The following nodes represent call sites where fuzz blockers occur.
| Amount of callsites blocked | Calltree index | Parent function | Callsite | Largest blocked function |
|---|---|---|---|---|
| 132 | 176 | google.auth.jwt.decode | call site: 00176 | google.oauth2.service_account.IDTokenCredentials._make_authorization_grant_assertion |
| 117 | 38 | google.auth.jwt.encode | call site: 00038 | google.auth.iam.Signer._make_signing_request |
| 13 | 9 | google.auth.crypt._cryptography_rsa.RSASigner.from_string | call site: 00009 | google.auth.crypt._python_rsa.RSASigner.from_string |
| 2 | 23 | ...fuzz_jwt_roundtrip.test_roundtrip_unverified | call site: 00023 | fdp.ConsumeString |
| 2 | 26 | ...fuzz_jwt_roundtrip.test_roundtrip_unverified | call site: 00026 | google.auth.jwt.encode |
| 2 | 32 | google.auth.jwt.encode | call site: 00032 | google.auth._helpers.unpadded_urlsafe_b64encode |
| 2 | 35 | google.auth._helpers.unpadded_urlsafe_b64encode | call site: 00035 | google.auth._helpers.unpadded_urlsafe_b64encode |
| 1 | 0 | EP | call site: 00000 | ...fuzz_jwt_roundtrip.test_roundtrip_unverified |
| 1 | 2 | ...fuzz_jwt_roundtrip.test_roundtrip_unverified | call site: 00002 | google.auth.crypt._cryptography_rsa.RSASigner.from_string |
| 1 | 30 | google.auth.jwt.encode | call site: 00030 | header.update |
| 1 | 157 | google.auth.exceptions.GoogleAuthError.__init__ | call site: 00157 | google.auth.jwt.decode |
...fuzz_jwt_roundtrip.TestOneInput
[function]
[call site]
00000
...fuzz_jwt_roundtrip.test_roundtrip_unverified
[function]
[call site]
00001
atheris.FuzzedDataProvider
[function]
[call site]
00002
google.auth.crypt._cryptography_rsa.RSASigner.from_string
[function]
[call site]
00003
google.auth._helpers.to_bytes
[function]
[call site]
00004
<builtin>.isinstance
[function]
[call site]
00005
value.encode
[function]
[call site]
00006
<builtin>.isinstance
[function]
[call site]
00007
cryptography.hazmat.primitives.serialization.load_pem_private_key
[function]
[call site]
00008
google.auth.crypt._cryptography_rsa.RSASigner.__init__
[function]
[call site]
00009
google.auth.crypt._python_rsa.RSASigner.from_string
[function]
[call site]
00010
google.auth._helpers.from_bytes
[function]
[call site]
00011
<builtin>.isinstance
[function]
[call site]
00012
value.decode
[function]
[call site]
00013
<builtin>.isinstance
[function]
[call site]
00014
pyasn1_modules.pem.readPemBlocksFromFile
[function]
[call site]
00015
io.StringIO
[function]
[call site]
00016
rsa.key.PrivateKey.load_pkcs1
[function]
[call site]
00017
pyasn1.codec.der.decoder.decode
[function]
[call site]
00018
key_info.getComponentByName
[function]
[call site]
00019
rsa.key.PrivateKey.load_pkcs1
[function]
[call site]
00020
private_key_info.asOctets
[function]
[call site]
00021
google.auth.crypt._python_rsa.RSASigner.__init__
[function]
[call site]
00022
fdp.ConsumeIntInRange
[function]
[call site]
00023
fdp.ConsumeString
[function]
[call site]
00024
fdp.ConsumeIntInRange
[function]
[call site]
00025
fdp.ConsumeString
[function]
[call site]
00026
fdp.ConsumeString
[function]
[call site]
00027
google.auth.jwt.encode
[function]
[call site]
00028
header.update
[function]
[call site]
00029
<builtin>.isinstance
[function]
[call site]
00030
header.update
[function]
[call site]
00031
header.update
[function]
[call site]
00032
json.dumps
[function]
[call site]
00033
google.auth._helpers.unpadded_urlsafe_b64encode
[function]
[call site]
00034
base64.urlsafe_b64encode
[function]
[call site]
00035
json.dumps
[function]
[call site]
00036
google.auth._helpers.unpadded_urlsafe_b64encode
[function]
[call site]
00037
google.auth.iam.Signer.sign
[function]
[call site]
00038
google.auth.iam.Signer._make_signing_request
[function]
[call site]
00039
google.auth._exponential_backoff.ExponentialBackoff.__iter__
[function]
[call site]
00040
google.auth._exponential_backoff._BaseExponentialBackoff._reset
[function]
[call site]
00041
google.auth._exponential_backoff.ExponentialBackoff.__next__
[function]
[call site]
00042
google.auth._exponential_backoff._BaseExponentialBackoff._calculate_jitter
[function]
[call site]
00043
random.uniform
[function]
[call site]
00044
time.sleep
