From 76d49415c424f60e2db47636778fe86d6f891a2e Mon Sep 17 00:00:00 2001 From: Valina Li Date: Mon, 15 May 2023 14:02:50 -0700 Subject: [PATCH 1/2] feat: add fuzzing dockerfile and script Signed-off-by: Valina Li --- .gitignore | 2 ++ Dockerfile.fuzz | 15 +++++++++++++++ fuzzing_docker.sh | 22 ++++++++++++++++++++++ 3 files changed, 39 insertions(+) create mode 100644 Dockerfile.fuzz create mode 100755 fuzzing_docker.sh diff --git a/.gitignore b/.gitignore index eccbd71e12..5bc55f1303 100644 --- a/.gitignore +++ b/.gitignore @@ -49,3 +49,5 @@ stage/* snap/.snapcraft/* squashfs-root/ +# result files +fuzz_result/* \ No newline at end of file diff --git a/Dockerfile.fuzz b/Dockerfile.fuzz new file mode 100644 index 0000000000..d217a3bb9b --- /dev/null +++ b/Dockerfile.fuzz @@ -0,0 +1,15 @@ +FROM mcr.microsoft.com/dotnet/sdk:6.0-alpine as builder + +RUN apk add --no-cache python3 py3-pip bash + +RUN git clone https://github.com/microsoft/restler-fuzzer.git + +RUN cd restler-fuzzer; mkdir -p restler_bin +WORKDIR /restler-fuzzer +RUN python3 ./build-restler.py --dest_dir ./restler_bin/ + +COPY fuzzing_docker.sh /restler-fuzzer/fuzzing.sh +COPY /openapi/v3/core-data.yaml /restler-fuzzer/ + +ENTRYPOINT ["/restler-fuzzer/fuzzing.sh"] +CMD ["core-data", "/restler-fuzzer", "core-data.yaml"] \ No newline at end of file diff --git a/fuzzing_docker.sh b/fuzzing_docker.sh new file mode 100755 index 0000000000..b916792387 --- /dev/null +++ b/fuzzing_docker.sh @@ -0,0 +1,22 @@ +#!/usr/bin/env bash + +EDGEX_PROJECT_NAME=${1} +echo $EDGEX_PROJECT_NAME +SWAGGER_FILE_PATH=${2} +echo $SWAGGER_FILE_PATH +SWAGGER_FILE_NAME=${3} +echo $SWAGGER_FILE_NAME + +echo "--compile from swagger file" +./restler_bin/restler/Restler compile --api_spec /$SWAGGER_FILE_PATH/$SWAGGER_FILE_NAME + +echo "--test the grammar" +./restler_bin/restler/Restler test --grammar_file ./Compile/grammar.py --dictionary_file ./Compile/dict.json --settings ./Compile/engine_settings.json --no_ssl + +# assuming edgex service is already running on host +echo "--run fuzz-lean" +./restler_bin/restler/Restler fuzz-lean --grammar_file ./Compile/grammar.py --dictionary_file ./Compile/dict.json --settings ./Compile/engine_settings.json --no_ssl + +echo "--copy result logs into $EDGEX_PROJECT_NAME" +mkdir -p /fuzz_result/$EDGEX_PROJECT_NAME +cp -r ./Test/RestlerResults/ /fuzz_result/$EDGEX_PROJECT_NAME/ From 4b703330bf1be1af1e22c606e3720e66b1a83d77 Mon Sep 17 00:00:00 2001 From: Valina Li Date: Fri, 11 Aug 2023 18:19:49 -0700 Subject: [PATCH 2/2] fix: core-command swagger file has incorrect example and missing PUT parameters Closes: #4629 Signed-off-by: Valina Li --- openapi/v3/core-command.yaml | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/openapi/v3/core-command.yaml b/openapi/v3/core-command.yaml index 468e61e9fd..0905b8f1eb 100644 --- a/openapi/v3/core-command.yaml +++ b/openapi/v3/core-command.yaml @@ -461,14 +461,14 @@ paths: required: true schema: type: string - example: sensor01 + example: Random-Boolean-Device description: "A name uniquely identifying a device." - in: path name: command required: true schema: type: string - example: command01 + example: Bool description: "A name uniquely identifying a command." - in: query name: ds-pushevent @@ -562,6 +562,22 @@ paths: $ref: '#/components/examples/503Example' put: summary: "Issue the specified write command referenced by the command name to the device/sensor that is also referenced by name." + parameters: + - $ref: '#/components/parameters/correlatedRequestHeader' + - in: path + name: name + required: true + schema: + type: string + example: Random-Boolean-Device + description: "A name uniquely identifying a device." + - in: path + name: command + required: true + schema: + type: string + example: Bool + description: "A name uniquely identifying a command." requestBody: content: application/json: @@ -647,6 +663,7 @@ paths: required: true schema: type: string + example: Random-Boolean-Device description: "A name uniquely identifying a device." get: summary: "Returns all commands associated with the specified device."