Skip to content

Commit

Permalink
Doc update
Browse files Browse the repository at this point in the history
  • Loading branch information
andreas-zeller committed Oct 22, 2023
1 parent bd4f520 commit b4d3401
Show file tree
Hide file tree
Showing 259 changed files with 59,524 additions and 26,672 deletions.
8 changes: 5 additions & 3 deletions docs/beta/404.html
Original file line number Diff line number Diff line change
Expand Up @@ -11904,7 +11904,7 @@
<li><a href="/html/Reducer.html">Reducing Failure-Inducing Inputs</a></li>
</ul><li class="has-sub"><a href="/html/04_Semantical_Fuzzing.html" class="chapters"><span class="part_number">IV</span> Semantic Fuzzing <i class="fa fa-fw fa-caret-right"></i></a>
<ul>
<li><a href="/html/FuzzingWithConstraints.html">Fuzzing with Constraints <strong class="new_chapter">&bull;</strong></a></li>
<li><a href="/html/FuzzingWithConstraints.html">Fuzzing with Constraints</a></li>
<li><a href="/html/GrammarMiner.html">Mining Input Grammars</a></li>
<li><a href="/html/InformationFlow.html">Tracking Information Flow</a></li>
<li><a href="/html/ConcolicFuzzer.html">Concolic Fuzzing</a></li>
Expand All @@ -11915,6 +11915,7 @@
<li><a href="/html/ConfigurationFuzzer.html">Testing Configurations</a></li>
<li><a href="/html/APIFuzzer.html">Fuzzing APIs</a></li>
<li><a href="/html/Carver.html">Carving Unit Tests</a></li>
<li><a href="/html/PythonFuzzer.html">Testing Compilers <strong class="new_chapter">&bull;</strong></a></li>
<li><a href="/html/WebFuzzer.html">Testing Web Applications</a></li>
<li><a href="/html/GUIFuzzer.html">Testing Graphical User Interfaces</a></li>
</ul><li class="has-sub"><a href="/html/06_Managing_Fuzzing.html" class="chapters"><span class="part_number">VI</span> Managing Fuzzing <i class="fa fa-fw fa-caret-right"></i></a>
Expand Down Expand Up @@ -12019,7 +12020,7 @@
<li><a href="/html/Reducer.html">Reducing Failure-Inducing Inputs</a></li>
</ul><li class="has-sub"><a href="/html/04_Semantical_Fuzzing.html" class="chapters"><span class="part_number">IV</span> Semantic Fuzzing <i class="fa fa-fw fa-caret-right"></i></a>
<ul>
<li><a href="/html/FuzzingWithConstraints.html">Fuzzing with Constraints <strong class="new_chapter">&bull;</strong></a></li>
<li><a href="/html/FuzzingWithConstraints.html">Fuzzing with Constraints</a></li>
<li><a href="/html/GrammarMiner.html">Mining Input Grammars</a></li>
<li><a href="/html/InformationFlow.html">Tracking Information Flow</a></li>
<li><a href="/html/ConcolicFuzzer.html">Concolic Fuzzing</a></li>
Expand All @@ -12030,6 +12031,7 @@
<li><a href="/html/ConfigurationFuzzer.html">Testing Configurations</a></li>
<li><a href="/html/APIFuzzer.html">Fuzzing APIs</a></li>
<li><a href="/html/Carver.html">Carving Unit Tests</a></li>
<li><a href="/html/PythonFuzzer.html">Testing Compilers <strong class="new_chapter">&bull;</strong></a></li>
<li><a href="/html/WebFuzzer.html">Testing Web Applications</a></li>
<li><a href="/html/GUIFuzzer.html">Testing Graphical User Interfaces</a></li>
</ul><li class="has-sub"><a href="/html/06_Managing_Fuzzing.html" class="chapters"><span class="part_number">VI</span> Managing Fuzzing <i class="fa fa-fw fa-caret-right"></i></a>
Expand Down Expand Up @@ -12133,7 +12135,7 @@

<div class="output_subarea output_stream output_stderr output_text">
<pre>Traceback (most recent call last):
File &#34;/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_90719/1830731544.py&#34;, line 4, in &lt;cell line: 3&gt;
File &#34;/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_60641/1830731544.py&#34;, line 4, in &lt;cell line: 3&gt;
raise NotFoundError
NotFoundError: &#39;404&#39; (expected)
</pre>
Expand Down
2 changes: 1 addition & 1 deletion docs/beta/code/01_Intro.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

# "Part I: Whetting Your Appetite" - a chapter of "The Fuzzing Book"
# Web site: https://www.fuzzingbook.org/html/01_Intro.html
# Last change: 2023-01-07 15:36:14+01:00
# Last change: 2023-10-16 20:04:05+02:00
#
# Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
# Copyright (c) 2018-2020 Saarland University, authors, and contributors
Expand Down
2 changes: 1 addition & 1 deletion docs/beta/code/02_Lexical_Fuzzing.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

