From 0f11e15bc3bf802236c7b07809e622692b45285b Mon Sep 17 00:00:00 2001 From: Akendo Date: Thu, 25 Apr 2019 12:18:43 +0200 Subject: [PATCH 1/9] Workaround the handle to be a steam one. Signed-off-by: Akendo --- pyjfuzz/core/pjf_logger.py | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/pyjfuzz/core/pjf_logger.py b/pyjfuzz/core/pjf_logger.py index 2b9ee76..ba18588 100644 --- a/pyjfuzz/core/pjf_logger.py +++ b/pyjfuzz/core/pjf_logger.py @@ -19,10 +19,13 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ -from .pjf_version import PYJFUZZ_LOGLEVEL -import logging -import time + import sys +import logging + + +from pjf_version import PYJFUZZ_LOGLEVEL + class PJFLogger(object): @@ -30,7 +33,8 @@ class PJFLogger(object): def init_logger(): logger = logging.getLogger(__name__) logger.setLevel(level=PYJFUZZ_LOGLEVEL) - filehandler = logging.FileHandler("pjf_{0}.log".format(time.strftime("%d_%m_%Y"))) - logger.addHandler(filehandler) + streamhandler = logging.StreamHandler() + logger.addHandler(streamhandler) sys.tracebacklimit = 10 + return logger From 81b8eeea899ceca8d67e5f59ee37bb11ea2ab135 Mon Sep 17 00:00:00 2001 From: Akendo Date: Thu, 25 Apr 2019 12:28:13 +0200 Subject: [PATCH 2/9] Fix the import path Signed-off-by: Akendo --- pyjfuzz/core/pjf_logger.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyjfuzz/core/pjf_logger.py b/pyjfuzz/core/pjf_logger.py index ba18588..1208e48 100644 --- a/pyjfuzz/core/pjf_logger.py +++ b/pyjfuzz/core/pjf_logger.py @@ -24,7 +24,7 @@ import logging -from pjf_version import PYJFUZZ_LOGLEVEL +from .pjf_version import PYJFUZZ_LOGLEVEL class PJFLogger(object): From 175f7f8f6bb7452faf6a7f685552884fd6d108aa Mon Sep 17 00:00:00 2001 From: Akendo Date: Thu, 15 Aug 2019 17:46:18 +0200 Subject: [PATCH 3/9] Fix the import error and moved to python3 import The code had already import for python. However, by default the python2 was imported first. Instead I moved the code base to only import Python3 imports. Signed-off-by: Akendo --- test/test_pjf_server.py | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/test/test_pjf_server.py b/test/test_pjf_server.py index 9e4fec7..2df3043 100644 --- a/test/test_pjf_server.py +++ b/test/test_pjf_server.py @@ -25,7 +25,9 @@ from argparse import Namespace import time import unittest -import urllib2 + +import requests + from pyjfuzz.core.pjf_server import PJFServer @@ -42,15 +44,12 @@ def test_start_object(self): utf8=False, nologo=True))) server.run() time.sleep(2) - json_http = urllib2.urlopen("http://127.0.0.1:8080").read() - try: - import requests - requests.packages.urllib3.disable_warnings() - json_https = requests.get('https://127.0.0.1:8443', verify=False).content - self.assertTrue(json_https) - except ImportError: - pass + requests.packages.urllib3.disable_warnings() + + json_http = requests.get('http://127.0.0.1:8080').content + json_https = requests.get('https://127.0.0.1:8443', verify=False).content self.assertTrue(json_http) + server.stop() From ffb26c5086707996f0bb0933455ae850fda446eb Mon Sep 17 00:00:00 2001 From: Akendo Date: Thu, 15 Aug 2019 17:47:26 +0200 Subject: [PATCH 4/9] Adjust the io operation to the python 3 way Signed-off-by: Akendo --- test/test_pjf_external_fuzzer.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/test/test_pjf_external_fuzzer.py b/test/test_pjf_external_fuzzer.py index cb34706..b586f78 100644 --- a/test/test_pjf_external_fuzzer.py +++ b/test/test_pjf_external_fuzzer.py @@ -31,6 +31,7 @@ class TestPJFExternalFuzzer(unittest.TestCase): + # The assumption that the file 'radamsa' is present needs to be challenged. def test_string_mutation(self): external_fuzzer = PJFExternalFuzzer(PJFConfiguration(Namespace(nologo=True, command=["radamsa"], stdin=True))) mutated = external_fuzzer.execute("MUTATION_EXAMPLE") @@ -39,11 +40,11 @@ def test_string_mutation(self): def test_file_mutation(self): external_fuzzer = PJFExternalFuzzer(PJFConfiguration(Namespace(nologo=True, command=["radamsa","@@"], stdin=False))) - with