RESTler's attempts to reproduce bugs add extra quotes (") for values sourced from restler_custom_payload - Githubissues

microsoft / restler-fuzzer

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.

MIT License

2.52k stars 283 forks source link

RESTler's attempts to reproduce bugs add extra quotes (") for values sourced from restler_custom_payload #879

Open wilbaker opened 3 months ago

wilbaker commented 3 months ago

Description

I recently added values to restler_custom_payload in my fuzzing dictionary files:

  "restler_custom_payload": {
      "testName": ["myTest"],
      "projectName": ["myProject"]
  },

When RESTler intially uses these values as part of a request's JSON payload, they are surrounded by a single set of double-quotes, as expected:

"organizationName":"myTest",\n            "projectName":"myProject",\n

However, after encountering a 500, RESTler will add extra " around the values:

"organizationName":""myTest"",\n            "projectName":""myProject"",\n

Steps to reproduce

Add values to restler_custom_payload that will be used by RESTler as part of a request's payload
Have the test service return 500 to RESTler, so that it will attempt to reproduce the bug

Expected results

RESTler attempts to reproduce the bug using the same values in the request

Actual results

RESTler wraps the values with an extra set of ""

Environment details

RESTler version 9.2.4