search

microsoft / restler-fuzzer

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
MIT License
2.52k stars 284 forks source link

Annotation with json pointer doesn't work if top level object is an array #789

Open gustawx opened 12 months ago

gustawx commented 12 months ago

Description

Annotation with json pointer doesn't work if top level object is an array

Let's say I have an endpoint GET /my/endpoint/items that returns response:

[
    {
        "name1": {
            "id": "id1",
            "attribute": "something here"
        },
        "items": []
    },
    {
        "name2": {
            "id": "id2",
            "attribute": "something here"
        },
        "items": []
    },
    {
        "name3": {
            "id": "id3",
            "attribute": "something here"
        },
        "items": [
            "i_want": {
                "my_param": "value"
            }
        ]
    }
]

in annotation.json I specify the attribute value that I want to extract

{
    "x-restler-global-annotations": [
        {
            "producer_endpoint": "/my/endpoint/items",
            "producer_resource_name": "/[2]/items/[0]/i_want/my_param",
            "producer_method": "GET",
            "consumer_endpoint": "/my/another/endpoint/{my_param}"
            "consumer_method": "GET",
            "consumer_param": "my_param",
            "description": "dummy description",
        }
    ]
}

in dependecies_debug.json I can see:

"annotation": {
        "producerId": {
          "endpoint": "/my/endpoint/items",
          "method": "Get"
        },
        "consumerId": {
          "endpoint": "/my/another/endpoint/{my_param}",
          "method": "Get"
        },
        "producerParameter": {
          "ResourcePath": {
            "path": [
              "[2]",
              "items",
              "[0]",
              "i_want",
              "my_param"
            ]
          }
        },
        "consumerParameter": {
          "ResourceName": "my_param"
        }
      }

However after compilation in grammar.py as well as in dendencies.json there is nothing related to this configuration. After running restler in test mode value of my_param is not considered in the consumer URL

my config file:

{
  "SwaggerSpecConfig": [
    {
        "SpecFilePath": "./openapi-spec.yml"
    }
],
  "CustomDictionaryFilePath": "./dict.json",
  "AnnotationFilePath": "./annotation.json",
  "IncludeOptionalParameters": true,
  "UseHeaderExamples": true,
  "UsePathExamples": false,
  "UseQueryExamples": true,
  "UseBodyExamples": true,
  "UseAllExamplePayloads": false,
  "DiscoverExamples": false,
  "ExamplesDirectory": "",
  "DataFuzzing": true,
  "ReadOnlyFuzz": false,
  "ResolveQueryDependencies": true,
  "ResolveBodyDependencies": true,
  "ResolveHeaderDependencies": true,
  "UseRefreshableToken": true,
  "AllowGetProducers": true,
  "TrackFuzzedParameterNames": false
}

Steps to reproduce

Please see the description

Expected results

my_param from response body from GET /my/endpoint/items is used as path param in another endpoint GET /my/another/endpoint/{my_param}

Actual results

my_param is not extracted (ignored?)

Environment details

No response