CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with minimum configuration and no coding effort. Tests are self-healing and do not require maintenance.
Apache License 2.0
1.11k
stars
76
forks
source link
[Functional Fuzzing] Output parameters used as strings instead of integers #96
Describe the bug
I'm using a functional fuzzer, and the output are always used as strings even if integers are expected.
/product/{productId}:
getproduct:
httpMethod: GET
description: XXXX
expectedResponseCode: 200
productId: 123
output:
product_id: id
quote_id: quotes[0]#id
/quotation:
create:
httpMethod: POST
description: XXX
expectedResponseCode: 201
items[0]#product: ${product_id}
items[0]#quote: ${quote_id}
items[1]: "cats_remove_field"
Unfortunatly, the ${product_id} and ${quote_id} are replaced by "1234" instead of 1234.
In the open api description, they are described as an integer, and if I let cats generate the values, it puts integers.
Expected behaviour
The variables should be cast to the expected type according to the open api documentation
Environment:
Key | Value
------------- | --------------------
OS Name | Mac OS X
OS Version | 12.6.2
OS Arch | x86_64
Binary Type | uber-jar
Cats Version | 10.4.1
Cats Build | 2024-01-16T06:46:02Z
Term Width | 109
Term Type | xterm-256color
Shell | /usr/local/bin/zsh
Describe the bug I'm using a functional fuzzer, and the output are always used as
strings
even ifintegers
are expected.Unfortunatly, the ${product_id} and ${quote_id} are replaced by
"1234"
instead of1234
. In the open api description, they are described as an integer, and if I let cats generate the values, it puts integers.Expected behaviour The variables should be cast to the expected type according to the open api documentation
Environment:
Thank you :)