# "Part II: Lexical Fuzzing" - a chapter of "The Fuzzing Book"
# Web site: https://www.fuzzingbook.org/html/02_Lexical_Fuzzing.html
# Last change: 2023-01-07 15:36:32+01:00
# Last change: 2023-10-16 20:04:24+02:00
#
# Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
# Copyright (c) 2018-2020 Saarland University, authors, and contributors
Expand Down
2 changes: 1 addition & 1 deletion docs/beta/code/03_Syntactical_Fuzzing.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

# "Part III: Syntactic Fuzzing" - a chapter of "The Fuzzing Book"
# Web site: https://www.fuzzingbook.org/html/03_Syntactical_Fuzzing.html
# Last change: 2023-01-07 15:52:35+01:00
# Last change: 2023-10-16 20:06:30+02:00
#
# Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
# Copyright (c) 2018-2020 Saarland University, authors, and contributors
Expand Down
2 changes: 1 addition & 1 deletion docs/beta/code/04_Semantical_Fuzzing.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

# "Part IV: Semantic Fuzzing" - a chapter of "The Fuzzing Book"
# Web site: https://www.fuzzingbook.org/html/04_Semantical_Fuzzing.html
# Last change: 2023-01-07 15:52:54+01:00
# Last change: 2023-10-16 20:09:52+02:00
#
# Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
# Copyright (c) 2018-2020 Saarland University, authors, and contributors
Expand Down
2 changes: 1 addition & 1 deletion docs/beta/code/05_Domain-Specific_Fuzzing.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

# "Part V: Domain-Specific Fuzzing" - a chapter of "The Fuzzing Book"
# Web site: https://www.fuzzingbook.org/html/05_Domain-Specific_Fuzzing.html
# Last change: 2023-01-07 15:39:21+01:00
# Last change: 2023-10-16 20:11:55+02:00
#
# Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
# Copyright (c) 2018-2020 Saarland University, authors, and contributors
Expand Down
2 changes: 1 addition & 1 deletion docs/beta/code/06_Managing_Fuzzing.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

# "Part VI: Managing Fuzzing" - a chapter of "The Fuzzing Book"
# Web site: https://www.fuzzingbook.org/html/06_Managing_Fuzzing.html
# Last change: 2023-01-07 15:22:35+01:00
# Last change: 2023-10-16 20:12:24+02:00
#
# Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
# Copyright (c) 2018-2020 Saarland University, authors, and contributors
Expand Down
2 changes: 1 addition & 1 deletion docs/beta/code/99_Appendices.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

# "Appendices" - a chapter of "The Fuzzing Book"
# Web site: https://www.fuzzingbook.org/html/99_Appendices.html
# Last change: 2023-01-07 15:24:49+01:00
# Last change: 2023-10-16 20:12:29+02:00
#
# Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
# Copyright (c) 2018-2020 Saarland University, authors, and contributors
Expand Down
4 changes: 2 additions & 2 deletions docs/beta/code/APIFuzzer.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

# "Fuzzing APIs" - a chapter of "The Fuzzing Book"
# Web site: https://www.fuzzingbook.org/html/APIFuzzer.html
# Last change: 2023-01-07 15:21:26+01:00
# Last change: 2023-10-16 20:12:16+02:00
#
# Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
# Copyright (c) 2018-2020 Saarland University, authors, and contributors
Expand Down Expand Up @@ -185,7 +185,7 @@


if __name__ == '__main__':
call = "urlparse('http://www.example.com/')"
call = "urlparse('http://www.cispa.de/')"

if __name__ == '__main__':
eval(call)
Expand Down
2 changes: 1 addition & 1 deletion docs/beta/code/AcademicPrototyping.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

# "Academic Prototyping" - a chapter of "The Fuzzing Book"
# Web site: https://www.fuzzingbook.org/html/AcademicPrototyping.html
# Last change: 2023-01-07 15:24:54+01:00
# Last change: 2023-10-16 20:12:34+02:00
#
# Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
# Copyright (c) 2018-2020 Saarland University, authors, and contributors
Expand Down
89 changes: 45 additions & 44 deletions docs/beta/code/Carver.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

# "Carving Unit Tests" - a chapter of "The Fuzzing Book"
# Web site: https://www.fuzzingbook.org/html/Carver.html
# Last change: 2023-01-07 15:21:35+01:00
# Last change: 2023-10-16 20:03:09+02:00
#
# Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
# Copyright (c) 2018-2020 Saarland University, authors, and contributors
Expand Down Expand Up @@ -66,7 +66,7 @@
### Synthesizing Calls
While such recorded arguments already could be turned into arguments and calls, a much nicer alternative is to create a _grammar_ for recorded calls. This allows to synthesize arbitrary _combinations_ of arguments, and also offers a base for further customization of calls.
While such recorded arguments already could be turned into arguments and calls, a much nicer alternative is to create a _grammar_ for recorded calls. This allows synthesizing arbitrary _combinations_ of arguments, and also offers a base for further customization of calls.
The `CallGrammarMiner` class turns a list of carved executions into a grammar.
Expand All @@ -75,19 +75,19 @@
>>> my_sqrt_grammar
{'': [''],
'': [''],
'': ['2', '4'],
'': ['4', '2'],
'': ['my_sqrt()']}
This grammar can be used to synthesize calls.
>>> fuzzer = GrammarCoverageFuzzer(my_sqrt_grammar)
>>> fuzzer.fuzz()
'my_sqrt(4)'
'my_sqrt(2)'
These calls can be executed in isolation, effectively extracting unit tests from system tests:
>>> eval(fuzzer.fuzz())
1.414213562373095
2.0
For more details, source, and documentation, see
Expand Down Expand Up @@ -321,7 +321,7 @@ def simple_call_string(function_name, argument_list):