file("test.json", "wb") as json_file: + with open("test.json", "w") as json_file: json_file.write('{"a": 1}') json_file.close() external_fuzzer.execute("test.json") - with file("test.json", "rb") as json_file: + with open("test.json", "r") as json_file: content = json_file.read() json_file.close() self.assertTrue(len(content) > 0) From b616ec4e8cac13b049dfd15ad414d8c565872774 Mon Sep 17 00:00:00 2001 From: Akendo Date: Thu, 15 Aug 2019 17:47:53 +0200 Subject: [PATCH 5/9] Add some documentation about invoking pytest direct Signed-off-by: Akendo --- test/test_pjf_configuration.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/test_pjf_configuration.py b/test/test_pjf_configuration.py index 1948c4e..8784670 100644 --- a/test/test_pjf_configuration.py +++ b/test/test_pjf_configuration.py @@ -38,6 +38,8 @@ def test_json_configuration(self): parser = argparse.ArgumentParser(description='', formatter_class=argparse.RawTextHelpFormatter) parser.add_argument('--J', type=str, default=None) parser.add_argument('--no-logo', action='store_true', dest='nologo', default=False, required=False) + # This usage case will faile when you invoke the tool directly. + # ToDo: Implement a use case when this test his invoked directly. parsed = parser.parse_args() args = PJFConfiguration(parsed) for arg in parsed.__dict__: From c0ebed3b310b9b1ec8c7a741ad419c5f940f29d4 Mon Sep 17 00:00:00 2001 From: Akendo Date: Thu, 15 Aug 2019 17:48:55 +0200 Subject: [PATCH 6/9] Make some import more readable Signed-off-by: Akendo --- Pipfile | 12 ++++++++++++ pyjfuzz/pyjfuzz.py | 7 ++++--- 2 files changed, 16 insertions(+), 3 deletions(-) create mode 100644 Pipfile diff --git a/Pipfile b/Pipfile new file mode 100644 index 0000000..fe40698 --- /dev/null +++ b/Pipfile @@ -0,0 +1,12 @@ +[[source]] +name = "pypi" +url = "https://pypi.org/simple" +verify_ssl = true + +[dev-packages] + +[packages] +urllib2 = "*" + +[requires] +python_version = "3.7" diff --git a/pyjfuzz/pyjfuzz.py b/pyjfuzz/pyjfuzz.py index 03e2bef..e36cec7 100644 --- a/pyjfuzz/pyjfuzz.py +++ b/pyjfuzz/pyjfuzz.py @@ -21,10 +21,11 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ -from .core.pjf_logger import PJFLogger -from .core import pjf_configuration -import argparse import time +import argparse + +from core import pjf_configuration +from core.pjf_logger import PJFLogger def init_logger(): From a472cd90790aecedb44db758b1727e68f40abfc7 Mon Sep 17 00:00:00 2001 From: Akendo Date: Thu, 15 Aug 2019 17:49:31 +0200 Subject: [PATCH 7/9] Pump version in the seup.py up Signed-off-by: Akendo --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index a64463a..4a51bd9 100644 --- a/setup.py +++ b/setup.py @@ -61,7 +61,7 @@ def install_gramfuzz(): setup( name="PyJFuzz", - version="1.1.0", + version="1.1.1", author="Daniele Lingualossa", author_email="d.linguaglossa@mseclab.it", description="Trivial JSON fuzzer written in python", From 958608aac1e5ad21506745bb7f91c4f9cd968259 Mon Sep 17 00:00:00 2001 From: Akendo Date: Thu, 15 Aug 2019 17:51:14 +0200 Subject: [PATCH 8/9] Update the README file to include the pipenv info Signed-off-by: Akendo --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index 7f3f8f7..c3eac57 100644 --- a/README.md +++ b/README.md @@ -41,6 +41,13 @@ You can install PyJFuzz with the following command git clone https://github.com/mseclab/PyJFuzz.git && cd PyJFuzz && sudo python setup.py install ``` +Also, you might want to use the `pipenv` tool to setup the environment. + +``` +pipenv install --dev + +``` + Documentation and Examples ========================== From 185496dd88df6798800a731e744ca5008664f973 Mon Sep 17 00:00:00 2001 From: Akendo Date: Thu, 15 Aug 2019 17:53:44 +0200 Subject: [PATCH 9/9] Update the README version Signed-off-by: Akendo --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c3eac57..b5936eb 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ Version - 1.1.0 + 1.1.1