From d69a33cc3593583dde7d19766ab113f07eb52f1a Mon Sep 17 00:00:00 2001 From: Mark Kampe Date: Thu, 22 Dec 2011 13:04:30 -0800 Subject: [PATCH] Added descriptions of what the fuzzer is and does. Signed-off-by: Mark Kampe --- request_decision_graph.yml | 18 ++++++++++++++++++ s3tests/fuzz/test/test_fuzzer.py | 13 +++++++++++++ 2 files changed, 31 insertions(+) diff --git a/request_decision_graph.yml b/request_decision_graph.yml index 6b2fab3..8e7ab0c 100644 --- a/request_decision_graph.yml +++ b/request_decision_graph.yml @@ -1,3 +1,21 @@ +# +# FUZZ testing uses a probabalistic grammar to generate +# pseudo-random requests which will be sent to a server +# over long periods of time, with the goal of turning up +# garbage-input and buffer-overflow sensitivities. +# +# Each state ... +# generates/chooses contents for variables +# chooses a next state (from a weighted set of options) +# +# A terminal state is one from which there are no successors, +# at which point a message is generated (from the variables) +# and sent to the server. +# +# The test program doesn't actually know (or care) what +# response should be returned ... since the goal is to +# crash the server. +# start: set: garbage: diff --git a/s3tests/fuzz/test/test_fuzzer.py b/s3tests/fuzz/test/test_fuzzer.py index fc40800..f54e954 100644 --- a/s3tests/fuzz/test/test_fuzzer.py +++ b/s3tests/fuzz/test/test_fuzzer.py @@ -1,3 +1,16 @@ +""" +Unit-test suite for the S3 fuzzer + +The fuzzer is a grammar-based random S3 operation generator +that produces random operation sequences in an effort to +crash the server. This unit-test suite does not test +S3 servers, but rather the fuzzer infrastructure. + +It works by running the fuzzer off of a simple grammar, +and checking the producted requests to ensure that they +include the expected sorts of operations in the expected +proportions. +""" import sys import itertools import nose