RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
MIT License
2.52k
stars
283
forks
source link
Bump fastapi version to resolve security alert #856
A few app issues needed to be fixed as part of this upgrade:
1) Use union type to be able to return None and trigger one of the planted bugs 2) Work around OverflowError: Python int too large to convert to SQLite INTEGER
3) adjust baseline since 500 is no longer getting returned after pydantic upgrade
The payload {"body":0} now generates a well-formed error response before reaching the demo_server implementation
Also bump sqlmodel version
A few app issues needed to be fixed as part of this upgrade:
1) Use union type to be able to return None and trigger one of the planted bugs 2) Work around OverflowError: Python int too large to convert to SQLite INTEGER
3) adjust baseline since 500 is no longer getting returned after pydantic upgrade
The payload {"body":0} now generates a well-formed error response before reaching the demo_server implementation
4) Update baseline for use after free checker
This checker now returns a 500