[function]
[call site]
00045
google.auth._helpers.to_bytes
[function]
[call site]
00046
_IAM_SIGN_ENDPOINT.replace
[function]
[call site]
00047
json.dumps
[function]
[call site]
00048
base64.b64encode
[function]
[call site]
00049
google.auth._exponential_backoff.ExponentialBackoff.__init__
[function]
[call site]
00050
<builtin>.super
[function]
[call site]
00051
google.auth.credentials.Credentials.before_request
[function]
[call site]
00052
google.auth.credentials.Credentials._non_blocking_refresh
[function]
[call site]
00053
google.auth._refresh_worker.RefreshThreadManager.start_refresh
[function]
[call site]
00054
threading.Thread.is_alive
[function]
[call site]
00055
copy.deepcopy
[function]
[call site]
00056
google.auth._refresh_worker.RefreshThread.__init__
[function]
[call site]
00057
<builtin>.super
[function]
[call site]
00058
threading.Thread.start
[function]
[call site]
00059
google.auth.external_account_authorized_user.Credentials.refresh
[function]
[call site]
00060
google.auth._helpers.utcnow
[function]
[call site]
00061
datetime.datetime.now
[function]
[call site]
00062
now.replace
[function]
[call site]
00063
google.auth.external_account_authorized_user.Credentials._make_sts_request
[function]
[call site]
00064
google.oauth2.sts.Client.refresh_token
[function]
[call site]
00065
google.oauth2.sts.Client._make_request
[function]
[call site]
00066
_URLENCODED_HEADERS.copy
[function]
[call site]
00067
<builtin>.dict
[function]
[call site]
00068
google.oauth2.utils.OAuthClientAuthHandler.apply_client_authentication_options
[function]
[call site]
00069
google.oauth2.utils.OAuthClientAuthHandler._inject_authenticated_headers
[function]
[call site]
00070
base64.b64encode
[function]
[call site]
00071
google.oauth2.utils.OAuthClientAuthHandler._inject_authenticated_request_body
[function]
[call site]
00072
urllib.parse.urlencode
[function]
[call site]
00073
response.data.decode
[function]
[call site]
00074
<builtin>.hasattr
[function]
[call site]
00075
google.oauth2.utils.handle_error_response
[function]
[call site]
00076
json.loads
[function]
[call site]
00077
error_components.append
[function]
[call site]
00078
error_components.append
[function]
[call site]
00079
error_components.append
[function]
[call site]
00080
json.loads
[function]
[call site]
00081
response_data.get
[function]
[call site]
00082
response_data.get
[function]
[call site]
00083
datetime.timedelta
[function]
[call site]
00084
google.auth.app_engine.Credentials.refresh
[function]
[call site]
00085
google.appengine.api.app_identity.get_access_token
[function]
[call site]
00086
datetime.datetime.utcfromtimestamp
[function]
[call site]
00087
google.auth.external_account.Credentials.refresh
[function]
[call site]
00088
google.auth.external_account.Credentials._mtls_required
[function]
[call site]
00089
functools.partial
[function]
[call site]
00090
google.auth.external_account.Credentials._get_mtls_cert_and_key_paths
[function]
[call site]
00091
google.auth.external_account.Credentials._should_initialize_impersonated_credentials
[function]
[call site]
00092
google.auth.external_account.Credentials._initialize_impersonated_credentials
[function]
[call site]
00093
google.auth.external_account.Credentials._constructor_args
[function]
[call site]
00094
copy.deepcopy
[function]
[call site]
00095
copy.deepcopy
[function]
[call site]
00096
args.pop
[function]
[call site]
00097
kwargs.update
[function]
[call site]
00098
google.auth.impersonated_credentials.Credentials.__init__
[function]
[call site]
00099
<builtin>.super
[function]
[call site]
00100
copy.copy
[function]
[call site]
00101
<builtin>.isinstance
[function]
[call site]
00102
<builtin>.hasattr
[function]
[call site]
00103
google.auth._helpers.utcnow
[function]
[call site]
00104
google.auth.app_engine.Credentials.refresh
[function]
[call site]
00105
google.auth.external_account.Credentials.refresh
[function]
[call site]
00106
google.auth._helpers.utcnow
[function]
[call site]
00107
google.auth.metrics.byoid_metrics_header
[function]
[call site]
00108
google.auth.metrics.python_and_auth_lib_version
[function]
[call site]
00109
platform.python_version
[function]
[call site]
00110
