Skip to content

Improve mutation API in Fuzzing Platform#2296

Merged
Markoutte merged 5 commits into
mainfrom
pelevin/evil-regexes
Jun 20, 2023
Merged

Improve mutation API in Fuzzing Platform#2296
Markoutte merged 5 commits into
mainfrom
pelevin/evil-regexes

Conversation

@Markoutte

Copy link
Copy Markdown
Collaborator

Description

Fixes #2294

This PR isolates mutation API. RegexValue now is a subclass of StringValue that gives to regex values all string mutations. Before, regexes were mutated by generating only a new correct input for regex. After this change it is possible to generate some bad inputs for regex, when input string is processed too long.

Also, all mutations with collections and recursions are moved under a Mutation interface. In the future, these mutations can be collected and chosen by fuzzing process to get better results.

How to test

Automated tests

All fuzzing tests should pass.

Manual tests

Try generate tests with only fuzzing for this example:

    public static boolean test(String str) {
        if (Pattern.compile("'(''|\\\\\\\\|\\\\'|[^'])*'").matcher(str).matches()) {
            return true;
        }
        return false;
    }

It should find some bad results (when timeout is over) with different settings of a test timeout.

Self-check list

  • I've set the proper labels for my PR (at least, for category and component).
  • PR title and description are clear and intelligible.
  • I've added enough comments to my code, particularly in hard-to-understand areas.
  • The functionality I've repaired, changed or added is covered with automated tests.
  • Manual tests have been provided optionally.
  • The documentation for the functionality I've been working on is up-to-date.

@Markoutte Markoutte added ctg-refactoring Issue related to refactoring process comp-fuzzing Issue is related to the fuzzing labels Jun 19, 2023
@Markoutte Markoutte merged commit bc039df into main Jun 20, 2023
@Markoutte Markoutte deleted the pelevin/evil-regexes branch June 20, 2023 09:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

comp-fuzzing Issue is related to the fuzzing ctg-refactoring Issue related to refactoring process

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Use fuzzing for searching ReDoS attack opportunities

2 participants