Search

CN-122019365-A - Method and device for generating fuzzy test case, electronic equipment and storage medium

CN122019365ACN 122019365 ACN122019365 ACN 122019365ACN-122019365-A

Abstract

The invention provides a method and a device for generating a fuzzy test case, electronic equipment and a storage medium, and relates to the technical field of computers. The method for generating the fuzzy test cases comprises the steps of obtaining a grammar model of a program to be tested, building a first test case grammar tree according to the grammar model, wherein each node of the first test case grammar tree corresponds to one target input data of the program to be tested, the value of the node is a legal example of the target input data, determining the target node of the first test case grammar tree, converting the legal example of the target node into a variant example to obtain a second test case grammar tree, and obtaining a fuzzy test case queue of the program to be tested according to the second test case grammar tree so as to execute fuzzy test on the program to be tested based on the fuzzy test case queue. The invention can efficiently generate the high-value fuzzy test case.

Inventors

  • ZHANG LI

Assignees

  • 青岛海尔科技有限公司
  • 海尔优家智能科技(北京)有限公司
  • 海尔智家股份有限公司

Dates

Publication Date
20260512
Application Date
20251225

Claims (10)

  1. 1. The method for generating the fuzzy test case is characterized by comprising the following steps of: The method comprises the steps of obtaining a grammar model of a program to be tested, wherein the grammar model is used for describing grammar constraints of structured fields in input data of targets of the program to be tested; Establishing a first test case grammar tree according to the grammar model, wherein each node of the first test case grammar tree corresponds to one target input data of the program to be tested, and the value of the node is a legal instance of the target input data; determining a target node of the first test case grammar tree, and converting legal examples of the target node into variant examples to obtain a second test case grammar tree; And obtaining a fuzzy test case queue of the program to be tested according to the second test case grammar tree so as to execute fuzzy test on the program to be tested based on the fuzzy test case queue.
  2. 2. The method for generating fuzzy test cases of claim 1, wherein the obtaining a grammar model of a program under test comprises: Defining a field structure of each target input data of the program to be tested by using a structured data language; And generating the grammar model based on grammar constraint of field structure of the target input data of the program to be tested described by the generating rule.
  3. 3. The method for generating fuzzy test cases of claim 2, wherein the creating a first test case grammar tree according to the grammar model comprises: obtaining the structure and grammar constraint of a root rule from the grammar model, wherein the root rule comprises a sub-rule; obtaining the structure and grammar constraint of each sub-rule from the grammar model in a recursion mode; determining each node of the first test case grammar tree according to the structure of the root rule and the structure of each sub-rule; And generating legal examples for each node of the first test case grammar tree according to the grammar constraint of the root rule and the grammar constraint of each sub-rule.
  4. 4. A method of generating fuzzy test cases according to any one of claims 1 to 3, wherein determining a target node of the first test case syntax tree comprises: at least one node is randomly selected from the nodes of the first test case grammar tree as a target node.
  5. 5. The method for generating a fuzzy test case according to claim 4, wherein the grammar model includes variation strategy type information corresponding to structured fields in each target input data of the program to be tested; the step of converting the legal instance of the target node into a variant instance to obtain a second test case grammar tree comprises the following steps: obtaining a variation strategy type corresponding to the target node from the grammar model; obtaining a variation strategy list from a strategy library according to the variation strategy type corresponding to the target node; Randomly selecting a variation strategy from the strategy list; according to the mutation strategy, obtaining a mutation instance corresponding to the mutation strategy from the strategy library; And replacing the legal instance of the target node by using the variant instance.
  6. 6. The method for generating a fuzzy test case according to claim 1, wherein the obtaining the fuzzy test case queue of the program to be tested according to the second test case syntax tree includes: and obtaining a combination of a plurality of legal examples and variation examples from each node of the second test case grammar tree to obtain the fuzzy test case queue.
  7. 7. The utility model provides a generating device of fuzzy test case which characterized in that includes: The system comprises a first acquisition module, a first test module and a second acquisition module, wherein the first acquisition module is used for acquiring a grammar model of a program to be tested, and the grammar model is used for describing grammar constraints of structured fields in input data of targets of the program to be tested; The system comprises a grammar model, a building module, a first test case grammar tree, a second test case grammar tree and a test program, wherein the grammar model is used for building the first test case grammar tree according to the grammar model, each node of the first test case grammar tree corresponds to one target input data of the program to be tested, and the value of the node is a legal instance of the target input data; The conversion module is used for determining a target node of the first test case grammar tree, converting a legal instance of the target node into a variant instance and obtaining a second test case grammar tree; The second obtaining module is configured to obtain a fuzzy test case queue of the program to be tested according to the second test case syntax tree, so as to execute a fuzzy test for the program to be tested based on the fuzzy test case queue.
  8. 8. An electronic device comprising a memory, a processor and a computer program stored on the memory and running on the processor, wherein the processor implements the method of generating fuzzy test cases of any of claims 1 to 6 when the computer program is executed by the processor.
  9. 9. A non-transitory computer readable storage medium having stored thereon a computer program, wherein the computer program when executed by a processor implements the method of generating fuzzy test cases of any of claims 1 to 6.
  10. 10. A computer program product comprising a computer program which, when executed by a processor, implements a method of generating fuzzy test cases according to any one of claims 1 to 6.

