Coverage for /pythoncovmergedfiles/medio/medio/src/fuzz_jwt.py: 57%

Shortcuts on this page

r m x   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

46 statements  

1###### Coverage stub 

2import atexit 

3import coverage 

4cov = coverage.coverage(data_file='.coverage', cover_pylib=True) 

5cov.start() 

6# Register an exist handler that will print coverage 

7def exit_handler(): 

8 cov.stop() 

9 cov.save() 

10atexit.register(exit_handler) 

11####### End of coverage stub 

12#!/usr/bin/python3 

13# Copyright 2022 Google LLC 

14# 

15# Licensed under the Apache License, Version 2.0 (the "License"); 

16# you may not use this file except in compliance with the License. 

17# You may obtain a copy of the License at 

18# 

19# http://www.apache.org/licenses/LICENSE-2.0 

20# 

21# Unless required by applicable law or agreed to in writing, software 

22# distributed under the License is distributed on an "AS IS" BASIS, 

23# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 

24# See the License for the specific language governing permissions and 

25# limitations under the License. 

26 

27import os 

28import sys 

29import atheris 

30 

31import jwt 

32import json 

33from collections.abc import Mapping 

34 

35 

36def test_decoding(data): 

37 """Checks jwt decoding does not fail""" 

38 fdp = atheris.FuzzedDataProvider(data) 

39 s1 = fdp.ConsumeUnicodeNoSurrogates(1024) 

40 try: 

41 _ = jwt.decode(s1, algorithms=["HS256"]) 

42 except jwt.exceptions.PyJWTError: 

43 pass 

44 

45 

46def test_roundtrip(data): 

47 """Check payload == decoded(encoded(payload))""" 

48 fdp = atheris.FuzzedDataProvider(data) 

49 try: 

50 payload = json.loads(fdp.ConsumeUnicodeNoSurrogates(1024)) 

51 except: 

52 return 

53 # Only continue if correct type was created as payload. 

54 if not isinstance(payload, Mapping): 

55 return 

56 

57 key = "fuzzing" 

58 try: 

59 jwt_message = jwt.encode(payload, key, algorithm="HS256") 

60 decoded_payload = jwt.decode(jwt_message, key, algorithms=["HS256"]) 

61 except jwt.exceptions.PyJWTError: 

62 return 

63 assert decoded_payload == payload 

64 

65 

66def TestOneInput(data): 

67 test_decoding(data) 

68 test_roundtrip(data) 

69 

70 

71def main(): 

72 atheris.instrument_all() 

73 atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True) 

74 atheris.Fuzz() 

75 

76 

77if __name__ == "__main__": 

78 main()