#78 Added RESTler fuzzer scripts (#81)

vityaman-edu · Apr 24, 2024 · 579a52c · 579a52c
1 parent bc1be8b
commit 579a52c
Show file tree

Hide file tree

Showing 6 changed files with 43 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -25,7 +25,6 @@ gradle :botalka:bootJar
 ### Start infrastructure
 
 ```bash
-docker compose down
 docker compose up --build --force-recreate
 ```
 
@@ -35,3 +34,9 @@ docker compose up --build --force-recreate
 docker exec -it lms-database bash
 psql -h localhost -p 5432 -d $POSTGRES_DB -U $POSTGRES_USER
 ```
+
+### Connect to fuzzer
+
+```bash
+docker exec -it lms-fuzzer sh
+```
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -24,6 +24,18 @@ services:
       POSTGRES_PASSWORD: postgres
     networks:
       - lms-network
+  fuzzer:
+    container_name: lms-fuzzer
+    image: restler
+    stdin_open: true
+    tty: true
+    restart: always
+    volumes:
+      - .:/lms
+    networks:
+      - lms-network
+    profiles:
+      - fuzzing
 networks:
   lms-network:
     driver: bridge
diff --git a/fuzzing/analyze.sh b/fuzzing/analyze.sh
@@ -0,0 +1,6 @@
+#!/usr/bin/env sh
+
+RESTler/resultsAnalyzer/Restler.ResultsAnalyzer analyze /Fuzz/RestlerResults
+
+less runSummary.json
+less errorBuckets.json
diff --git a/fuzzing/compile.sh b/fuzzing/compile.sh
@@ -0,0 +1,5 @@
+#!/usr/bin/env sh
+
+API_SPEC=lms/botalka/src/main/resources/static/openapi/api.yml
+RESTler/restler/Restler compile \
+  --api_spec $API_SPEC
diff --git a/fuzzing/fuzz.sh b/fuzzing/fuzz.sh
@@ -0,0 +1,6 @@
+#!/usr/bin/env sh
+
+RESTler/restler/Restler fuzz \
+  --settings lms/fuzzing/settings.json \
+  --grammar_file Compile/grammar.py \
+  --dictionary_file Compile/dict.json
diff --git a/fuzzing/settings.json b/fuzzing/settings.json
@@ -0,0 +1,8 @@
+{
+  "host": "lms-botalka",
+  "target_port": 8080,
+  "no_ssl": true,
+  "custom_non_bug_codes": ["400"],
+  "fuzzing_mode": "random-walk",
+  "time_budget": 1
+}