Description

Method and device for generating fuzzy test case, electronic equipment and storage medium Technical Field The present invention relates to the field of computer technologies, and in particular, to a method and apparatus for generating a fuzzy test case, an electronic device, and a storage medium. Background In the field of software safety and quality assurance, fuzzy test plays an irreplaceable role as a key technology. The method comprises the steps of injecting a large amount of abnormal, random or malformed input data into a target program, and monitoring the running state of the program, such as whether breakdown, assertion failure, memory leakage and the like occur, so that various hidden holes in the target program are discovered. Along with the increasing complexity of software systems, the code scale is continuously enlarged, the functional logic is also increasingly complex, and the traditional fuzzy test method gradually exposes various limitations when facing increasingly complex software systems, so that the requirements of modern software security tests are difficult to meet. For example, some related technologies generate test cases with low effectiveness, many cases are rejected at the entrance of the target program and cannot go deep into the core processing logic of the test program, some related technologies have insufficient test depth and vulnerability discovery capability, high-value test cases capable of triggering deep code paths, complex boundary conditions and semantic logic vulnerabilities are difficult to generate efficiently, and other related technologies have poor universality and expandability, and when testing is performed for different protocols, file formats or API interfaces, special test generators need to be written for each new target, so that the cost is high, time and labor are wasted. Therefore, how to efficiently generate high-value fuzzy test cases is a technical problem to be solved. Disclosure of Invention The invention provides a method, a device, electronic equipment and a storage medium for generating a fuzzy test case, which are used for solving the defects in the prior art and efficiently generating the high-value fuzzy test case. The invention provides a method for generating a fuzzy test case, which comprises the following steps. The method comprises the steps of obtaining a grammar model of a program to be tested, wherein the grammar model is used for describing grammar constraints of structured fields in target input data of the program to be tested, establishing a first test case grammar tree according to the grammar model, wherein each node of the first test case grammar tree corresponds to one target input data of the program to be tested, the value of the node is a legal instance of the target input data, determining the target node of the first test case grammar tree, converting the legal instance of the target node into a variant instance to obtain a second test case grammar tree, obtaining a fuzzy test case queue of the program to be tested according to the second test case grammar tree, and executing fuzzy test on the program to be tested based on the fuzzy test case queue. The method for generating the fuzzy test case comprises the steps of defining a field structure of each target input data of a program to be tested by using a structured data language, and generating the grammar model based on grammar constraint of field structure of each target input data of the program to be tested described by a generating rule. The method for generating the fuzzy test case comprises the steps of obtaining a structure and grammar constraint of a root rule from a grammar model, obtaining the structure and grammar constraint of each sub-rule from the grammar model in a recursion mode, determining each node of the first test case grammar tree according to the structure and the structure of each sub-rule, and generating legal examples for each node of the first test case grammar tree according to the grammar constraint of the root rule and the grammar constraint of each sub-rule. According to the method for generating the fuzzy test case, the target node of the first test case grammar tree is determined, and at least one node is randomly selected from all nodes of the first test case grammar tree to serve as the target node. According to the method for generating the fuzzy test case provided by the invention, the grammar model comprises variation strategy type information corresponding to the structured field in each target input data of the program to be tested; the method comprises the steps of converting legal examples of a target node into variant examples to obtain a second test case grammar tree, obtaining variant strategy types corresponding to the target node from the grammar model, obtaining a variant strategy list from a strategy base according to the variant strategy types corresponding to the target node, randomly selecting one variant strategy from