RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
MIT License
2.52k
stars
284
forks
source link
Fix crash when configuring test all combinations #790
When one of the requests (e.g. DELETE) does not have an example payload, and testing all example payloads is configured in the engine settings, RESTler crashes [1].
The fix is to only mark combinations tested after at least one combination was found.
Exception in thread Garbage Collector:
Traceback (most recent call last):
File "C:\Users\marinapo\AppData\Local\Programs\Python\Python39\lib\threading.py", line 980, in _bootstrap_inner
self.run()
File "D:\restlerdrop\main\engine\engine\dependencies.py", line 627, in run
self._garbage_collector.run()
File "D:\restlerdrop\main\engine\engine\dependencies.py", line 339, in run
self.do_garbage_collection()
File "D:\restlerdrop\main\engine\engine\dependencies.py", line 429, in do_garbage_collection
self.apply_destructors(destructors)
File "D:\restlerdrop\main\engine\engine\dependencies.py", line 562, in apply_destructors
deleted_list = process_overflowing()
File "D:\restlerdrop\main\engine\engine\dependencies.py", line 514, in process_overflowing
rendereddata, , , = destructor.\
File "D:\restlerdrop\main\engine\engine\core\requests.py", line 1276, in render_current
return next(self.render_iter(candidate_values_pool,
When one of the requests (e.g. DELETE) does not have an example payload, and testing all example payloads is configured in the engine settings, RESTler crashes [1].
The fix is to only mark combinations tested after at least one combination was found.
Exception in thread Garbage Collector: Traceback (most recent call last): File "C:\Users\marinapo\AppData\Local\Programs\Python\Python39\lib\threading.py", line 980, in _bootstrap_inner self.run() File "D:\restlerdrop\main\engine\engine\dependencies.py", line 627, in run self._garbage_collector.run() File "D:\restlerdrop\main\engine\engine\dependencies.py", line 339, in run self.do_garbage_collection() File "D:\restlerdrop\main\engine\engine\dependencies.py", line 429, in do_garbage_collection self.apply_destructors(destructors) File "D:\restlerdrop\main\engine\engine\dependencies.py", line 562, in apply_destructors deleted_list = process_overflowing() File "D:\restlerdrop\main\engine\engine\dependencies.py", line 514, in process_overflowing rendereddata, , , = destructor.\ File "D:\restlerdrop\main\engine\engine\core\requests.py", line 1276, in render_current return next(self.render_iter(candidate_values_pool,
Testing: manual testing