CN115048299A - Application program testing method and device, storage medium and electronic equipment - Google Patents

Application program testing method and device, storage medium and electronic equipment Download PDF

Info

Publication number
CN115048299A
CN115048299A CN202210663510.1A CN202210663510A CN115048299A CN 115048299 A CN115048299 A CN 115048299A CN 202210663510 A CN202210663510 A CN 202210663510A CN 115048299 A CN115048299 A CN 115048299A
Authority
CN
China
Prior art keywords
test
program
application program
testing
target
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210663510.1A
Other languages
Chinese (zh)
Inventor
施生燊
钱丹丹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN202210663510.1A priority Critical patent/CN115048299A/en
Publication of CN115048299A publication Critical patent/CN115048299A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3684Test management for test design, e.g. generating new test cases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3688Test management for test execution, e.g. scheduling of test suites
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3692Test management for test results analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Test And Diagnosis Of Digital Computers (AREA)

Abstract

The invention discloses a method and a device for testing an application program, a storage medium and electronic equipment. The method relates to the field of cloud computing, wherein the method comprises the following steps: traversing the application program file set to extract a test program carrying preset identification information to obtain a plurality of test cases; acquiring a target program, a test strategy identifier and a test parameter value of each test case to establish a case value library; based on the case value library, matching the program identifier of the application program to be tested with the test strategy identifier in the case value library to obtain the program parameter value of the target program which is successfully matched; and taking the program parameter value as a test seed to carry out fuzzy test on the application program to be tested. The invention solves the technical problem that the fuzzy test of the application program is carried out by randomly selecting the parameter value, and the capability of hitting the potential defects of the application program is low in the related technology.

Description

Application program testing method and device, storage medium and electronic equipment
Technical Field
The invention relates to the field of cloud computing, in particular to a method and a device for testing an application program, a storage medium and electronic equipment.
Background
In the related art, most of the conventional fuzzy testing frameworks perform fuzzy testing by randomly injecting parameter values of a target method, because the nature of fuzzy testing is random testing, and although the randomly injected parameter values may hit a potential defect of a system, the randomly injected parameter values may still be obtained after being operated for a long time, the reason is that the random testing is mainly due to the following reasons, for example: if there is a target method, it only accepts the parameter value of zero or positive integer, but the random injection always generates the parameter value in the negative number interval or character string, which will result in the series of tests being useless, i.e. the fuzzy test of the application program by randomly selecting the parameter value, the ability of hitting the potential defect of the application program is low.
Fig. 1 is a schematic diagram of random values injected in a fuzz test according to the prior art, as shown in fig. 1, black circles represent parameter value ranges acceptable by a target method, white circles represent random values generated in the fuzz test, 2 circles do not intersect, if the random values are always in the white circles, an exception continues to occur in the test process of the target test method, and the fuzz test work is completely invalid.
Therefore, a technical solution is needed to control the random value or designate some directions when the fuzz test is started, so as to improve the quality and effect of the fuzz test.
In view of the above problems, no effective solution has been proposed.
Disclosure of Invention
The embodiment of the invention provides a method and a device for testing an application program, a storage medium and electronic equipment, which are used for at least solving the technical problem that the potential defects of the application program are low in hit capability when the fuzzy test is performed on the application program in a mode of randomly selecting parameter values in the related technology.
According to an aspect of an embodiment of the present invention, there is provided a method for testing an application program, including: traversing the application program file set to extract a test program carrying preset identification information to obtain a plurality of test cases; acquiring a target program, a test strategy identifier and a test parameter value of each test case to establish a case value library; based on the case value base, matching the program identifier of the application program to be tested with the test strategy identifier in the case value base to obtain the program parameter value of the target program which is successfully matched; and taking the program parameter values as test seeds, and carrying out fuzzy test on the application program to be tested.
Optionally, the step of obtaining the target program, the test policy identifier, and the test parameter value of each test case includes: acquiring a software engineering reflection mechanism for the application program to be tested; and separating each test case in the case value library by adopting the software engineering reflection mechanism to obtain the target program, the test strategy identification and the test parameter value in each test case.
Optionally, the step of performing a fuzzy test on the application program to be tested by using the program parameter value as a test seed includes: and performing variation by taking each program parameter value as a test seed of the fuzzing test to obtain a plurality of test sets, wherein each test set at least comprises: the program parameter value and a plurality of variation parameter values corresponding to the program parameter value; and sequentially injecting the parameter values in each test set into the test method corresponding to the test set, and carrying out fuzzy test on the application program to be tested.
