summaryrefslogtreecommitdiff
path: root/src/exchange/test_taler_exchange_httpd_afl.sh
blob: 2d183d11b6bfd6d1c13edb1ae261096c0b5f3d0f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
#!/bin/bash
#
# This file is part of TALER
# Copyright (C) 2015, 2020 Taler Systems SA
#
#  TALER is free software; you can redistribute it and/or modify it under the
#  terms of the GNU Affero General Public License as published by the Free Software
#  Foundation; either version 3, or (at your option) any later version.
#
#  TALER is distributed in the hope that it will be useful, but WITHOUT ANY
#  WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
#  A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more details.
#
#  You should have received a copy of the GNU Affero General Public License along with
#  TALER; see the file COPYING.  If not, If not, see <http://www.gnu.org/licenses/>
#
#
# This script uses 'curl' to POST various ill-formed requests to the
# taler-exchange-httpd.  Basically, the goal is to make sure that the
# HTTP server survives (and produces the 'correct' error code).
#
# We read the JSON snippets from afl-tests/
#
# The afl-tests are generated as follows:
# 1) Capture all TCP traffic from 'test-auditor.sh'
# 2) Use 'tcpflow -e http -r $PCAP -o $OUTPUT' to get the HTTP streams
# 3) Remove HTTP streams unrelated to the exchange as well as the replies
# 4) Remove duplicated streams (check file size!)
# 5) Compile the exchange with AFL instrumentation
# 6) Run afl-fuzz -i $OUTPUT/ -o afl-tests/ ~/bin/taler-exchange-httpd \
#     -c test_taler_exchange_httpd.conf -t 1 -f @@

set -eu

unset XDG_DATA_HOME
unset XDG_CONFIG_HOME
PREFIX=
# Uncomment this line to run with valgrind...
#PREFIX="valgrind --leak-check=yes --track-fds=yes --error-exitcode=1 --log-file=valgrind.%p"
# Setup keys.
taler-exchange-keyup -c test_taler_exchange_httpd.conf
# Setup database
taler-exchange-dbinit -c test_taler_exchange_httpd.conf &> /dev/null
# Only log hard errors, we expect lots of warnings...
export GNUNET_FORCE_LOG=";;;;ERROR"
# Run test...
for n in afl-tests/*
do
  echo -n "Test $n "
  $PREFIX taler-exchange-httpd -c test_taler_exchange_httpd.conf -t 1 -f $n -C > /dev/null && echo "OK" || echo "FAIL"
done
exit 0