-
Notifications
You must be signed in to change notification settings - Fork 71
Expand file tree
/
Copy pathCliArgExecutableTestCaseInput.java
More file actions
130 lines (116 loc) · 4.72 KB
/
CliArgExecutableTestCaseInput.java
File metadata and controls
130 lines (116 loc) · 4.72 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
/**
* OWASP Benchmark Project
*
* <p>This file is part of the Open Web Application Security Project (OWASP) Benchmark Project For
* details, please see <a
* href="https://owasp.org/www-project-benchmark/">https://owasp.org/www-project-benchmark/</a>.
*
* <p>The OWASP Benchmark is free software: you can redistribute it and/or modify it under the terms
* of the GNU General Public License as published by the Free Software Foundation, version 2.
*
* <p>The OWASP Benchmark is distributed in the hope that it will be useful, but WITHOUT ANY
* WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
* PURPOSE. See the GNU General Public License for more details.
*
* @author David Anderson
* @created 2024
*/
package org.owasp.benchmarkutils.entities;
import java.util.ArrayList;
import java.util.List;
import javax.validation.constraints.NotNull;
import javax.xml.bind.Marshaller;
import javax.xml.bind.Unmarshaller;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlElementWrapper;
import org.eclipse.persistence.oxm.annotations.XmlDiscriminatorValue;
@XmlDiscriminatorValue("CliArg")
// @XmlType(name = "CliArgExecutableTestCaseInput")
public class CliArgExecutableTestCaseInput extends ExecutableTestCaseInput {
List<RequestVariable> args;
void beforeMarshal(Marshaller marshaller) {
// System.out.println("Before marshal");
if (args != null && args.isEmpty()) args = null;
}
void afterUnmarshal(Unmarshaller unmarshaller, Object parent) {
// System.out.println("After unmarshal");
if (args == null) args = new ArrayList<RequestVariable>();
}
@XmlElementWrapper(name = "args")
@XmlElement(name = "arg", required = true)
@NotNull
public List<RequestVariable> getArgs() {
return args;
}
public void setArgs(List<RequestVariable> args) {
// Copy the given list so setSafe() does not affect other CliArgExecutableTestCaseInput
// objects.
this.args = new ArrayList<>(args);
}
public void addArg(RequestVariable arg) {
if (this.args == null) {
this.args = new ArrayList<>();
}
this.args.add(arg);
}
public CliRequest buildAttackRequest() {
// ArrayList<String> executeArgs = new ArrayList<>();
// // FIXME: This will break if the command string has arguments that contain spaces.
// executeArgs.addAll(Arrays.asList(getCommand().split(" ")));
// executeArgs.addAll(getArgs());
ArrayList<RequestVariable> argsCopy = new ArrayList<>();
for (RequestVariable arg : args) {
RequestVariable argCopy = new RequestVariable(arg);
argCopy.setSafe(false);
argsCopy.add(argCopy);
}
return new CliRequest(getCommand(), argsCopy, null);
}
public CliRequest buildSafeRequest() {
ArrayList<RequestVariable> argsCopy = new ArrayList<>();
for (RequestVariable arg : args) {
RequestVariable argCopy = new RequestVariable(arg);
argCopy.setSafe(true);
argsCopy.add(argCopy);
}
return new CliRequest(getCommand(), argsCopy, null);
}
public void setSafe(boolean isSafe) {
// this.isSafe = isSafe;
for (RequestVariable arg : getArgs()) {
// setSafe() considers whether attack and safe values exist for this parameter before
// setting isSafe true or false. So you don't have to check that here.
arg.setSafe(isSafe);
}
}
// @Override
// public String toString() {
// return this.getClass().getSimpleName() + " [args=" + getArgs() + "]";
// }
@Override
public String toString() {
return this.getClass().getSimpleName()
+ "["
+ "command="
+ getCommand()
+ ", args="
+ getArgs()
+ "]";
}
// public void execute() {
// List<String> executeArgs = Arrays.asList(getCommand());
//
// // crawlArgs.extend([arg1])
// // child = pexpect.spawn("python", cwd=TEST_SUITE_DIR, args=crawlArgs)
// // child.logfile = sys.stdout
// // child.expect(pexpect.EOF)
// // child.close()
// // print("Return code: %d" % child.exitstatus)
//
// executeArgs.add(getPayload());
// ProcessBuilder builder = new ProcessBuilder(executeArgs);
// final Process process = builder.start();
// int exitValue = process.waitFor();
// System.out.printf("Program terminated with return code: %s%n", exitValue);
// }
}