Optionally, the step of sequentially injecting the parameter values in each test set into the test method corresponding to the test set to perform a fuzzy test on the application program to be tested further includes: sequentially injecting parameter values and a plurality of variable parameter values in a target test set into a target test method corresponding to the target test set for testing, wherein the target test set is one of the plurality of test sets; monitoring whether a program abnormity occurs in a test process within a preset time length to obtain a program monitoring state; recording abnormal data under the condition that the program monitoring state indicates that the test process has program abnormality, wherein the abnormal data at least comprises: an abnormal constant, a test mark of the target test method, and a target test seed; and under the condition that the program monitoring state indicates that the test process has no program exception, selecting a next test set from the plurality of test sets to continue executing the step of performing the fuzz test on the application program to be tested.
Optionally, after recording the abnormal data, further comprising: and performing regression testing and data analysis on the application program to be tested according to the abnormal data.
Optionally, the step of performing a regression test on the application program to be tested according to the abnormal data includes: according to the test identification corresponding to the test set in the abnormal data, performing defect repair on the application program to be tested to obtain a repaired application program; and sequentially injecting the parameter values in the target test set into the repair application program, and continuing to perform fuzzy test on the repair application program.
Optionally, the step of performing data analysis on the application program to be tested according to the abnormal data includes: evaluating test result scores of the target test seeds in the anomaly data.
According to another aspect of the embodiments of the present invention, there is also provided an apparatus for testing an application, including: the traversal unit is used for traversing the application program file set to extract the test program carrying the preset identification information to obtain a plurality of test cases; the first processing unit is used for acquiring a target program, a test strategy identifier and a test parameter value of each test case so as to establish a case value library; the second processing unit is used for matching the program identifier of the application program to be tested with the test strategy identifier in the case value base based on the case value base so as to obtain the program parameter value of the target program which is successfully matched; and the testing unit is used for performing fuzzy testing on the application program to be tested by taking the program parameter value as a testing seed.
Optionally, the first processing unit comprises: the acquisition subunit is used for acquiring a software engineering reflection mechanism of the application program to be tested; and the separation subunit is used for separating each test case in the case value library by adopting the software engineering reflection mechanism to obtain the target program, the test strategy identification and the test parameter value in each test case.
Optionally, the test unit comprises: a variation subunit, configured to perform variation on each of the program parameter values as a test seed of the fuzz test, so as to obtain a plurality of test sets, where each of the test sets at least includes: the program parameter value and a plurality of variation parameter values corresponding to the program parameter value; and the testing subunit is used for sequentially injecting the parameter values in each testing set into the testing method corresponding to the testing set, and performing fuzzy testing on the application program to be tested.
Optionally, the test subunit comprises: the system comprises a first testing module, a second testing module and a third testing module, wherein the first testing module is used for sequentially injecting parameter values and a plurality of variation parameter values in a target testing set into a target testing method corresponding to the target testing set for testing, and the target testing set is one of the plurality of testing sets; the detection module is used for monitoring whether the program exception occurs in the test process within the preset time length to obtain a program monitoring state; a recording module, configured to record exception data when the program monitoring state indicates that the test process has a program exception, where the exception data at least includes: an abnormal constant, a test mark of the target test method, and a target test seed; and the second testing module is used for selecting the next testing set from the plurality of testing sets under the condition that the program monitoring state indicates that the testing process has no program exception so as to continuously execute the step of carrying out the fuzz testing on the application program to be tested.
Optionally, the test subunit further comprises: and the processing module is used for performing regression testing and data analysis on the application program to be tested according to the abnormal data after the abnormal data is recorded.
Optionally, the processing module comprises: the repair submodule is used for repairing the defects of the application program to be tested according to the test identification corresponding to the test set in the abnormal data to obtain a repaired application program; and the testing submodule is used for sequentially injecting the parameter values in the target testing set into the repairing application program and continuously carrying out the fuzzy test on the repairing application program.
Optionally, the processing module further comprises: and the evaluation submodule is used for evaluating the test result scores of the target test seeds in the abnormal data.
