def _find_delay_in_mutant(self, mutant, delay_obj, debugging_id):
"""
Try to delay the response and save a vulnerability if successful
:param mutant: The mutant to modify and test
:param delay_obj: The delay to use
:param debugging_id: The debugging ID for logging
"""
adc = AproxDelayController(mutant,
delay_obj,
self._uri_opener,
delay_setting=EXPONENTIALLY)
adc.set_debugging_id(debugging_id)
success, responses = adc.delay_is_controlled()
if not success:
return
# Now I can be sure that I found a vuln, we control the
# response time with the delay
desc = 'ReDoS was found at: %s' % mutant.found_at()
response_ids = [r.id for r in responses]
v = Vuln.from_mutant('ReDoS vulnerability', desc, severity.MEDIUM,
response_ids, self.get_name(), mutant)
self.kb_append_uniq(self, 'redos', v)
