|
|
Automated Generation of Tests for GNOME GUI Applications Using AT-SPI Metadata
Krajňák, Martin ; Smrčka, Aleš (oponent) ; Vojnar, Tomáš (vedoucí práce)
The goal of this work is the development of a tool capable of automatic test generation for GUI applications in the GNOME desktop environment. The tests are generated using metadata provided by the assistive technologies, specifically the AT-SPI. The proposed test generator utilizes the given metadata to create a model of a tested application. The model maps the event sequences that are applied on the tested application during the test generation process. The generation process involves the detection of severe bugs in the tested application. The results of the test generation process are automated test cases suitable for regression testing. The functionality of the implemented test generator was successfully verified by testing 5 open-source applications. The testing of applications performed by the proposed tool has proven the ability to reveal new bugs.
|
|
|
Fuzz Testing of REST API
Segedy, Patrik ; Rogalewicz, Adam (oponent) ; Malík, Viktor (vedoucí práce)
This thesis is dealing with fuzz testing of REST API. After presenting state-of-the-art of fuzzing and assessing the current research regarding REST API fuzz testing, we design and implement our REST API fuzzer. The proposed fuzzer infers dependencies of API calls defined in an OpenAPI specification and makes the fuzzing stateful. One of the features is minimization of the number of successive 404 responses while maintaining exploration of a deeper state space of a tested application. To solve the exploration vs. exploitation problem, we used the ordering of dependencies maximizing the probability of obtaining a needed input values and determining of fuzzability of a required parameters. The implementation is an enhancement of the Schemathesis project that is using the Hypothesis library to randomly generate inputs. Our fuzzer is evaluated against the Red Hat Insights application, finding 32 bugs. Amid them, one bug is reproducible only by a stateful set of steps.
|
|
|
Automated Generation of Tests for GNOME GUI Applications Using AT-SPI Metadata
Krajňák, Martin ; Smrčka, Aleš (oponent) ; Vojnar, Tomáš (vedoucí práce)
The goal of this work is the development of a tool capable of automatic test generation for GUI applications in the GNOME desktop environment. The tests are generated using metadata provided by the assistive technologies, specifically the AT-SPI. The proposed test generator utilizes the given metadata to create a model of a tested application. The model maps the event sequences that are applied on the tested application during the test generation process. The generation process involves the detection of severe bugs in the tested application. The results of the test generation process are automated test cases suitable for regression testing. The functionality of the implemented test generator was successfully verified by testing 5 open-source applications. The testing of applications performed by the proposed tool has proven the ability to reveal new bugs.
|
|
|
Fuzz Testing of REST API
Segedy, Patrik ; Rogalewicz, Adam (oponent) ; Malík, Viktor (vedoucí práce)
This thesis is dealing with fuzz testing of REST API. After presenting state-of-the-art of fuzzing and assessing the current research regarding REST API fuzz testing, we design and implement our REST API fuzzer. The proposed fuzzer infers dependencies of API calls defined in an OpenAPI specification and makes the fuzzing stateful. One of the features is minimization of the number of successive 404 responses while maintaining exploration of a deeper state space of a tested application. To solve the exploration vs. exploitation problem, we used the ordering of dependencies maximizing the probability of obtaining a needed input values and determining of fuzzability of a required parameters. The implementation is an enhancement of the Schemathesis project that is using the Hypothesis library to randomly generate inputs. Our fuzzer is evaluated against the Red Hat Insights application, finding 32 bugs. Amid them, one bug is reproducible only by a stateful set of steps.
|
host ::
RSS.