In the invention, an application program file set is traversed to extract a test program carrying preset identification information to obtain a plurality of test cases, then a case value library is established by obtaining a target program, a test strategy identification and a test parameter value of each test case, then the program identification of the application program to be tested is matched with the test strategy identification in the case value library based on the case value library to obtain a program parameter value of the target program which is successfully matched, and finally the program parameter value is used as a test seed to carry out fuzzy test on the application program to be tested. According to the fuzzy test method and device, the test cases are extracted from the application program file set, the test parameter values of the test cases are used as seeds of the fuzzy test, the fuzzy test is conducted on the application program to be tested, the capability of hitting the potential defects of the application program is improved, the purpose of controlling the parameter value selection direction of the fuzzy test is achieved, and the technical problem that the capability of hitting the potential defects of the application program is low when the fuzzy test is conducted on the application program in a mode of randomly selecting the parameter values in the related technology is solved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:
FIG. 1 is a schematic diagram of a fuzz test injecting random values according to the prior art;
FIG. 2 is a flow chart of a method of fuzz testing according to an embodiment of the present invention;
FIG. 3 is a flow chart of an alternative method of testing an application in accordance with an embodiment of the present invention;
fig. 4 is a flowchart of an alternative UTDD case-based fuzz testing method according to an embodiment of the present invention;
FIG. 5 is a schematic diagram of an alternative application testing apparatus according to an embodiment of the present invention;
fig. 6 is a block diagram of a hardware structure of an electronic device (or a mobile device) according to an application test method according to an embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
In order to facilitate the understanding of the present invention for those skilled in the art, some terms or terms related to the embodiments of the present application are described below:
and (3) fuzzy testing: the method is a method for discovering software bugs by carrying out unexpected input to a target system and monitoring abnormal results in a semi-automatic mode, is commonly used for detecting high-concealment software bugs given by software or a computer system, such as unexpected abnormalities of memory leak, deadlock, stack overflow and the like, and can be used for testing black boxes, gray boxes or white boxes.
Test drive Development, called UTDD for short, is a core practice and technique in agile Development, and is also a design methodology. The core idea is that before functional codes are developed, unit test case codes are written, and the test codes determine what product codes need to be written, so that the core practice of extreme programming is realized.
JUnit is a framework for writing unit test codes in Java programming language, and each Java program normally has a corresponding test class written by using JUnit.
It should be noted that the method and the apparatus for testing an application program in the present disclosure may be used in the process of performing a program test on each software product in the cloud computing field, and may also be used in the process of performing a program test on an application program in any field other than the cloud computing field.
It should be noted that relevant information (including but not limited to user equipment information, user personal information, etc.) and data (including but not limited to data for presentation, analyzed data, etc.) referred to in the present disclosure are information and data that are authorized by the user or sufficiently authorized by various parties. For example, an interface is provided between the system and the relevant user or organization, before obtaining the relevant information, an obtaining request needs to be sent to the user or organization through the interface, and after receiving the consent information fed back by the user or organization, the relevant information is obtained.
The invention can be applied to the test process of various software products, control systems and application programs of clients (including but not limited to mobile clients, PCs and the like) of various financial institutions, and can realize the business contents (including but not limited to business functions of transfer, financing, fund payment, check, advertisement, recommendation and the like) of the financial institutions through the application programs which are installed on the mobile clients and are tested.
In the age of digital informatization, various software products have become ubiquitous. In order to ensure the stability of software product service operation and maintain good image and reputation of companies, each software company improves software quality by using various testing means, such as unit testing, integration testing, process testing, adaptability testing, chaos testing, variation testing and the like. At present, a test method called fuzzy test is gradually popular, and is used by more and more companies/enterprises as a supplement to the traditional test means, and practice also proves that the fuzzy test can find many system defects which are difficult to find by the conventional test, thereby being beneficial to improving the quality of application software. The problem field that the invention can solve includes but is not limited to source code level, namely, each specific software engineering programming (such as java program) is used as a target object, and whether the execution result is abnormal or not is observed by a method in a calling program, so as to realize the robustness test of the software system.
Taking JAVA as an example, a Fuzz test mode is mainly adopted in the Fuzz test, common Fuzz test frames include JFUZZ, JAZZER and the like, when the frames are used, a small amount of test codes need to be written, a target method in a JAVA program is called in the test codes, the entry of the target method completes random injection of parameter values through a Fuzz test engine, each group of random values represents a test case, and then whether the target method generates an exception in operation is observed, wherein the test case may include a target class and may also include a Fuzz test case class taking Fuzz as suffix.
The fuzzy testing process is described below in conjunction with fig. 2.
Fig. 2 is a flowchart of a fuzz testing method according to an embodiment of the present invention, as shown in fig. 2, in the fuzz testing process, a target program is tested by generating a test case, and monitoring a program running state of the target program, and when an abnormality occurs, an abnormal condition is analyzed, and when no abnormality occurs, the target program is continuously tested according to a next generated test case.
