diff options
Diffstat (limited to 'testing/web-platform/tests/tools/third_party/websockets/fuzzing/fuzz_http11_request_parser.py')
| -rw-r--r-- | testing/web-platform/tests/tools/third_party/websockets/fuzzing/fuzz_http11_request_parser.py | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/testing/web-platform/tests/tools/third_party/websockets/fuzzing/fuzz_http11_request_parser.py b/testing/web-platform/tests/tools/third_party/websockets/fuzzing/fuzz_http11_request_parser.py new file mode 100644 index 0000000000..59e0cea0f4 --- /dev/null +++ b/testing/web-platform/tests/tools/third_party/websockets/fuzzing/fuzz_http11_request_parser.py @@ -0,0 +1,42 @@ +import sys + +import atheris + + +with atheris.instrument_imports(): + from websockets.exceptions import SecurityError + from websockets.http11 import Request + from websockets.streams import StreamReader + + +def test_one_input(data): + reader = StreamReader() + reader.feed_data(data) + reader.feed_eof() + + parser = Request.parse( + reader.read_line, + ) + + try: + next(parser) + except StopIteration as exc: + assert isinstance(exc.value, Request) + return # input accepted + except ( + EOFError, # connection is closed without a full HTTP request + SecurityError, # request exceeds a security limit + ValueError, # request isn't well formatted + ): + return # input rejected with a documented exception + + raise RuntimeError("parsing didn't complete") + + +def main(): + atheris.Setup(sys.argv, test_one_input) + atheris.Fuzz() + + +if __name__ == "__main__": + main() |