if __name__ == '__main__':
with CallCarver() as webbrowser_carver:
webbrowser("http://www.example.com")
webbrowser("https://www.fuzzingbook.org")

if __name__ == '__main__':
function_list = webbrowser_carver.called_functions(qualified=True)
Expand Down Expand Up @@ -691,7 +691,6 @@ def mine_call_grammar(self, function_list=None, qualified=False):
if __name__ == '__main__':
with CallCarver() as webbrowser_carver:
webbrowser("https://www.fuzzingbook.org")
webbrowser("http://www.example.com")

if __name__ == '__main__':
m = CallGrammarMiner(webbrowser_carver)
Expand All @@ -705,19 +704,16 @@ def mine_call_grammar(self, function_list=None, qualified=False):
print(call_list[:20])

if __name__ == '__main__':
webbrowser_grammar["<urlsplit>"]

if __name__ == '__main__':
webbrowser_grammar["<urlsplit-url>"]
webbrowser_grammar["<urlparse>"]

if __name__ == '__main__':
webbrowser_grammar["<urlsplit-scheme>"]
webbrowser_grammar["<urlparse-url>"]

if __name__ == '__main__':
urlsplit_fuzzer = GrammarCoverageFuzzer(
webbrowser_grammar, start_symbol="<urlsplit>")
urlparse_fuzzer = GrammarCoverageFuzzer(
webbrowser_grammar, start_symbol="<urlparse>")
for i in range(5):
print(urlsplit_fuzzer.fuzz())
print(urlparse_fuzzer.fuzz())

from urllib.parse import urlsplit

Expand Down Expand Up @@ -898,42 +894,47 @@ def result(self, function_name, argument):



import sys

if __name__ == '__main__':
with ResultCarver() as webbrowser_result_carver:
webbrowser("http://www.example.com")
if sys.version_info >= (3, 11): # Requires Python 3.11 or later
with ResultCarver() as webbrowser_result_carver:
webbrowser("https://www.cispa.de")

if __name__ == '__main__':
for function_name in ["urllib.parse.urlparse", "urllib.parse.urlsplit"]:
for arguments in webbrowser_result_carver.arguments(function_name):
try:
call = call_string(function_name, arguments)
result = webbrowser_result_carver.result(function_name, arguments)
print("assert", call, "==", call_value(result))
except Exception:
continue
if sys.version_info >= (3, 11):
for function_name in ["urllib.parse.urlparse"]:
for arguments in webbrowser_result_carver.arguments(function_name):
try:
call = call_string(function_name, arguments)
result = webbrowser_result_carver.result(function_name, arguments)
print("assert", call, "==", call_value(result))
except Exception:
continue

from urllib.parse import SplitResult, ParseResult, urlparse, urlsplit

if __name__ == '__main__':
assert urlparse(
url='http://www.example.com',
scheme='',
allow_fragments=True) == ParseResult(
scheme='http',
netloc='www.example.com',
path='',
params='',
query='',
fragment='')
assert urlsplit(
url='http://www.example.com',
scheme='',
allow_fragments=True) == SplitResult(
scheme='http',
netloc='www.example.com',
path='',
query='',
fragment='')
if sys.version_info >= (3, 11):
assert urlparse(
url='http://www.cispa.de',
scheme='',
allow_fragments=True) == ParseResult(
scheme='http',
netloc='www.cispa.de',
path='',
params='',
query='',
fragment='')
assert urlsplit(
url='http://www.cispa.de',
scheme='',
allow_fragments=True) == SplitResult(
scheme='http',
netloc='www.cispa.de',
path='',
query='',
fragment='')

### Exercise 2: Abstracting Arguments

Expand Down
2 changes: 1 addition & 1 deletion docs/beta/code/ClassDiagram.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

# "Class Diagrams" - a chapter of "The Fuzzing Book"
# Web site: https://www.fuzzingbook.org/html/ClassDiagram.html
# Last change: 2023-01-07 15:25:37+01:00
# Last change: 2023-10-16 20:13:19+02:00
#
# Copyright (c) 2021-2023 CISPA Helmholtz Center for Information Security
# Copyright (c) 2018-2020 Saarland University, authors, and contributors
Expand Down
Loading

0 comments on commit b4d3401

Please sign in to comment.