The invention extracts the test parameter values in the stock UTDD case as the seeds to carry out the initial value of the fuzzy test, so that the fuzzy test can carry out diffusion variation in a more effective range, thereby avoiding a large number of blind random tests, improving the fuzzy test effect, finding more potential defects of the system and improving the quality of the application program.
The present invention will be described in detail with reference to examples.
Example one
In accordance with an embodiment of the present invention, there is provided an alternative method embodiment for testing an application, it being noted that the steps illustrated in the flowchart of the figure may be performed in a computer system such as a set of computer-executable instructions and that, although a logical order is illustrated in the flowchart, in some cases the steps illustrated or described may be performed in an order different than that illustrated herein.
Fig. 3 is a flowchart of an alternative testing method for an application according to an embodiment of the present invention, and as shown in fig. 3, the method includes the following steps:
step S301, traversing the application program file set to extract a test program carrying preset identification information to obtain a plurality of test cases;
step S302, acquiring a target program, a test strategy identifier and a test parameter value of each test case to establish a case value library;
step S303, based on the case value base, matching the program identifier of the application program to be tested with the test strategy identifier in the case value base to obtain the program parameter value of the target program which is successfully matched;
and step S304, taking the program parameter value as a test seed, and carrying out fuzzy test on the application program to be tested.
Through the steps, firstly, a test program carrying preset identification information is extracted through traversing an application program file set to obtain a plurality of test cases, then a case value base is established through obtaining a target program, a test strategy identification and a test parameter value of each test case, then the program identification of the application program to be tested is matched with the test strategy identification in the case value base based on the case value base to obtain a program parameter value of the target program which is successfully matched, and finally the program parameter value is used as a test seed to carry out fuzzy test on the application program to be tested. In this embodiment, the test case is extracted from the application program file set, and the test parameter value of the test case is used as a seed of the fuzzy test to perform the fuzzy test on the application program to be tested, so that the capability of hitting the potential defect of the application program is improved, the purpose of controlling the parameter value selection direction of the fuzzy test is achieved, and the technical problem that the capability of hitting the potential defect of the application program is low when the fuzzy test is performed on the application program by randomly selecting the parameter value in the related art is solved.
The following further describes embodiments of the present invention in conjunction with the above-described implementation steps.
Step S301, traversing the application program file set to extract the test program carrying the preset identification information to obtain a plurality of test cases.
In an optional embodiment, the step of traversing the application file set to extract the test program carrying the preset identification information to obtain a plurality of test cases includes: extracting an application program carrying preset suffix identification information from an application program file set to obtain a plurality of application program files; and extracting the test program carrying the preset identification information from the application program files to obtain a plurality of test cases.
The set of application files may be software engineering files (e.g., JAVA engineering files), the software engineering files may include a plurality of software programs, the preset suffix identification information may be suffixes of the application files, for example, JAVA program files with a suffix of ". JAVA", and all JAVA application files with a suffix of ". JAVA" may be extracted from the set of application files.
The preset flag information may be information identifying the type of the application program carried in the application program file, for example, an annotation containing "@ Test" in the head of the application program may be a UTDD Test program, and in the application program carrying the preset suffix identification information, a plurality of Test cases or Test programs may be extracted according to the preset identification information.
Step S302, a target program, a test strategy identification and a test parameter value of each test case are obtained to establish a case value library.
The target program may be an application program or an application program name for test case testing, the test policy identifier may be a program method name in the target program, and the test parameter value may be a parameter value of a program method for which the test policy identifier is input. And establishing a case value library through the target program, the test strategy identification and the test parameter value of each test case.
The following describes how to obtain the target program, the test strategy identification and the test parameter values of the test case.
Optionally, the step of obtaining the target program, the test policy identifier, and the test parameter value of each test case includes: acquiring a software engineering reflection mechanism for an application program to be tested; and separating each test case in the case value library by adopting a software engineering reflection mechanism to obtain a target program, a test strategy identifier and a test parameter value in each test case.
In this embodiment, a java reflection mechanism is taken as an example to schematically illustrate the steps of obtaining the target program, the test policy identifier, and the test parameter value of each test case, for example, the target program, the test policy identifier, and the corresponding test parameter value of each UTDD case are extracted and separated from the stock UTDD case (corresponding to the plurality of test cases) codes by using the java reflection mechanism.
