The Scientific World Journal

Research Article

An Approach of Vulnerability Testing for Third-Party Component Based on Condition and Parameter Mutation

Table 2

Mutation operators of parameters of different types.
ID.OperatorBrief descriptionCases
01PSNSet the value of a nullable parameter to be NullSet the value of a parameter whose value can be Null, such as, String a = Null; object b = Null;
02IPOInsert Parameter Operator into the value assigned to the parameterInsert absolute value symbol or unary operator(++, ,−,~) into the value assigned to the parameter
03PFBParameter Flip BitFlip the value or flip the value of a bit
04IIVInteger Irregular Value0, ±(1, , 28, , , 216, , , 232, , , 264, )
05FIVFloat Irregular Value0, ±(1, , , , , , )
06CIVChar Irregular Value‘A’, ‘Z’, null, ‘a’, ‘z’, ‘ ’, ‘{ ’, ‘ ’, ‘ ’, ‘ n’, ‘ 0’, ‘ s’, ‘ d’
07BIVBoolean Irregular ValueCorrect, Incorrect, Tru, Fal, −1, 1
08RSVRandom String ValueEscape character string“ e n r d x s”, “ xff xfe x00 x01 x42 xb5 nnnn h9cc...”
09LSVLong String ValueGenerate String(int n) such as:
“AAA……(256)”, “AAA……(1024)”, “AAA…(15000)”
10FSVFormat the Value of String“%n %n……(256 chars)”, “%s %s……(1024 chars)”
11DSVthe Value of Directory String“..”, “../”, “..//”, “/..//AAA…”
12USVURL and Value of File Path String“http://dddddddeeeeerrttttt”, “C://sytem32//Notepad.exe”, “H: ABC killvirus.ese”, “D: AA.exeexe”
13CSVthe Value of Command String“;cmd.exe/c dir”, “del *.* /s”
14SSISQL String Injection“a or 1 = 1”, “delete”, “drop table users”
15CSSCross Site Scripting“<script>alert(document location);</script>”
16PIVPointer Irregular ValueNull, −1, the pointer pointing to freed memory or to the end of the allocated memory
17AIVArray Irregular ValueChange the order of array elements into ascending, descending, or disorder order; change the value of array element to ± (maximum − 1, maximum + 1, maximum, minimum, minimum + 1, and minimum − 1); set the index of the array to (the length of array) ± 1
18SIVStructure Irregular ValueSet members of a structure to boundary values; Set every member to irregular values according to the member’s type