search

Yelp / fuzz-lightyear

A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos engineering testing and stateful, Swagger fuzzing.
Other
205 stars 25 forks source link

Allow endpoint specific fixtures #7

Closed domanchi closed 3 years ago

domanchi commented 5 years ago

Issue

With some swagger specifications, there are "conflicting" input parameter names. That is, two endpoints may take in an id, but they refer to different IDs. With the current setup, we would not be able to support this case, because you can only register a factory that maps to a parameter name -- and the same factory would be used for both IDs.

Solution

Provide a keyword-only interface to specify a list of test cases the factory applies to. e.g.

@fuzz_lightyear.register_factory(
    'businessID',
    endpoints='basic.get_public_listing, basic.get_private_listing',
)
def create_business():
    return 1

The precedence order would need to be adjusted as follows:

  1. Factories with specific, applicable endpoints
  2. General factories without specific endpoints
  3. Default fuzzing behavior

Furthermore, the endpoints parsing logic should support the same use case as factory registration. That is, it should allow for comma separated values, as well as a list of values to handle.

OiCMudkips commented 4 years ago

slack-github integration test comment

domanchi commented 4 years ago

In a quick examination of this issue, it looks like we need to make changes to current fundamental assumptions. Specifically, fuzzer.py has no concept of which endpoints that it's currently fuzzing for, nor do the factories that are subscribed (https://github.com/Yelp/fuzz-lightyear/blob/master/fuzz_lightyear/fuzzer.py#L223).

Care should be taken when approaching this issue.