And storing the target program, the test strategy identification and the test parameter value of each test case to establish a case value library, wherein the case value library is represented as the following table 1:
TABLE 1 case value library
Figure BDA0003692105430000081
Step S303, based on the case value base, matching the program identifier of the application program to be tested with the test strategy identifier in the case value base to obtain the program parameter value of the target program which is successfully matched.
The program identifier of the application program to be tested can be the program name of the application program to be tested and the method name in the application program to be tested, and can be matched with the target program and the test strategy identifier in the case value library through the program identifier of the application program to be tested to obtain the program parameter value of the target program which is successfully matched, wherein the program parameter value can be one or more.
And step S304, taking the program parameter value as a test seed, and carrying out fuzzy test on the application program to be tested.
The test seed may be a seed of an injection parameter value for performing a fuzzy test on the application program to be tested, and the test seed may generate a plurality of variation parameter values having the same or similar data types as the test seed through seed variation.
An optional implementation manner, the step of performing the fuzz test on the application program to be tested by using the program parameter value as the test seed includes: and respectively taking each program parameter value as a test seed of the fuzzy test for variation to obtain a plurality of test sets, wherein each test set at least comprises: program parameter values and a plurality of variation parameter values corresponding to the program parameter values; and sequentially injecting the parameter values in each test set into the test method corresponding to the test set, and carrying out fuzzy test on the application program to be tested.
Each program parameter value can be used as a test seed of the fuzzy test, each test seed can be mutated to generate a plurality of mutation parameter values, and the program parameter value and the plurality of mutation parameter values corresponding to each test seed can form a test set, so as to form a plurality of test sets. And sequentially injecting the parameter values (program parameter values and a plurality of variation parameter values) in each test set into the test method corresponding to the test set, and carrying out fuzzy test on the application program to be tested.
Optionally, the step of sequentially injecting the parameter values in each test set into the test method corresponding to the test set to perform the fuzzy test on the application program to be tested further includes: sequentially injecting parameter values and a plurality of variable parameter values in a target test set into a target test method corresponding to the target test set for testing, wherein the target test set is one of the plurality of test sets; monitoring whether a program abnormity occurs in a test process within a preset time length to obtain a program monitoring state; recording abnormal data under the condition that the program monitoring state indicates that the test process has program abnormality, wherein the abnormal data at least comprises the following steps: abnormal constant, test identification of the target test method and target test seeds; and under the condition that the program monitoring state indicates that the program exception does not occur in the test process, selecting the next test set from the plurality of test sets so as to continuously execute the step of carrying out the fuzzing test on the application program to be tested.
In the process of carrying out the fuzzy test on the application program to be tested, whether the program exception occurs in the test process can be monitored. Taking one of the test sets (i.e., the target test set) as an example, a processing procedure of monitoring whether a test process has a program exception or not in a process of performing a fuzzy test on an application program to be tested is described, in a program method of inputting parameter values in the test set into the application program to be tested, and in a preset time period of continuously running the application program to be tested, monitoring whether the test process (i.e., the running process of the application program to be tested) has a program exception or not and a program monitoring state is obtained; recording abnormal data under the condition that the program monitoring state indicates that the test process has program abnormality or error report, wherein the abnormal data at least comprises the following data: the abnormal constant, the test identification of the target test method and the target test seed.
Optionally, the test identifier of the target test method in this embodiment may be of various types, for example, a program method name of an input parameter value in the application program to be tested, and the test identifier may be represented by a number, a character, and a letter, or a combination of the number, the character, and the letter.
And under the condition that the program monitoring state indicates that the program exception does not occur in the test process, selecting the next test set from the plurality of test sets so as to continuously execute the step of carrying out the fuzzing test on the application program to be tested.
As an optional implementation manner of this embodiment, after recording the abnormal data, the method further includes: and performing regression testing and data analysis on the application program to be tested according to the abnormal data.
The regression test may refer to a process of performing a fuzzy test after the defect repair is performed on the application program to be tested, and the data analysis may refer to an analysis of a test effectiveness of the test on the application program to be tested on the test seeds or the program parameter values.
Optionally, the step of performing regression testing on the application program to be tested according to the abnormal data includes: according to the test identification corresponding to the test set in the abnormal data, performing defect repair on the application program to be tested to obtain a repaired application program; and sequentially injecting the parameter values in the target test set into the repair application program, and continuously carrying out the fuzzy test on the repair application program.
According to the test identification corresponding to the test set in the abnormal data, the position of the defect in the application program to be tested can be searched for quick positioning, so that the defect repairing of the application program to be tested can be quickly and accurately carried out, the repaired application program is obtained, after the repaired application program is obtained, the parameter values in the target test set can be sequentially injected into the repaired application program, whether the same defect exists in the repaired application program or not is monitored, and then the fuzzy test is continuously carried out on the repaired application program.
