search

microsoft / restler-fuzzer

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
MIT License
2.52k stars 283 forks source link

refactor compiler configs so strict deserialization can be turned on #869

Open wilbaker opened 3 months ago

wilbaker commented 3 months ago

Description

After picking up the latest RESTler, compilation is failing with the message:

ERROR: Deserialization exception: "An exception occurred during deserialization: Newtonsoft.Json.JsonSerializationException: Required property 'IncludeOptionalParameters' not found in JSON. Path '', line 8, position 1.

Previously IncludeOptionalParameters was considered optional, and https://github.com/microsoft/restler-fuzzer/blob/main/docs/user-guide/CompilerConfig.md mentions this config has a default value:

IncludeOptionalParameters True by default. When false, RESTler will only pass required parameters when trying to successfully exercise each request.

My best guess is this was introduced by #852, as this was not an error I was seeing before.

Steps to reproduce

Attempt to compile with a config that does not include IncludeOptionalParameters

Expected results

Compilation succeeds (or documentation indicates that this field is required).

Actual results

Compilation fails with the message:

ERROR: Invalid format for compiler config file config.json. Please refer to the documentation for the compiler config file format.

ERROR: Deserialization exception: "An exception occurred during deserialization: Newtonsoft.Json.JsonSerializationException: Required property 'IncludeOptionalParameters' not found in JSON. Path '', line 8, position 1.

Environment details

RESTler version 9.2.4

marina-p commented 3 months ago

Reverted the deserialization commit and updated the tags so this is no longer in the official 9.2.4 version.

marina-p commented 3 months ago

Leaving the issue open to track that the deserialization change should be merged after refactoring the compiler config to match the documented optional parameters and adding regression tests to cover the config deserialization.