/// <summary>
/// Loads library and configure it with the ruleset file
/// </summary>
/// <param name="rulesFile">can be null, means use rules embedded in the manifest </param>
/// <returns>the waf wrapper around waf native</returns>
internal static Waf Create(string rulesFile = null)
{
var libraryHandle = LibraryLoader.LoadAndGetHandle();
if (libraryHandle == IntPtr.Zero)
{
return(null);
}
var wafNative = new WafNative(libraryHandle);
var encoder = new Encoder(wafNative);
var ruleHandle = WafConfigurator.Configure(rulesFile, wafNative, encoder);
return(ruleHandle == null ? null : new Waf(ruleHandle.Value, wafNative, encoder));
}
public void LetsFuzz()
{
// if we don't throw any exceptions and generate a valid object the the test is successful
var libraryHandle = LibraryLoader.LoadAndGetHandle();
var wafNative = new WafNative(libraryHandle);
var encoder = new AppSec.Waf.Encoder(wafNative);
var jsonGenerator = new JsonGenerator();
var errorOccured = false;
for (int i = 0; i < 100; i++)
{
var buffer = jsonGenerator.GenerateJsonBuffer();
try
{
using var memoryStream = new MemoryStream(buffer.Array, buffer.Offset, buffer.Count, false);
using var streamReader = new StreamReader(memoryStream);
using var jsonReader = new JsonTextReader(streamReader);
var root = JToken.ReadFrom(jsonReader);
var l = new List <Obj>();
using var result = encoder.Encode(root, l);
// check the object is valid
Assert.NotEqual(ObjType.Invalid, result.ArgsType);
l.ForEach(x => x.Dispose());
}
catch (Exception ex)
{
errorOccured = true;
_outputHelper.WriteLine($"Error occured on run '{i}' parsing json: {ex}");
_outputHelper.WriteLine("Json causing the error was:");
ViewJson(buffer);
}
}
Assert.False(errorOccured);
}