diff options
Diffstat (limited to 'testing/web-platform/tests/tools/third_party/websockets/fuzzing/fuzz_http11_response_parser.py')
| -rw-r--r-- | testing/web-platform/tests/tools/third_party/websockets/fuzzing/fuzz_http11_response_parser.py | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/testing/web-platform/tests/tools/third_party/websockets/fuzzing/fuzz_http11_response_parser.py b/testing/web-platform/tests/tools/third_party/websockets/fuzzing/fuzz_http11_response_parser.py new file mode 100644 index 0000000000..6906720a49 --- /dev/null +++ b/testing/web-platform/tests/tools/third_party/websockets/fuzzing/fuzz_http11_response_parser.py @@ -0,0 +1,44 @@ +import sys + +import atheris + + +with atheris.instrument_imports(): + from websockets.exceptions import SecurityError + from websockets.http11 import Response + from websockets.streams import StreamReader + + +def test_one_input(data): + reader = StreamReader() + reader.feed_data(data) + reader.feed_eof() + + parser = Response.parse( + reader.read_line, + reader.read_exact, + reader.read_to_eof, + ) + try: + next(parser) + except StopIteration as exc: + assert isinstance(exc.value, Response) + return # input accepted + except ( + EOFError, # connection is closed without a full HTTP response + SecurityError, # response exceeds a security limit + LookupError, # response isn't well formatted + ValueError, # response isn't well formatted + ): + return # input rejected with a documented exception + + raise RuntimeError("parsing didn't complete") + + +def main(): + atheris.Setup(sys.argv, test_one_input) + atheris.Fuzz() + + +if __name__ == "__main__": + main() |