RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
MIT License
2.52k
stars
283
forks
source link
JSON Pointers array indexes used in restler are not compliant with RFC 6901 #816
Restler exploits JSON pointers in OAS files in the Link objects and in the custom annotations, but the examples and the parsing seem to use a different syntax with respect to the one defined in the RFC 6901.
In particular the array indexes are surrounded by square brackets while the RFC doesn't allow them.
o If the currently referenced value is a JSON array, the reference
token MUST contain either:
* characters comprised of digits (see ABNF below; note that
leading zeros are not allowed) that represent an unsigned
base-10 integer value, making the new referenced value the
array element with the zero-based index identified by the
token, or
* exactly the single character "-", making the new referenced
value the (nonexistent) member after the last array element.
The ABNF syntax for array indices is:
array-index = %x30 / ( %x31-39 *(%x30-39) )
; "0", or digits without a leading "0"
Description
Restler exploits JSON pointers in OAS files in the
Link
objects and in the custom annotations, but the examples and the parsing seem to use a different syntax with respect to the one defined in the RFC 6901. In particular the array indexes are surrounded by square brackets while the RFC doesn't allow them.Steps to reproduce
Compile an OpenAPI spec having a link like this
It will be ignored by restler.
While a (non-standard) link like this will be used by restler: