High level conclusions

Fuzzer fuzz_web_request is blocked:

The runtime code coverage of fuzz_web_request covers 26.31% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer fuzz_http_parser is blocked:

The runtime code coverage of fuzz_http_parser covers 20.0% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Fuzzer fuzz_http_parser_pure_python is blocked:

The runtime code coverage of fuzz_http_parser_pure_python covers 20.0% of its statically reachable code. This means there is some place that blocks the fuzzer to continue exploring more code at run time.

Reachability and coverage overview

Functions statically reachable by fuzzers

56 / 1374

Cyclomatic complexity statically reachable by fuzzers

213 / 4680

Runtime code coverage of functions

260 / 1374

Warning: The number of runtime covered functions are larger than the number of reachable functions. This means that Fuzz Introspector found there are more functions covered at runtime than what is considered reachable based on the static analysis. This is a limitation in the analysis as anything covered at runtime is by definition reachable by the fuzzers.
This is likely due to a limitation in the static analysis. In this case, the count of functions covered at runtime is the true value, which means this is what should be considered "achieved" by the fuzzer.

Use the project functions table below to query all functions that were not covered at runtime.

The following table shows data about each function in the project. The functions included in this table correspond to all functions that exist in the executables of the fuzzers. As such, there may be functions that are from third-party libraries.

For further technical details on the meaning of columns in the below table, please see the Glossary .

Func name	Functions filename	Args	Function call depth	Reached by Fuzzers	Fuzzers runtime hit	Func lines hit %	I Count	BB Count	Cyclomatic complexity	Functions reached	Reached by functions	Accumulated cyclomatic complexity	Undiscovered complexity

Fuzzer: fuzz_http_parser_pure_python

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	2	40.0%
gold	[1:9]	0	0.0%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	0	0.0%
lawngreen	50+	3	60.0%
All colors	5	100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked	Calltree index	Parent function	Callsite	Largest blocked function
2	0	EP	call site: 00000	asyncio.get_event_loop

Runtime coverage analysis

Covered functions

270

Functions that are reachable but not covered

4

Reachable functions

5

Percentage of reachable functions covered

20.0%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
/	1
...aiohttp.fuzz_http_parser_pure_python	4

Fuzzer: fuzz_http_payload_parser_pure_python

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	22	35.4%
gold	[1:9]	0	0.0%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	0	0.0%
lawngreen	50+	40	64.5%
All colors	62	100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked	Calltree index	Parent function	Callsite	Largest blocked function
12	10	aiohttp.compression_utils.ZLibDecompressor.__init__	call site: 00010	aiohttp.streams.StreamReader.feed_eof
4	42	aiohttp.http_parser.HttpPayloadParser.feed_data	call site: 00042	aiohttp.streams.StreamReader.set_exception
3	0	EP	call site: 00000	aiohttp.http_parser.HttpPayloadParser.__init__
1	8	aiohttp.compression_utils.ZLibDecompressor.__init__	call site: 00008	aiohttp.compression_utils.encoding_to_mode
1	28	aiohttp.streams.StreamReader.feed_data	call site: 00028	aiohttp.helpers.set_result
1	54	aiohttp.http_parser.HttpPayloadParser.feed_data	call site: 00054	aiohttp.helpers.set_result

Runtime coverage analysis

Covered functions

270

Functions that are reachable but not covered

16

Reachable functions

30

Percentage of reachable functions covered

46.67%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
/	1
...aiohttp.fuzz_http_payload_parser_pure_python	4
aiohttp.http_parser	17
aiohttp.compression_utils	4
aiohttp.streams	5
aiohttp.helpers	2
aiohttp.http_exceptions	1

Fuzzer: fuzz_payload_url

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	27	43.5%
gold	[1:9]	0	0.0%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	0	0.0%
lawngreen	50+	35	56.4%
All colors	62	100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked	Calltree index	Parent function	Callsite	Largest blocked function
6	30	multidict._multidict_py.MultiDict._extend	call site: 00030	used_keys.get
6	38	multidict._multidict_py.MultiDict._extend	call site: 00038	multidict._multidict_py.CIMultiDict._title
5	0	EP	call site: 00000	aiohttp.payload.StringPayload.__init__
4	12	multidict._multidict_py.MultiDict._extend	call site: 00012	.list
3	55	aiohttp.helpers.parse_mimetype	call site: 00055	multidict._multidict_py.MultiDictProxy.__init__
2	59	aiohttp.payload.StringPayload.__init__	call site: 00059	urllib.parse.urlencode.encode
1	45	multidict._multidict_py.MultiDictProxy.__init__	call site: 00045	_multidict.MultiDictProxy

Runtime coverage analysis

Covered functions

333

Functions that are reachable but not covered

27

Reachable functions

40

Percentage of reachable functions covered

32.5%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
/	1
...aiohttp.fuzz_payload_url	3
aiohttp.payload	5
aiohttp.helpers	11
multidict._multidict_py	20

Fuzzer: fuzz_http_parser

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	2	40.0%
gold	[1:9]	0	0.0%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	0	0.0%
lawngreen	50+	3	60.0%
All colors	5	100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked	Calltree index	Parent function	Callsite	Largest blocked function
2	0	EP	call site: 00000	asyncio.get_event_loop

Runtime coverage analysis

Covered functions

333

Functions that are reachable but not covered

4

Reachable functions

5

Percentage of reachable functions covered

20.0%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
/	1
...aiohttp.fuzz_http_parser	4

Fuzzer: fuzz_multipart

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	46	44.6%
gold	[1:9]	0	0.0%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	0	0.0%
lawngreen	50+	57	55.3%
All colors	103	100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked	Calltree index	Parent function	Callsite	Largest blocked function
8	23	aiohttp.multipart.BodyPartReader.read_chunk	call site: 00023	chunk.split
7	0	EP	call site: 00000	...aiohttp.fuzz_multipart.fuzz_bodypart_reader
7	79	multidict._multidict_py.MultiDict._extend	call site: 00079	multidict._multidict_py.CIMultiDict._title
6	71	multidict._multidict_py.MultiDict._extend	call site: 00071	used_keys.get
5	34	aiohttp.multipart.BodyPartReader.read	call site: 00034	aiohttp.multipart.BodyPartReader._decode_content
4	53	multidict._multidict_py.MultiDict._extend	call site: 00053	.list
2	10	aiohttp.multipart.BodyPartReader.read	call site: 00010	aiohttp.multipart.BodyPartReader._read_chunk_from_length
2	96	aiohttp.helpers.parse_mimetype	call site: 00096	multidict._multidict_py.MultiDictProxy.__init__
1	13	aiohttp.multipart.BodyPartReader.read_chunk	call site: 00013	.len
1	40	aiohttp.compression_utils.ZLibDecompressor.__init__	call site: 00040	aiohttp.compression_utils.encoding_to_mode
1	42	aiohttp.compression_utils.ZLibDecompressor.__init__	call site: 00042	aiohttp.compression_utils.ZLibDecompressor.decompress_sync
1	45	aiohttp.multipart.BodyPartReader.get_charset	call site: 00045	multidict._multidict_py.MultiDict.__init__

Runtime coverage analysis

Covered functions

332

Functions that are reachable but not covered

48

Reachable functions

70

Percentage of reachable functions covered

31.43%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
/	1
...aiohttp.fuzz_multipart	8
aiohttp.multipart	29
aiohttp.compression_utils	3
aiohttp.helpers	11
multidict._multidict_py	20

Fuzzer: fuzz_http_payload_parser

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	22	35.4%
gold	[1:9]	0	0.0%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	0	0.0%
lawngreen	50+	40	64.5%
All colors	62	100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked	Calltree index	Parent function	Callsite	Largest blocked function
12	10	aiohttp.compression_utils.ZLibDecompressor.__init__	call site: 00010	aiohttp.streams.StreamReader.feed_eof
4	42	aiohttp.http_parser.HttpPayloadParser.feed_data	call site: 00042	aiohttp.streams.StreamReader.set_exception
3	0	EP	call site: 00000	aiohttp.http_parser.HttpPayloadParser.__init__
1	8	aiohttp.compression_utils.ZLibDecompressor.__init__	call site: 00008	aiohttp.compression_utils.encoding_to_mode
1	27	aiohttp.streams.StreamReader.feed_data	call site: 00027	aiohttp.helpers.set_result
1	54	aiohttp.http_parser.HttpPayloadParser.feed_data	call site: 00054	aiohttp.helpers.set_result

Runtime coverage analysis

Covered functions

333

Functions that are reachable but not covered

16

Reachable functions

30

Percentage of reachable functions covered

46.67%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
/	1
...aiohttp.fuzz_http_payload_parser	4
aiohttp.http_parser	17
aiohttp.compression_utils	4
aiohttp.streams	5
aiohttp.helpers	2
aiohttp.http_exceptions	1

Fuzzer: fuzz_web_request

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	84	51.2%
gold	[1:9]	0	0.0%
yellow	[10:29]	0	0.0%
greenyellow	[30:49]	0	0.0%
lawngreen	50+	80	48.7%
All colors	164	100

Fuzz blockers

The following nodes represent call sites where fuzz blockers occur.

Amount of callsites blocked	Calltree index	Parent function	Callsite	Largest blocked function
36	127	aiohttp.helpers.parse_mimetype	call site: 00127	aiohttp.web_request.BaseRequest.read
14	104	aiohttp.web_request.BaseRequest.post	call site: 00104	aiohttp.web_request.BaseRequest.multipart
7	39	multidict._multidict_py.MultiDict._extend	call site: 00039	multidict._multidict_py.CIMultiDict._title
6	0	EP	call site: 00000	...aiohttp.fuzz_web_request.fuzz_run_one_async
6	25	multidict._multidict_py.MultiDict._extend	call site: 00025	used_keys.get
6	60	multidict._multidict_py._Base.items	call site: 00060	multidict._multidict_py.MultiDict.__init__
4	13	multidict._multidict_py.MultiDict._extend	call site: 00013	.list
3	56	aiohttp.test_utils.make_mocked_request	call site: 00056	multidict._multidict_py._Base.items
1	94	aiohttp.web_urldispatcher.UrlMappingMatchInfo.__init__	call site: 00094	unittest.mock.Mock
1	98	...aiohttp.fuzz_web_request.fuzz_run_one_async	call site: 00098	aiohttp.web_request.BaseRequest.post

Runtime coverage analysis

Covered functions

333

Functions that are reachable but not covered

70

Reachable functions

95

Percentage of reachable functions covered

26.32%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
/	1
...aiohttp.fuzz_web_request	10
multidict._multidict_py	24
aiohttp.test_utils	25
aiohttp.web_request	31
aiohttp.web_urldispatcher	2
aiohttp.multipart	3
aiohttp.helpers	11

Optimal target analysis

Remaining optimal interesting functions

The following table shows a list of functions that are optimal targets. Optimal targets are identified by finding the functions that in combination, yield a high code coverage.

Func name	Functions filename	Arg count	Args	Function depth	hitcount	instr count	bb count	cyclomatic complexity	Reachable functions	Incoming references	total cyclomatic complexity	Unreached complexity
aiohttp.client.ClientSession._ws_connect	aiohttp.client	19	['N/A', 'N/A', 'N/A', 'N/A', 'N/A', 'N/A', 'N/A', 'N/A', 'N/A', 'N/A', 'N/A', 'N/A', 'N/A', 'N/A', 'N/A', 'N/A', 'N/A', 'N/A', 'N/A']	5	0	5	16	9	231	1	787	735
aiohttp.connector.BaseConnector.connect	aiohttp.connector	4	['N/A', 'N/A', 'N/A', 'N/A']	4	0	23	12	8	187	0	628	246
aiohttp.web.main	aiohttp.web	1	['N/A']	3	0	12	3	4	88	1	276	240
aiohttp.web_protocol.RequestHandler.start	aiohttp.web_protocol	1	['N/A']	4	0	16	14	9	92	1	316	237
yarl._url.URL.__new__	yarl._url	4	['N/A', 'N/A', 'N/A', 'N/A']	2	0	2	10	7	34	0	114	96
aiohttp.web_urldispatcher.UrlDispatcher.add_resource	aiohttp.web_urldispatcher	3	['N/A', 'N/A', 'N/A']	2	0	2	4	5	25	9	83	65
aiohttp.multipart.parse_content_disposition	aiohttp.multipart	1	['N/A']	2	0	9	15	9	22	3	75	63

Implementing fuzzers that target the above functions will improve reachability such that it becomes:

Functions statically reachable by fuzzers

214 / 1374

Cyclomatic complexity statically reachable by fuzzers

865 / 4680

All functions overview

If you implement fuzzers for these functions, the status of all functions in the project will be:

Func name	Functions filename	Args	Function call depth	Reached by Fuzzers	Fuzzers runtime hit	Func lines hit %	I Count	BB Count	Cyclomatic complexity	Functions reached	Reached by functions	Accumulated cyclomatic complexity	Undiscovered complexity

This section shows analysis of runtime coverage data.

For futher technical details on how this section is generated, please see the Glossary .

Complex functions with low coverage

Func name	Function total lines	Lines covered at runtime	percentage covered	Reached by fuzzers
aiohttp.web._run_app	34	0	0.0%	[]
aiohttp.web_ws.WebSocketResponse._handshake	35	0	0.0%	[]
aiohttp.web_ws.WebSocketResponse.close	43	0	0.0%	[]
aiohttp.web_ws.WebSocketResponse.receive	52	0	0.0%	[]
aiohttp.client_proto.ResponseHandler.data_received	37	0	0.0%	[]
aiohttp.web_response.StreamResponse._prepare_headers	41	0	0.0%	[]
aiohttp.web_response.Response.__init__	39	2	5.128%	[]
aiohttp.web_request.BaseRequest.forwarded	32	3	9.375%	[]
aiohttp.web_request.BaseRequest.post	56	4	7.142%	['fuzz_web_request']
out.getvalue	118	41	34.74%	[]
aiohttp.client_reqrep.ClientRequest.__init__	41	0	0.0%	[]
aiohttp.client_reqrep.ClientRequest.send	36	0	0.0%	[]
typing_extensions.get_args	1223	309	25.26%	[]
aiohttp.http_websocket.ws_ext_parse	33	4	12.12%	[]
aiohttp.http_websocket.WebSocketReader._feed_data	56	0	0.0%	[]
aiohttp.http_websocket.WebSocketReader.parse_frame	82	11	13.41%	[]
aiohttp.http_websocket.WebSocketWriter._send_frame	39	0	0.0%	[]
aiohttp.multipart.parse_content_disposition.unescape	53	0	0.0%	[]
aiohttp.connector.BaseConnector.connect	58	0	0.0%	[]
aiohttp.connector.TCPConnector._resolve_host	43	0	0.0%	[]
aiohttp.connector.TCPConnector._create_proxy_connection	46	2	4.347%	[]
aiodns.DNSResolver	94	27	28.72%	[]
aiohttp.web_protocol.RequestHandler.__init__	34	0	0.0%	[]
aiohttp.web_protocol.RequestHandler.start	77	0	0.0%	[]
aiohttp.web_fileresponse.FileResponse.prepare	79	0	0.0%	[]
aiohttp.client.ClientSession.__init__	47	3	6.382%	[]
aiohttp.client.ClientSession._request	160	18	11.25%	[]
aiohttp.client.ClientSession._ws_connect	71	17	23.94%	[]
aiohttp.cookiejar.CookieJar.update_cookies	48	0	0.0%	[]
aiohttp.cookiejar.CookieJar.filter_cookies	31	0	0.0%	[]
aiohttp.cookiejar.CookieJar._parse_date	49	2	4.081%	[]
aiohttp.client_ws.ClientWebSocketResponse.close	37	0	0.0%	[]
aiohttp.client_ws.ClientWebSocketResponse.receive	50	0	0.0%	[]

This section shows which files and directories are considered in this report. The main reason for showing this is fuzz introspector may include more code in the reasoning than is desired. This section helps identify if too many files/directories are included, e.g. third party code, which may be irrelevant for the threat model. In the event too much is included, fuzz introspector supports a configuration file that can exclude data from the report. See the following link for more information on how to create a config file: link

Files in report

Source file	Reached by	Covered by
	[]	[]
string	[]	[]
multidict._multidict_base	[]	[]
warnings	[]	[]
signal	[]	[]
aiohttp.resolver	[]	[]
dataclasses	[]	[]
array	[]	[]
importlib	[]	[]
time	[]	[]
aiohttp.web_response	[]	[]
aiohttp.client	[]	[]
atheris	[]	[]
platform	[]	[]
_helpers	[]	[]
aiohttp.abc	[]	[]
pickle	[]	[]
aiohttp.formdata	[]	[]
aiohttp.web_server	[]	[]
typing_extensions	[]	[]
multidict._compat	[]	[]
aiohttp.multipart	['fuzz_multipart', 'fuzz_web_request']	[]
ssl	[]	[]
json	[]	[]
aiohttp.http	[]	[]
gunicorn	[]	[]
aiohttp.hdrs	[]	[]
cchardet	[]	[]
async_timeout	[]	[]
aiohttp.locks	[]	[]
aiohttp.compression_utils	['fuzz_http_payload_parser_pure_python', 'fuzz_multipart', 'fuzz_http_payload_parser']	[]
io	[]	[]
hashlib	[]	[]
yarl._quoting	[]	[]
yarl._url	[]	[]
charset_normalizer	[]	[]
_multidict	[]	[]
codecs	[]	[]
aiohttp.client_exceptions	[]	[]
types	[]	[]
frozenlist	[]	[]
aiohttp.worker	[]	[]
pathlib	[]	[]
aiohttp.web	[]	[]
aiohttp.tracing	[]	[]
aiohttp.web_log	[]	[]
aiohttp.http_parser	['fuzz_http_payload_parser_pure_python', 'fuzz_http_payload_parser']	[]
_websocket	[]	[]
aiohttp.payload	['fuzz_payload_url']	[]
aiohttp.connector	[]	[]
multidict	[]	[]
aiohttp.client_ws	[]	[]
logging	[]	[]
aiohttp.log	[]	[]
tempfile	[]	[]
idna	[]	[]
aiohttp.http_exceptions	['fuzz_http_payload_parser_pure_python', 'fuzz_http_payload_parser']	[]
brotli	[]	[]
aiohttp	[]	[]
itertools	[]	[]
...aiohttp.fuzz_multipart	['fuzz_multipart']	[]
struct	[]	[]
random	[]	[]
aiohttp.web_request	['fuzz_web_request']	[]
aiohttp.cookiejar	[]	[]
aiohttp.client_reqrep	[]	[]
...aiohttp.fuzz_http_payload_parser_pure_python	['fuzz_http_payload_parser_pure_python']	[]
datetime	[]	[]
os	[]	[]
zlib	[]	[]
multidict._multidict_py	['fuzz_payload_url', 'fuzz_multipart', 'fuzz_web_request']	[]
unittest	[]	[]
...aiohttp.fuzz_web_request	['fuzz_web_request']	[]
uvloop	[]	[]
netrc	[]	[]
uuid	[]	[]
gc	[]	[]
...aiohttp.fuzz_payload_url	['fuzz_payload_url']	[]
argparse	[]	[]
...aiohttp.fuzz_http_payload_parser	['fuzz_http_payload_parser']	[]
mimetypes	[]	[]
aiohttp.client_proto	[]	[]
ipaddress	[]	[]
base64	[]	[]
abc	[]	[]
aiohttp.test_utils	['fuzz_web_request']	[]
http	[]	[]
socket	[]	[]
yarl	[]	[]
aiosignal	[]	[]
urllib	[]	[]
aiohttp.tcp_helpers	[]	[]
aiohttp.base_protocol	[]	[]
functools	[]	[]
contextlib	[]	[]
aiohttp.web_runner	[]	[]
aiohttp.web_app	[]	[]
aiohttp.http_writer	[]	[]
aiohttp.web_exceptions	[]	[]
_abc	[]	[]
sys	[]	[]
aiohttp.pytest_plugin	[]	[]
typing	[]	[]
asyncio	[]	[]
aiohttp.web_fileresponse	[]	[]
aiohttp.streams	['fuzz_http_payload_parser_pure_python', 'fuzz_http_payload_parser']	[]
aiohttp.web_middlewares	[]	[]
collections	[]	[]
...aiohttp.fuzz_http_parser	['fuzz_http_parser']	[]
math	[]	[]
aiohttp.web_protocol	[]	[]
_quoting_c	[]	[]
yarl._quoting_py	[]	[]
email	[]	[]
keyword	[]	[]
aiodns	[]	[]
	[]	[]
aiohttp.web_ws	[]	[]
aiohttp.web_urldispatcher	['fuzz_web_request']	[]
enum	[]	[]
inspect	[]	[]
binascii	[]	[]
aiohttp.helpers	['fuzz_http_payload_parser_pure_python', 'fuzz_payload_url', 'fuzz_multipart', 'fuzz_http_payload_parser', 'fuzz_web_request']	[]
html	[]	[]
...aiohttp.fuzz_http_parser_pure_python	['fuzz_http_parser_pure_python']	[]
traceback	[]	[]
_http_parser	[]	[]
aiohttp.http_websocket	[]	[]
aiohttp.typedefs	[]	[]
re	[]	[]
multidict._abc	[]	[]
aiohttp.web_routedef	[]	[]
ClientSession	[]	[]
weakref	[]	[]

Directories in report

Directory