metrics_options.items
[function]
[call site]
00111
google.oauth2.sts.Client.exchange_token
[function]
[call site]
00112
json.dumps
[function]
[call site]
00113
urllib.parse.quote
[function]
[call site]
00114
<builtin>.dict
[function]
[call site]
00115
google.oauth2.sts.Client._make_request
[function]
[call site]
00116
google.auth.external_account.Credentials.retrieve_subject_token
[function]
[call site]
00117
response_data.get
[function]
[call site]
00118
response_data.get
[function]
[call site]
00119
<builtin>.isinstance
[function]
[call site]
00120
<builtin>.int
[function]
[call site]
00121
datetime.timedelta
[function]
[call site]
00122
google.auth.api_key.Credentials.refresh
[function]
[call site]
00123
google.oauth2.service_account.IDTokenCredentials.refresh
[function]
[call site]
00124
google.oauth2.service_account.IDTokenCredentials._refresh_with_iam_endpoint
[function]
[call site]
00125
google.auth.jwt.Credentials.from_signing_credentials
[function]
[call site]
00126
kwargs.setdefault
[function]
[call site]
00127
kwargs.setdefault
[function]
[call site]
00128
google.auth.jwt.Credentials.__init__
[function]
[call site]
00129
<builtin>.super
[function]
[call site]
00130
jwt_credentials.refresh
[function]
[call site]
00131
google.oauth2._client.call_iam_generate_id_token_endpoint
[function]
[call site]
00132
google.oauth2._client._token_endpoint_request
[function]
[call site]
00133
google.oauth2._client._token_endpoint_request_no_throw
[function]
[call site]
00134
google.auth._exponential_backoff.ExponentialBackoff.__iter__
[function]
[call site]
00135
google.auth._exponential_backoff.ExponentialBackoff.__next__
[function]
[call site]
00136
json.dumps
[function]
[call site]
00137
urllib.parse.urlencode
[function]
[call site]
00138
headers_to_use.update
[function]
[call site]
00139
google.auth._exponential_backoff.ExponentialBackoff.__init__
[function]
[call site]
00140
response.data.decode
[function]
[call site]
00141
<builtin>.hasattr
[function]
[call site]
00142
json.loads
[function]
[call site]
00143
google.oauth2._client._can_retry
[function]
[call site]
00144
response_data.get
[function]
[call site]
00145
response_data.get
[function]
[call site]
00146
<builtin>.isinstance
[function]
[call site]
00147
<builtin>.isinstance
[function]
[call site]
00148
<builtin>.any
[function]
[call site]
00149
google.oauth2._client._handle_error_response
[function]
[call site]
00150
<builtin>.isinstance
[function]
[call site]
00151
response_data.get
[function]
[call site]
00152
json.dumps
[function]
[call site]
00153
iam_id_token_endpoint.replace
[function]
[call site]
00154
google.auth.exceptions.GoogleAuthError.__init__
[function]
[call site]
00155
<builtin>.super
[function]
[call site]
00156
kwargs.get
[function]
[call site]
00157
google.auth.jwt.decode
[function]
[call site]
00158
google.auth.jwt._unverified_decode
[function]
[call site]
00159
google.auth._helpers.to_bytes
[function]
[call site]
00160
token.count
[function]
[call site]
00161
token.split
[function]
[call site]
00162
google.auth._helpers.padded_urlsafe_b64decode
[function]
[call site]
00163
google.auth._helpers.to_bytes
[function]
[call site]
00164
<builtin>.len
[function]
[call site]
00165
base64.urlsafe_b64decode
[function]
[call site]
00166
google.auth.jwt._decode_jwt_segment
[function]
[call site]
00167
google.auth._helpers.padded_urlsafe_b64decode
[function]
[call site]
00168
section_bytes.decode
[function]
[call site]
00169
json.loads
[function]
[call site]
00170
google.auth.exceptions.GoogleAuthError.__init__
[function]
[call site]
00171
google.auth.jwt._decode_jwt_segment
[function]
[call site]
00172
<builtin>.isinstance
[function]
[call site]
00173
<builtin>.isinstance
[function]
[call site]
00174
header.get
[function]
[call site]
00175
header.get
[function]
[call site]
00176
<builtin>.isinstance
[function]
[call site]
00177
certs.values
[function]
[call site]
00178
google.auth.crypt.verify_signature
[function]
[call site]
00179
<builtin>.isinstance
[function]
[call site]
00180
verifier_cls.from_string
[function]
[call site]
00181
verifier.verify
[function]
[call site]
00182
google.auth.jwt._verify_iat_and_exp
[function]
[call site]
00183
