FuzzAttackerHTTP fuzzes valid HTTP responses to attacker.
(fuzz []byte)
| 70 | |
| 71 | // FuzzAttackerHTTP fuzzes valid HTTP responses to attacker. |
| 72 | func FuzzAttackerHTTP(fuzz []byte) int { |
| 73 | // Decode response |
| 74 | code, headers, body, ok := decodeFuzzResponse(fuzz) |
| 75 | if !ok { |
| 76 | return -1 |
| 77 | } |
| 78 | |
| 79 | // Start server |
| 80 | directory, err := os.MkdirTemp("/tmp", "fuzz") |
| 81 | if err != nil { |
| 82 | panic(err.Error()) |
| 83 | } |
| 84 | socket := fmt.Sprintf("%s/attacker.sock", directory) |
| 85 | listener, err := net.Listen("unix", socket) |
| 86 | if err != nil { |
| 87 | panic(err.Error()) |
| 88 | } |
| 89 | handler := func(response http.ResponseWriter, request *http.Request) { |
| 90 | for name, values := range headers { |
| 91 | for _, value := range values { |
| 92 | response.Header().Add(name, value) |
| 93 | } |
| 94 | } |
| 95 | response.WriteHeader(int(code)) |
| 96 | _, err := response.Write(body) |
| 97 | if err != nil { |
| 98 | panic(err.Error()) |
| 99 | } |
| 100 | } |
| 101 | server := http.Server{ |
| 102 | Handler: http.HandlerFunc(handler), |
| 103 | } |
| 104 | defer server.Close() |
| 105 | defer listener.Close() |
| 106 | defer os.RemoveAll(directory) |
| 107 | go server.Serve(listener) |
| 108 | |
| 109 | // Setup targeter |
| 110 | targeter := Targeter(func(target *Target) error { |
| 111 | target.Method = "GET" |
| 112 | target.URL = "http://vegeta.test" |
| 113 | return nil |
| 114 | }) |
| 115 | |
| 116 | // Deliver a single hit |
| 117 | attacker := NewAttacker( |
| 118 | UnixSocket(socket), |
| 119 | Workers(1), |
| 120 | MaxWorkers(1), |
| 121 | Timeout(time.Second), |
| 122 | KeepAlive(false), |
| 123 | ) |
| 124 | result := attacker.hit(targeter, "fuzz") |
| 125 | if result.Error != "" { |
| 126 | return 0 |
| 127 | } |
| 128 | return 1 |
| 129 | } |
nothing calls this directly
no test coverage detected