S3 Fuzzer: Write Decision Graph

Start writing the decision graph describing the fuzzer's attack surface in
earnest.

diff --git a/request_decision_graph.yml b/request_decision_graph.yml
index 0d686bbc6a6f305dbc406a531d6e2c5f1b8c3ea0..5e8069f6fb7638caaa7cea0e22cbccf69f37ada2 100644 (file)
--- a/request_decision_graph.yml
+++ b/request_decision_graph.yml
@@ -1,22 +1,133 @@
 start:
     set: {}
-    choice:
+    choices:
         - bucket
 
 bucket:
     set:
         urlpath: /{bucket}
-    choice:
-        - bucket_get
-        - bucket_put
-        - bucket_delete
+    choices:
+        - 13 bucket_get
+        - 8 bucket_put
+        - 5 bucket_delete
+        - bucket_garbage
+
+garbage_method:
+    set:
+        method:
+            - {random 1-100 printable}
+            - {random 10-100 binary}
+        urlpath:
+            - /{bucket}
+            - /{bucket}/{object}
+            - {random 10-1000 binary}
+    choices:
+        - bucket_get_simple
+        - bucket_get_filtered
+        - bucket_get_uploads
+        - bucket_put_create
+        - bucket_put_versioning
+        - bucket_put_simple
 
 bucket_delete:
     set:
         method: DELETE
+        bucket:
+            - {bucket_writable}
+            - {bucket_not_writable}
+            - {random 10-3000 printable}
+            - {random 10-1000 binary}
         query:
             - null
             - policy
             - website
-    choice: []
+            - {random 2-20 printable}
+            - {random 10-1000 binary}
+    choices: []
+
+bucket_get:
+    set:
+        method: GET
+        bucket:
+            - {bucket_readable}
+            - {bucket_not_readable}
+            - {random 10-3000 printable}
+            - {random 10-1000 binary}
+    choices:
+        - 11 bucket_get_simple
+        - bucket_get_filtered
+        - bucket_get_uploads
+
+bucket_get_simple:
+    set:
+        query:
+            - acl
+            - policy
+            - location
+            - logging
+            - notification
+            - versions
+            - requestPayment
+            - versioning
+            - website
+            - {random 2-20 printable}
+            - {random 10-1000 binary}
+    choices: []
+
+bucket_get_uploads:
+    set:
+        query:
+            -
+    choices: []
+
+bucket_get_filtered:
+    set:
+        delimiter:
+            - 'delimiter={random 10-50 binary}'
+            - 'delimiter={random 1000-3000 printable}'
+        prefix:
+            - 'prefix={random 10-50 binary}'
+            - 'prefix={random 100-3000 printable}'
+        marker:
+            - 'marker={object_readable}'
+            - 'marker={object_not_readable}'
+            - 'marker={invalid_key}'
+            - 'marker={random 100-1000 printable}'
+        max_keys:
+            - 'max-keys={random 1-5 binary}'
+            - 'max-keys={random 1-1000 digits}'
+        query:
+            - null
+            - '{delimiter}&{prefix}'
+            - '{max-keys}&{marker}'
+            - {random 10-1000 printable}
+            - {random 10-1000 binary}
+    choices: []
+
+bucket_put:
+    set:
+        bucket:
+            - {bucket_writable}
+            - {bucket_not_writable}
+            - {random 10-3000 printable}
+            - {random 10-1000 binary}
+        method: PUT
+    choices:
+        - bucket_put_simple
+        - bucket_put_create
+        - bucket_put_versioning
+
+bucket_put_create:
+    set:
+        body:
+            - {random 3000 printable}
+            - {random 10-3000 binary}
+            - '<CreateBucketConfiguration><LocationConstraint>{random 2-10 binary}</LocationConstraint></CreateBucketConfiguration>'
+        acl:
+            - private
+            - {random 3000 letters}
+            - {random 100-1000 binary}
+    headers:
+        - ['0-1', 'x-amz-acl', '{acl}']
+    choices: []
 

diff --git a/s3tests/functional/test_fuzzer.py b/s3tests/functional/test_fuzzer.py
index fae6c901088d9fdd670447bd4660d7b499961178..46649ef72a78019b230fdcca735b557eb344147f 100644 (file)
--- a/s3tests/functional/test_fuzzer.py
+++ b/s3tests/functional/test_fuzzer.py
@@ -140,6 +140,7 @@ def test_SpecialVariables_dict():
     eq(tester['foo'], 'bar')
     eq(tester['random 10-15 printable'], '[/pNI$;92@')
 
+
 def test_SpecialVariables_binary():
     prng = random.Random(1)
     tester = SpecialVariables({}, prng)

diff --git a/s3tests/fuzz_headers.py b/s3tests/fuzz_headers.py
index 026e947fdd69ba4c40b435f9966484ee99d71836..092a53d74f709f6a4b528d8bcc98989991196bd3 100644 (file)
--- a/s3tests/fuzz_headers.py
+++ b/s3tests/fuzz_headers.py
@@ -126,7 +126,8 @@ class SpecialVariables(dict):
         'binary': 'binary',
         'printable': string.printable,
         'punctuation': string.punctuation,
-        'whitespace': string.whitespace
+        'whitespace': string.whitespace,
+        'digits': string.digits
     }
 
     def __init__(self, orig_dict, prng):
@@ -168,7 +169,6 @@ class SpecialVariables(dict):
             return tmpstring.replace('{', '{{').replace('}', '}}')
 
 
-
 def parse_options():
     parser = OptionParser()
     parser.add_option('-O', '--outfile', help='write output to FILE. Defaults to STDOUT', metavar='FILE')
@@ -210,11 +210,13 @@ def _main():
 
     constants = {
         'bucket_readable': 'TODO',
+        'bucket_not_readable': 'TODO',
         'bucket_writable' : 'TODO',
-        'bucket_nonexistant' : 'TODO',
+        'bucket_not_writable' : 'TODO',
         'object_readable' : 'TODO',
+        'object_not_readable' : 'TODO',
         'object_writable' : 'TODO',
-        'object_nonexistant' : 'TODO'
+        'object_not_writable' : 'TODO',
     }
 
     for request_seed in request_seeds: