Coverage for /pythoncovmergedfiles/medio/medio/src/fuzz_resources_process.py: 87%
249 statements
« prev ^ index » next coverage.py v7.3.2, created at 2023-12-08 06:51 +0000
« prev ^ index » next coverage.py v7.3.2, created at 2023-12-08 06:51 +0000
1###### Coverage stub
2import atexit
3import coverage
4cov = coverage.coverage(data_file='.coverage', cover_pylib=True)
5cov.start()
6# Register an exist handler that will print coverage
7def exit_handler():
8 cov.stop()
9 cov.save()
10atexit.register(exit_handler)
11####### End of coverage stub
12#!/usr/bin/python3
13# Copyright 2023 Google LLC
14#
15# Licensed under the Apache License, Version 2.0 (the "License");
16# you may not use this file except in compliance with the License.
17# You may obtain a copy of the License at
18#
19# http://www.apache.org/licenses/LICENSE-2.0
20#
21# Unless required by applicable law or agreed to in writing, software
22# distributed under the License is distributed on an "AS IS" BASIS,
23# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
24# See the License for the specific language governing permissions and
25# limitations under the License.
27import os
28import sys
29import atheris
30from botocore.exceptions import ClientError, ProfileNotFound
32with atheris.instrument_imports():
33 from c7n import policy as c7n_policy
34 from c7n import exceptions, data, query, manager
36 from c7n.filters import FilterRegistry
37 from c7n.actions import ActionRegistry
38 from c7n.resources.aws import AWS
40 from c7n.resources import ml, sar, s3control, ec2, ebs
41 from c7n.resources import batch, mq, route53, securityhub
42 from c7n.resources import vpc, shield, iam, sfn, cloudtrail
43 from c7n.resources import code, appflow, awslambda, emr, ami
44 from c7n.resources import secretsmanager, airflow, account
45 from c7n.resources import cloudfront, elasticsearch
47def TestOneInput(data):
48 """Fuzz validate functions in resources package"""
49 registry_type = [
50 'c7n.data', 'rds-param-group', 'elasticache', 'ec2', 'emr',
51 'aws.account', 'rest-account', 'elb', 's3', 'iac', 'rds',
52 'glue-catalog', 'app-elb-target-group'
53 ]
54 provider = 'aws'
55 object = None
56 event = None
57 resources_object = None
59 fdp = atheris.FuzzedDataProvider(data)
60 choice = fdp.ConsumeIntInRange(1, 58)
62 option = FuzzOption(fdp)
63 data = _generate_random_dict(fdp)
64 manager_data = _generate_random_dict(fdp)
66 type = fdp.PickValueInList(registry_type)
67 action_registry = ActionRegistry("%s.actions" % type)
68 filter_registry = FilterRegistry("%s.filters" % type)
70 context = FuzzContext(provider, option)
71 resource_manager = query.QueryResourceManager(context, manager_data)
72 resource_manager.action_registry = action_registry
73 resource_manager.filter_registry = filter_registry
74 resource_manager.type = type
75 resource_manager.config = FuzzConfig(fdp)
76 resources = manager.resources
78 initializeResources(context, manager_data)
80 try:
81 if choice == 1:
82 object = ml.DeleteMLModel(data = data, manager = resource_manager)
83 elif choice == 2:
84 object = sar.Delete(data = data, manager = resource_manager)
85 elif choice == 3:
86 object = sar.CrossAccount(data = data, manager = resource_manager)
87 elif choice == 4:
88 object = s3control.AccessPointCrossAccount(data = data, manager = resource_manager)
89 elif choice == 5:
90 object = s3control.Delete(data = data, manager = resource_manager)
91 elif choice == 6:
92 object = ec2.MonitorInstances(data = data, manager = resource_manager)
93 elif choice == 7:
94 resources_object = batch.UpdateComputeEnvironment(data = data, manager = resource_manager)
95 elif choice == 8:
96 resources_object = batch.DeleteComputeEnvironment(data = data, manager = resource_manager)
97 elif choice == 9:
98 resources_object = batch.DefinitionDeregister(data = data, manager = resource_manager)
99 elif choice == 10:
100 resources_object = mq.Delete(data = data, manager = resource_manager)
101 elif choice == 11:
102 resources_object = route53.SetQueryLogging(data = data, manager = resource_manager)
103 resources_object.validate()
104 elif choice == 12:
105 resources_object = route53.IsQueryLoggingEnabled(data = data, manager = resource_manager)
106 event = _generate_random_dict(fdp)
107 elif choice == 13:
108 resources_object = route53.ResolverQueryLogConfigAssociate(data = data, manager = resource_manager)
109 elif choice == 14:
110 resources_object = route53.ReadinessCheckCrossAccount(data = data, manager = resource_manager)
111 event = _generate_random_dict(fdp)
112 elif choice == 15:
113 resources_object = securityhub.SecurityHubFindingFilter(data = data, manager = resource_manager)
114 event = _generate_random_dict(fdp)
115 resources_object.validate()
116 elif choice == 16:
117 resources_object = securityhub.PostFinding(data = data, manager = resource_manager)
118 event = _generate_random_dict(fdp)
119 resources_object.validate()
120 elif choice == 17:
121 resources_object = cloudfront.IsWafEnabled(data = data, manager = resource_manager)
122 event = _generate_random_dict(fdp)
123 elif choice == 18:
124 resources_object = vpc.ModifyVpc(data = data, manager = resource_manager)
125 elif choice == 19:
126 resources_object = vpc.DeleteVpc(data = data, manager = resource_manager)
127 elif choice == 20:
128 resources_object = shield.SetShieldProtection(data = data, manager = resource_manager)
129 elif choice == 21:
130 resources_object = iam.SetBoundary(data = data, manager = resource_manager)
131 resources_object.validate()
132 elif choice == 22:
133 resources_object = iam.CertificateDelete(data = data, manager = resource_manager)
134 elif choice == 23:
135 resources_object = iam.SetPolicy(data = data, manager = resource_manager)
136 resources_object.validate()
137 elif choice == 24:
138 resources_object = iam.RoleDelete(data = data, manager = resource_manager)
139 elif choice == 25:
140 resources_object = sfn.InvokeStepFunction(data = data, manager = resource_manager)
141 elif choice == 26:
142 resources_object = cloudtrail.Status(data = data, manager = resource_manager)
143 event = _generate_random_dict(fdp)
144 elif choice == 27:
145 resources_object = cloudtrail.EventSelectors(data = data, manager = resource_manager)
146 event = _generate_random_dict(fdp)
147 elif choice == 28:
148 resources_object = cloudtrail.UpdateTrail(data = data, manager = resource_manager)
149 resources_object.validate()
150 elif choice == 29:
151 resources_object = cloudtrail.DeleteTrail(data = data, manager = resource_manager)
152 elif choice == 30:
153 resources_object = code.DeleteApplication(data = data, manager = resource_manager)
154 elif choice == 31:
155 resources_object = code.DeleteDeploymentGroup(data = data, manager = resource_manager)
156 elif choice == 32:
157 resources_object = appflow.DeleteAppFlowResource(data = data, manager = resource_manager)
158 elif choice == 33:
159 resources_object = awslambda.LambdaEnableXrayTracing(data = data, manager = resource_manager)
160 elif choice == 34:
161 resources_object = awslambda.LambdaEventSource(data = data, manager = resource_manager)
162 event = _generate_random_dict(fdp)
163 elif choice == 35:
164 resources_object = awslambda.LambdaCrossAccountAccessFilter(data = data, manager = resource_manager)
165 event = _generate_random_dict(fdp)
166 elif choice == 36:
167 resources_object = awslambda.VersionTrim(data = data, manager = resource_manager)
168 elif choice == 37:
169 resources_object = awslambda.RemovePolicyStatement(data = data, manager = resource_manager)
170 elif choice == 38:
171 resources_object = awslambda.LayerCrossAccount(data = data, manager = resource_manager)
172 event = _generate_random_dict(fdp)
173 elif choice == 39:
174 resources_object = awslambda.LayerRemovePermissions(data = data, manager = resource_manager)
175 elif choice == 40:
176 resources_object = awslambda.DeleteLayerVersion(data = data, manager = resource_manager)
177 elif choice == 41:
178 resources_object = emr.EMRSecurityConfigurationFilter(data = data, manager = resource_manager)
179 event = _generate_random_dict(fdp)
180 elif choice == 42:
181 resources_object = emr.DeleteEMRSecurityConfiguration(data = data, manager = resource_manager)
182 elif choice == 43:
183 resources_object = emr.EMRServerlessDelete(data = data, manager = resource_manager)
184 elif choice == 44:
185 resources_object = ami.AmiCrossAccountFilter(data = data, manager = resource_manager)
186 event = _generate_random_dict(fdp)
187 elif choice == 45:
188 resources_object = secretsmanager.CrossAccountAccessFilter(data = data, manager = resource_manager)
189 event = _generate_random_dict(fdp)
190 elif choice == 46:
191 resources_object = secretsmanager.HasStatementFilter(data = data, manager = resource_manager)
192 event = _generate_random_dict(fdp)
193 elif choice == 47:
194 resources_object = airflow.UpdateApacheAirflowEnvironment(data = data, manager = resource_manager)
195 elif choice == 48:
196 resources_object = airflow.DeleteApacheAirflowEnvironment(data = data, manager = resource_manager)
197 elif choice == 49:
198 resources_object = account.AccountCredentialReport(data = data, manager = resource_manager)
199 event = _generate_random_dict(fdp)
200 elif choice == 50:
201 resources_object = account.AccountOrganization(data = data, manager = resource_manager)
202 event = _generate_random_dict(fdp)
203 elif choice == 51:
204 resources_object = account.MacieEnabled(data = data, manager = resource_manager)
205 event = _generate_random_dict(fdp)
206 elif choice == 52:
207 resources_object = account.CloudTrailEnabled(data = data, manager = resource_manager)
208 event = _generate_random_dict(fdp)
209 elif choice == 53:
210 resources_object = account.ConfigEnabled(data = data, manager = resource_manager)
211 event = _generate_random_dict(fdp)
212 elif choice == 54:
213 resources_object = account.IAMSummary(data = data, manager = resource_manager)
214 event = _generate_random_dict(fdp)
215 elif choice == 55:
216 resources_object = account.AccessAnalyzer(data = data, manager = resource_manager)
217 event = _generate_random_dict(fdp)
218 elif choice == 56:
219 resources_object = account.AccountPasswordPolicy(data = data, manager = resource_manager)
220 event = _generate_random_dict(fdp)
221 elif choice == 57:
222 resources_object = elasticsearch.ElasticSearchCrossAccountAccessFilter(data = data, manager = resource_manager)
223 event = _generate_random_dict(fdp)
224 elif choice == 58:
225 resources_object = elasticsearch.ElasticSearchCrossClusterFilter(data = data, manager = resource_manager)
226 event = _generate_random_dict(fdp)
228 if object:
229 object.process(data)
230 if resources_object:
231 if event:
232 resources_object.process(resources, event)
233 else:
234 resources_object.process(resources)
235 except (
236 ValueError, ClientError, ProfileNotFound,
237 KeyError, TypeError,
238 exceptions.PolicyValidationError):
239 pass
240 except AttributeError as e:
241 if "object has no attribute" not in str(e):
242 raise e
245def _generate_random_dict(fdp):
246 map = dict()
248 for count in range(fdp.ConsumeIntInRange(1, 100)):
249 map[fdp.ConsumeUnicodeNoSurrogates(1024)] = fdp.ConsumeUnicodeNoSurrogates(1024)
251 map["name"] = fdp.ConsumeUnicodeNoSurrogates(1024)
253 return map
256def initializeProviders():
257 AWS()
260def initializeResources(ctx, data):
261 ebs.EBS(ctx, data)
262 ebs.Snapshot(ctx, data)
263 ami.AMI(ctx, data)
264 route53.ResolverQueryLogConfig(ctx, data)
265 emr.EMRSecurityConfiguration(ctx, data)
268def main():
269 initializeProviders()
271 atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True)
272 atheris.Fuzz()
275class FuzzContext:
276 def __init__(self, name, option):
277 self.options = None
278 self.session_factory = c7n_policy.get_session_factory(name, option)
279 self.policy = FuzzPolicy(name)
280 self.tracer = FuzzTracer()
281 self.execution_id = "id"
282 self.start_time = "1234567890"
285class FuzzPolicy:
286 def __init__(self, provider_name):
287 self.provider_name = provider_name
288 self.name = "FuzzName"
291class FuzzTracer:
292 def subsegment(type):
293 return True
296class FuzzOption:
297 def __init__(self, fdp):
298 self.region = fdp.ConsumeUnicodeNoSurrogates(1024)
299 self.profile = fdp.ConsumeUnicodeNoSurrogates(1024)
300 self.assume_role = fdp.ConsumeUnicodeNoSurrogates(1024)
301 self.external_id = fdp.ConsumeUnicodeNoSurrogates(1024)
304class FuzzConfig:
305 def __init__(self, fdp):
306 self.account_id = fdp.ConsumeUnicodeNoSurrogates(1024)
307 self.region = fdp.ConsumeUnicodeNoSurrogates(1024)
310if __name__ == "__main__":
311 main()