Code Coverage Summary:
CGI Decoder Explanation
cgi_decode()function is introduced:
hex_valuesto map hexadecimal characters to integer values.
def cgi_decode(s: str) -> str: # ... [code as provided] ... return t
cgi_decode("Hello+world") # Outputs: 'Hello world'
a. Black-Box Testing:
b. White-Box Testing:
cgi_decode()as an example:
if c == '+'.
if c == '%'- valid and invalid input.
sys.settrace(f)function can define a tracing function
f()that's called for every line executed, making it ideal for dynamic analysis.
sys.settrace()to trace the execution of
coverageto store line numbers that were executed.
traceitfunction captures the line numbers when the event is "line".
cgi_decode("a+b"), the lines of execution can be observed.
withstatement in Python for more elegant coverage tracking.
with Coverage() as cov: function_to_be_traced() c = cov.coverage()
__init__: Constructor initializes a trace list.
traceit: Tracing function that captures the function name and line number of every executed line.
__enter__: Method called at the start of the
withblock; turns on tracing.
__exit__: Method called at the end of the
withblock; turns off tracing.
trace: Returns a list of executed lines as
coverage: Returns a set of executed lines.
function_names: Returns the set of function names that were covered.
__repr__: String representation of the object, showing covered and uncovered code.
Key Code Snippets:
Setting up trace:
sys.settrace(traceit) # Turn on cgi_decode(s) sys.settrace(None) # Turn off
def traceit(frame: FrameType, event: str, arg: Any) -> Optional[Callable]: if event == 'line': global coverage function_name = frame.f_code.co_name lineno = frame.f_lineno coverage.append(lineno) return traceit
Coverage class setup:
class Coverage: ...
cgi_decode()decodes CGI-encoded strings, replacing
'+'with a space and
'%xx'with the corresponding character.
cgi_decode()using random inputs.
cgi_decodedecodes CGI-encoded strings.
cgi_decode()function implementation, is presented.
Codes of Interest:
1. The Python function
cgi_decode() for decoding CGI-encoded strings.
2. Set operations to compare coverage of different test cases.
3. Fuzzing the
cgi_decode() function to gauge its coverage.
4. The C program's
cgi_decode function and its associated routines for decoding CGI-encoded strings.
.gcovfiles have each line prefixed with the number of times it was executed.
cgi_decode()function, indicating unexecuted code (
return -1for illegal input).
.gcovfile and retrieve coverage information.
read_gcov_coveragefunction reads a
.gcovfile and constructs a set of tuples representing the file name and line numbers that were executed.
cgi_decode(), one could compare the results from both C and Python implementations.
fuzzer()method reveals an error in
cgi_decode()related to input ending with a '%' character.
cgi_decode()function can crash due to unanticipated input, yet this bug wouldn't be caught by traditional coverage criteria.