Optionally, the step of performing data analysis on the application program to be tested according to the abnormal data includes: and evaluating the test result scores of the target test seeds in the abnormal data.
In the process of performing data analysis on the application program to be tested according to the abnormal data, the test result score of the target test seed in the abnormal data can be evaluated, for example, the test effect of the target test seed in the fuzzy test can be judged according to the number of the abnormal constants monitored in the process of performing the fuzzy test on the application program to be tested according to the target test seed.
According to the embodiment of the invention, the initial value of the fuzzy test can be carried out by extracting the test parameter values in the test case as seeds, so that the fuzzy test can carry out diffusion variation in a relatively effective range, thereby avoiding a large number of blind random tests, improving the fuzzy test effect, finding more potential defects of the system and improving the quality of the application program.
The invention is described below in connection with an alternative embodiment.
Example two
The present embodiment proposes another testing method for an application program, and takes a scheme of performing a fuzz test on an application program based on a UTDD case as an example to schematically illustrate the testing method.
In the embodiment, the UTDD case and the fuzzy test case are connected in series, so that the barrier between the cases is broken, the test value in the UTDD stock case is extracted according to a java reflection mechanism under the condition that the burden of developers is not increased, the test value is used as the seed of the fuzzy test value, and then the divergent variation is performed by taking the seed as the center, so that the effective coverage of the fuzzy test value is fully improved. In this embodiment, the key point is that when the target program file is subjected to the fuzzy test, the seed validity problem can be solved, so that the test quality of the application program is improved.
The processing flow of the present embodiment is described in detail below:
fig. 4 is a flowchart of an alternative fuzzy test method based on UTDD case according to an embodiment of the present invention, as shown in fig. 4, the main processing flow is as follows:
1. the UTDD case is traversed. Traversing all JAVA program files taking JAVA as suffix in the software engineering, if the content in the program files and the corresponding program method contain "@ Test" annotation at the head of each program method, considering that the UTDD Test program, namely the stock UTDD case, needs to be analyzed and processed, and other files are directly ignored and are not processed.
2. And extracting UTDD case input parameter values. And extracting and separating the target program, the test target method name and the corresponding test parameter input value of each UTDD case from the stock UTDD case codes by using a java reflection mechanism.
3. And (5) warehousing the test case values. And storing the target program, the test target method name and the corresponding test parameter input value of each UTDD case which are extracted and separated to obtain a case value library.
4. And acquiring case values from the library to be used as fuzzy test seeds. And matching by using the program name and the method name of the target program according to the established case value library, taking out the case values of the related matching items, injecting the case values into a target test method as seeds, and running a fuzzy test.
5. Fuzzy test case runs. And continuously running the fuzzy test case for a period of time (the time can be adjusted according to the test method and system resources), and monitoring whether the fuzzy variation based on the UTDD test value generates program running abnormity.
6. And observing test results and changing case values. If the program is not tested to be abnormal after the operation of the fixed length time, sequentially extracting a group of test values of the next target method from the storage case value library for injection and test again; and if the program is abnormal, repairing the defects of the target program method, and continuing to use the original test value to perform regression test again after repairing.
The fuzz testing effectiveness value of each group of test values or each fuzz testing seed, i.e. the number of defects or anomalies found, can also be automatically registered for regression testing and data analysis.
In the embodiment, the test input value of the stock UTDD case is multiplexed and extracted to be used as the initial seed value of the fuzzy test, so that the fuzzy variation of the parameter value of the fuzzy test can be carried out in a more effective range, and the target method is tested more specifically and effectively.
The invention is described below in connection with an alternative embodiment.
EXAMPLE III
The present embodiment further provides an optional testing apparatus for an application, where each implementation unit included in the testing apparatus corresponds to each step of the foregoing embodiments.
Fig. 5 is a schematic diagram of a testing apparatus for an optional application according to an embodiment of the present invention, as shown in fig. 5, the testing apparatus includes: a traversal unit 51, a first processing unit 52, a second processing unit 53, a testing unit 54, wherein,
the traversing unit 51 is configured to traverse the application file set to extract the test program carrying the preset identification information, so as to obtain a plurality of test cases;
the first processing unit 52 is configured to obtain a target program, a test policy identifier, and a test parameter value of each test case, so as to establish a case value library;
the second processing unit 53 is configured to match, based on the case value library, the program identifier of the application program to be tested and the test policy identifier in the case value library to obtain a program parameter value of the target program that is successfully matched;
and the test unit 54 is configured to perform a fuzz test on the application program to be tested by using the program parameter value as a test seed.