google.auth._helpers.utcnow
[function]
[call site]
00184
google.auth._helpers.datetime_to_secs
[function]
[call site]
00185
value.utctimetuple
[function]
[call site]
00186
calendar.timegm
[function]
[call site]
00187
payload.get
[function]
[call site]
00188
<builtin>.isinstance
[function]
[call site]
00189
datetime.datetime.utcfromtimestamp
[function]
[call site]
00190
jwt_credentials.token.decode
[function]
[call site]
00191
google.oauth2.service_account.IDTokenCredentials._make_authorization_grant_assertion
[function]
[call site]
00192
google.auth._helpers.utcnow
[function]
[call site]
00193
datetime.timedelta
[function]
[call site]
00194
google.auth._helpers.datetime_to_secs
[function]
[call site]
00195
google.auth._helpers.datetime_to_secs
[function]
[call site]
00196
payload.update
[function]
[call site]
00197
google.auth.jwt.encode
[function]
[call site]
00198
google.oauth2._client.id_token_jwt_grant
[function]
[call site]
00199
google.oauth2._client._token_endpoint_request
[function]
[call site]
00200
google.auth.metrics.token_request_id_token_sa_assertion
[function]
[call site]
00201
google.auth.metrics.python_and_auth_lib_version
[function]
[call site]
00202
google.auth.exceptions.GoogleAuthError.__init__
[function]
[call site]
00203
google.auth.jwt.decode
[function]
[call site]
00204
datetime.datetime.utcfromtimestamp
[function]
[call site]
00205
google.oauth2.gdch_credentials.ServiceAccountCredentials.refresh
[function]
[call site]
00206
<builtin>.isinstance
[function]
[call site]
00207
google.oauth2.gdch_credentials.ServiceAccountCredentials._create_jwt
[function]
[call site]
00208
google.auth._helpers.utcnow
[function]
[call site]
00209
google.auth._helpers.datetime_to_secs
[function]
[call site]
00210
google.auth._helpers.datetime_to_secs
[function]
[call site]
00211
google.auth.jwt.encode
[function]
[call site]
00212
google.auth._helpers.from_bytes
[function]
[call site]
00213
google.oauth2._client._token_endpoint_request
[function]
[call site]
00214
google.oauth2._client._handle_refresh_grant_response
[function]
[call site]
00215
google.auth.exceptions.GoogleAuthError.__init__
[function]
[call site]
00216
response_data.get
[function]
[call site]
00217
google.oauth2._client._parse_expiry
[function]
[call site]
00218
response_data.get
[function]
[call site]
00219
<builtin>.isinstance
[function]
[call site]
00220
<builtin>.int
[function]
[call site]
00221
google.auth._helpers.utcnow
[function]
[call site]
00222
datetime.timedelta
[function]
[call site]
00223
google.auth.impersonated_credentials.IDTokenCredentials.refresh
[function]
[call site]
00224
iam._IAM_IDTOKEN_ENDPOINT.replace
[function]
[call site]
00225
google.auth.metrics.token_request_id_token_impersonate
[function]
[call site]
00226
google.auth.metrics.python_and_auth_lib_version
[function]
[call site]
00227
google.auth.transport.requests.AuthorizedSession.__init__
[function]
[call site]
00228
<builtin>.super
[function]
[call site]
00229
requests.Session
[function]
[call site]
00230
requests.adapters.HTTPAdapter
[function]
[call site]
00231
google.auth.transport.requests.Request.__init__
[function]
[call site]
00232
requests.Session
[function]
[call site]
00233
<builtin>.isinstance
[function]
[call site]
00234
requests.Session.post
[function]
[call site]
00235
json.dumps
[function]
[call site]
00236
google.auth.transport.requests.AuthorizedSession.close
[function]
[call site]
00237
<builtin>.super
[function]
[call site]
00238
response.json
[function]
[call site]
00239
datetime.datetime.utcfromtimestamp
[function]
[call site]
00240
google.auth.jwt.decode
[function]
[call site]
00241
google.oauth2.credentials.Credentials.refresh
[function]
[call site]
00242
google.oauth2.credentials.Credentials.refresh_handler
[function]
[call site]
00243
<builtin>.callable
[function]
[call site]
00244
<builtin>.isinstance
[function]
[call site]
00245
<builtin>.isinstance
[function]
[call site]
00246
google.auth._helpers.utcnow
[function]
[call site]
00247
google.oauth2.reauth.refresh_grant
[function]
[call site]
00248
google.auth.metrics.token_request_user
[function]
[call site]
00249
google.auth.metrics.python_and_auth_lib_version
[function]
[call site]
