Random Sqlalchemy Query Generator
Project description
SQLFuzz: Random SQLAlchemy Query Generator
sqlfuzz is a random SQLAlchemy query generator for DBMS fuzzing toolchains. sqlfuzz improves upon other random query generators, such as sqlsmith, by leveraging SQLAlchemy's ability to compile the same query for different DBMS dialects. For example, sqlfuzz allows us to easily test the queries that triggers bugs in Postgres to other DBMSs such as MySQL, MariaDB, Sqlite, etc. sqlfuzz can target any dialects that SQLAlchemy supports.
Install
$ pip3 install sqlfuzz
Usage
Quick Start
import json
from sqlfuzz.fuzz import Fuzz
f = open("./path/to/probability/conf.json")
prob_conf = json.load(f)
connection_string = "postgresql+psycopg2://{user}:{password}@{host}:{port}/{dbname}"
fuzz = Fuzz(prob_conf, connection_string)
queries = fuzz.gen_orm_queries(count=10)
Probability Configuration
Probability of the fuzzer chosing to generate a query with following clauses (range: 0-1000)
{
'order': 500,
'limit': 500,
'group': 500,
'left': 500,
'inner': 500,
'full': 500,
'scalar': 500,
'true': 500,
'func_expr': 500,
'literal_column': 500,
'distinct': 500,
'set': 500,
'offset': 500,
'simple': 500,
'window': 500,
'extractyear': 500,
'extractmonth': 500,
'subquery': 500,
'nested': 500
}
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
sqlfuzz-0.13.4.tar.gz
(18.0 kB
view details)
File details
Details for the file sqlfuzz-0.13.4.tar.gz.
File metadata
- Download URL: sqlfuzz-0.13.4.tar.gz
- Upload date:
- Size: 18.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.10.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | cc02744da33eed198db1585c419051e5d5d8f658e7334800c4ad09935dd94672 |
|
| MD5 | 4b879b99bd3dbb7d9384f16bd8245c61 |
|
| BLAKE2b-256 | 7252631ac1a667dfec7267abfc304384df7151de5cc81b9595968f102aebab71 |