The testing device of the application program can traverse the application program file set through the traversing unit 51 to extract the testing program carrying the preset identification information to obtain a plurality of testing cases, the first processing unit 52 obtains the target program, the testing strategy identification and the testing parameter value of each testing case to establish a case value library, the second processing unit 53 matches the program identification of the application program to be tested and the testing strategy identification in the case value library based on the case value library to obtain the program parameter value of the target program which is successfully matched, and the testing unit 54 uses the program parameter value as the testing seed to perform fuzzy testing on the application program to be tested. In this embodiment, the test case is extracted from the application program file set, and the test parameter value of the test case is used as a seed of the fuzzy test to perform the fuzzy test on the application program to be tested, so that the capability of hitting the potential defect of the application program is improved, the purpose of controlling the parameter value selection direction of the fuzzy test is achieved, and the technical problem that the capability of hitting the potential defect of the application program is low when the fuzzy test is performed on the application program by randomly selecting the parameter value in the related art is solved.
Optionally, the first processing unit includes: the acquisition subunit is used for acquiring a software engineering reflection mechanism of the application program to be tested; and the separation subunit is used for separating each test case in the case value library by adopting a software engineering reflection mechanism to obtain the target program, the test strategy identification and the test parameter value in each test case.
Optionally, the test unit includes: a variation subunit, configured to perform variation on each program parameter value as a test seed of the fuzz test, so as to obtain a plurality of test sets, where each test set at least includes: program parameter values and a plurality of variation parameter values corresponding to the program parameter values; and the test subunit is used for sequentially injecting the parameter values in each test set into the test method corresponding to the test set, and performing fuzzy test on the application program to be tested.
Optionally, the test subunit includes: the first testing module is used for sequentially injecting parameter values and a plurality of variation parameter values in a target testing set into a target testing method corresponding to the target testing set for testing, wherein the target testing set is one of the plurality of testing sets; the detection module is used for monitoring whether the program exception occurs in the test process within the preset time length to obtain a program monitoring state; the recording module is used for recording abnormal data under the condition that the program monitoring state indicates that the test process has program abnormality, wherein the abnormal data at least comprises the following data: abnormal constant, test identification of the target test method and target test seeds; and the second testing module is used for selecting the next testing set from the plurality of testing sets under the condition that the program monitoring state indicates that the testing process has no program exception so as to continuously execute the step of carrying out the fuzz testing on the application program to be tested.
Optionally, the testing subunit further includes: and the processing module is used for performing regression testing and data analysis on the application program to be tested according to the abnormal data after the abnormal data is recorded.
Optionally, the processing module includes: the repair submodule is used for repairing the defects of the application program to be tested according to the test identification corresponding to the test set in the abnormal data to obtain a repaired application program; and the testing submodule is used for sequentially injecting the parameter values in the target testing set into the repairing application program and continuously carrying out the fuzzy test on the repairing application program.
Optionally, the processing module further includes: and the evaluation submodule is used for evaluating the test result scores of the target test seeds in the abnormal data.
The above-mentioned test device for application programs may further include a processor and a memory, the above-mentioned traversing unit 51, the first processing unit 52, the second processing unit 53, the test unit 54, and the like are all stored in the memory as program units, and the processor executes the above-mentioned program units stored in the memory to implement corresponding functions.
The processor comprises a kernel, and the kernel calls a corresponding program unit from the memory. The kernel can be set to be one or more, the kernel parameters are adjusted to extract the test cases from the application program file set, and the test parameter values of the test cases are used as seeds of the fuzzy test to carry out the fuzzy test on the application program to be tested.
The memory may include volatile memory in a computer readable medium, Random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip.
According to another aspect of the embodiments of the present invention, there is also provided an electronic device, including: a processor; and a memory for storing executable instructions for the processor; wherein the processor is configured to perform the method of testing of the application program of any of the above via execution of the executable instructions.
According to another aspect of the embodiments of the present invention, there is also provided a computer-readable storage medium, where the computer-readable storage medium includes a stored computer program, and when the computer program runs, the apparatus on which the computer-readable storage medium is located is controlled to execute the method for testing the application program in any item.
