb.get_by_uniq_id(i1.get_uniq_id())
self.assertEqual(i1_copy, i1)
def test_append_uniq_url_different(self):
i1 = MockInfo()
i1.set_uri(URL('http://moth/abc.html?id=1'))
i1.set_dc(QueryString([('id', ['1'])]))
i1.set_token(('id', 0))
i2 = MockInfo()
i2.set_uri(URL('http://moth/def.html?id=3'))
i2.set_dc(QueryString([('id', ['3'])]))
i2.set_token(('id', 0))
kb.append_uniq('a', 'b', i1, filter_by='URL')
kb.append_uniq('a', 'b', i2, filter_by='URL')
self.assertEqual(kb.get('a', 'b'), [i1, i2])
def test_append_uniq_url_uniq(self):
i1 = MockInfo()
i1.set_uri(URL('http://moth/abc.html?id=1'))
i1.set_dc(QueryString([('id', '1')]))
i1.set_var('id')
i2 = MockInfo()
i2.set_uri(URL('http://moth/abc.html?id=3'))
i2.set_dc(QueryString([('id', '3')]))
i2.set_var('id')
kb.append_uniq('a', 'b', i1, filter_by='URL')
kb.append_uniq('a', 'b', i2, filter_by='URL')
self.assertEqual(kb.get('a', 'b'), [i1,])
def test_append_uniq_var_default(self):
i1 = MockInfo()
i1.set_uri(URL('http://moth/abc.html?id=1'))
i1.set_dc(QueryString([('id', ['1'])]))
i1.set_token(('id', 0))
i2 = MockInfo()
i2.set_uri(URL('http://moth/abc.html?id=3'))
i2.set_dc(QueryString([('id', ['3'])]))
i2.set_token(('id', 0))
kb.append_uniq('a', 'b', i1)
kb.append_uniq('a', 'b', i2)
self.assertEqual(kb.get('a', 'b'), [i1, ])
def test_append_uniq_var_not_uniq_diff_token_name_three(self):
i1 = MockInfo()
i1.set_uri(URL('http://moth/abc.html?id=1&foo=bar'))
i1.set_dc(QueryString([('id', ['1']),
('foo', ['bar'])]))
i1.set_token(('id', 0))
i2 = MockInfo()
i2.set_uri(URL('http://moth/abc.html?id=1&foo=bar'))
i2.set_dc(QueryString([('id', ['3']),
('foo', ['bar'])]))
i2.set_token(('foo', 0))
# This instance duplicates i2
i3 = MockInfo()
i3.set_uri(URL('http://moth/abc.html?id=1&foo=bar'))
i3.set_dc(QueryString([('id', ['3']),
('foo', ['bar'])]))
i3.set_token(('foo', 0))
kb.append_uniq('a', 'b', i1)
kb.append_uniq('a', 'b', i2)
kb.append_uniq('a', 'b', i3)
self.assertEqual(kb.get('a', 'b'), [i1, i2])