New issue
Advanced search Search tips

Issue 602418 link

Starred by 2 users

Issue metadata

Status: Untriaged
Owner: ----
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug

Blocking:
issue 599523



Sign in to add a comment

Fuzz HttpCache::Transaction

Project Member Reported by mmenke@chromium.org, Apr 11 2016

Issue description

We should fuzz HttpCache::Transaction, with a mock HttpTransaction.  Exploring multiple paths trough this code gets complicated.  I'd suggest requesting teh same resource twice:  Split the input into two HTTP responses, and then requesting the resource twice, and use the second part of the input (If there is one) for the second HTTP responses.  Can fuzz the headers, content of, length, and number of reads.

I'd think we'd want to either run each fuzzer with the 3 cache implementations, or have three fuzzers, one using each implementation.  Alternatively, we could mock out the cache - haven't really thought about it.

May also be worth writing a second fuzzer that uses range requests, though I'm less familiar with that.
 

Sign in to add a comment