00250
google.oauth2._client._token_endpoint_request_no_throw
[function]
[call site]
00251
<builtin>.isinstance
[function]
[call site]
00252
response_data.get
[function]
[call site]
00253
response_data.get
[function]
[call site]
00254
response_data.get
[function]
[call site]
00255
google.oauth2.reauth.get_rapt_token
[function]
[call site]
00256
sys.stderr.write
[function]
[call site]
00257
google.oauth2._client.refresh_grant
[function]
[call site]
00258
google.oauth2._client._token_endpoint_request
[function]
[call site]
00259
google.oauth2._client._handle_refresh_grant_response
[function]
[call site]
00260
google.oauth2.reauth._obtain_rapt
[function]
[call site]
00261
google.oauth2.reauth._get_challenges
[function]
[call site]
00262
google.auth.metrics.reauth_start
[function]
[call site]
00263
google.auth.metrics.python_and_auth_lib_version
[function]
[call site]
00264
google.oauth2._client._token_endpoint_request
[function]
[call site]
00265
challenges.AVAILABLE_CHALLENGES.keys
[function]
[call site]
00266
<builtin>.list
[function]
[call site]
00267
<builtin>.range
[function]
[call site]
00268
google.oauth2.reauth.is_interactive
[function]
[call site]
00269
sys.stdin.isatty
[function]
[call site]
00270
google.oauth2.reauth._run_next_challenge
[function]
[call site]
00271
challenges.AVAILABLE_CHALLENGES.get
[function]
[call site]
00272
c.obtain_challenge_input
[function]
[call site]
00273
google.oauth2.reauth._send_challenge_result
[function]
[call site]
00274
google.auth.metrics.reauth_continue
[function]
[call site]
00275
google.auth.metrics.python_and_auth_lib_version
[function]
[call site]
00276
google.oauth2._client._token_endpoint_request
[function]
[call site]
00277
sys.stderr.write
[function]
[call site]
00278
google.oauth2._client._token_endpoint_request_no_throw
[function]
[call site]
00279
google.oauth2._client._handle_error_response
[function]
[call site]
00280
google.oauth2._client._handle_refresh_grant_response
[function]
[call site]
00281
grant_response.get
[function]
[call site]
00282
<builtin>.frozenset
[function]
[call site]
00283
<builtin>.frozenset
[function]
[call site]
00284
_LOGGER.warning
[function]
[call site]
00285
google.auth._refresh_worker.RefreshThreadManager.clear_error
[function]
[call site]
00286
google.auth.credentials.Credentials._blocking_refresh
[function]
[call site]
00287
google.auth.external_account_authorized_user.Credentials.refresh
[function]
[call site]
00288
google.auth.app_engine.Credentials.refresh
[function]
[call site]
00289
google.auth.external_account.Credentials.refresh
[function]
[call site]
00290
google.auth.api_key.Credentials.refresh
[function]
[call site]
00291
google.oauth2.service_account.IDTokenCredentials.refresh
[function]
[call site]
00292
google.oauth2.gdch_credentials.ServiceAccountCredentials.refresh
[function]
[call site]
00293
google.auth.impersonated_credentials.IDTokenCredentials.refresh
[function]
[call site]
00294
google.oauth2.credentials.Credentials.refresh
[function]
[call site]
00295
google.auth.credentials.Credentials._metric_header_for_usage
[function]
[call site]
00296
google.auth.impersonated_credentials.Credentials._metric_header_for_usage
[function]
[call site]
00297
google.auth.compute_engine.credentials.Credentials._metric_header_for_usage
[function]
[call site]
00298
google.oauth2.credentials.Credentials._metric_header_for_usage
[function]
[call site]
00299
google.oauth2.service_account.Credentials._metric_header_for_usage
[function]
[call site]
00300
google.oauth2.service_account.Credentials._use_self_signed_jwt
[function]
[call site]
00301
google.auth.metrics.add_metric_header
[function]
[call site]
00302
google.auth.api_key.Credentials.apply
[function]
[call site]
00303
google.auth.api_key.Credentials.before_request
[function]
[call site]
00304
google.auth.api_key.Credentials.apply
[function]
[call site]
00305
response.data.decode
[function]
[call site]
00306
json.loads
[function]
[call site]
00307
base64.b64decode
[function]
[call site]
00308
google.auth._helpers.unpadded_urlsafe_b64encode
[function]
[call site]
00309
segments.append
[function]
[call site]
00310
google.auth.jwt.decode
[function]
[call site]
00311