Fig. 6 is a block diagram of a hardware structure of an electronic device (or a mobile device) according to an application test method according to an embodiment of the present invention. As shown in fig. 6, the electronic device may include one or more processors 602 (shown as 602a, 602b, … …, 602 n), a memory 604 for storing data, and a processor 602 (the processor 602 may include, but is not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA). Besides, the method can also comprise the following steps: a display, an input/output interface (I/O interface), a Universal Serial Bus (USB) port (which may be included as one of the ports of the I/O interface), a network interface, a keyboard, a power supply, and/or a camera. It will be understood by those skilled in the art that the structure shown in fig. 6 is only an illustration and is not intended to limit the structure of the electronic device. For example, the electronic device may also include more or fewer components than shown in FIG. 6, or have a different configuration than shown in FIG. 6.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
In the above embodiments of the present invention, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units may be a logical division, and in actual implementation, there may be another division, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed coupling or direct coupling or communication connection between each other may be an indirect coupling or communication connection through some interfaces, units or modules, and may be electrical or in other forms.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims (10)

1. A method for testing an application program, comprising:
traversing the application program file set to extract a test program carrying preset identification information to obtain a plurality of test cases;
acquiring a target program, a test strategy identifier and a test parameter value of each test case to establish a case value library;
based on the case value base, matching the program identifier of the application program to be tested with the test strategy identifier in the case value base to obtain the program parameter value of the target program which is successfully matched;
and taking the program parameter values as test seeds, and carrying out fuzzy test on the application program to be tested.
2. The testing method of claim 1, wherein the step of obtaining the target program, the testing strategy identification and the testing parameter value of each testing case comprises:
acquiring a software engineering reflection mechanism for the application program to be tested;
and separating each test case in the case value library by adopting the software engineering reflection mechanism to obtain the target program, the test strategy identification and the test parameter value in each test case.
3. The method of claim 1, wherein the step of performing a fuzz test on the application program to be tested using the program parameter values as test seeds comprises:
and performing variation by taking each program parameter value as a test seed of the fuzzing test to obtain a plurality of test sets, wherein each test set at least comprises: the program parameter value and a plurality of variation parameter values corresponding to the program parameter value;
and sequentially injecting the parameter values in each test set into the test method corresponding to the test set, and carrying out fuzzy test on the application program to be tested.
4. The method according to claim 3, wherein the step of sequentially injecting the parameter values in each test set into the test method corresponding to the test set to perform the fuzzy test on the application program to be tested further comprises:
sequentially injecting parameter values and a plurality of variable parameter values in a target test set into a target test method corresponding to the target test set for testing, wherein the target test set is one of the test sets;
monitoring whether a program abnormity occurs in a test process within a preset time length to obtain a program monitoring state;
recording abnormal data under the condition that the program monitoring state indicates that the test process has program abnormality, wherein the abnormal data at least comprises: an abnormal constant, a test mark of the target test method, and a target test seed;
and under the condition that the program monitoring state indicates that the test process has no program exception, selecting a next test set from the plurality of test sets to continue executing the step of performing the fuzz test on the application program to be tested.
5. The test method of claim 4, further comprising, after recording the anomaly data:
and performing regression testing and data analysis on the application program to be tested according to the abnormal data.
6. The method of claim 5, wherein the step of performing a regression test on the application under test based on the anomaly data comprises:
according to the test identification corresponding to the test set in the abnormal data, performing defect repair on the application program to be tested to obtain a repaired application program;
and sequentially injecting the parameter values in the target test set into the repair application program, and continuing to perform fuzzy test on the repair application program.
7. The method of claim 5, wherein the step of performing data analysis on the application under test according to the abnormal data comprises:
evaluating test result scores of the target test seeds in the anomaly data.
8. An apparatus for testing an application, comprising:
the traversal unit is used for traversing the application program file set to extract the test program carrying the preset identification information to obtain a plurality of test cases;
the first processing unit is used for acquiring a target program, a test strategy identifier and a test parameter value of each test case so as to establish a case value library;
the second processing unit is used for matching the program identifier of the application program to be tested with the test strategy identifier in the case value base based on the case value base so as to obtain the program parameter value of the target program which is successfully matched;
and the testing unit is used for performing fuzzy testing on the application program to be tested by taking the program parameter value as a testing seed.
9. A computer-readable storage medium, comprising a stored computer program, wherein when the computer program runs, the apparatus on which the computer-readable storage medium is located is controlled to execute the method for testing an application program according to any one of claims 1 to 7.
10. An electronic device comprising one or more processors and memory for storing one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method of testing an application program of any of claims 1-7.
CN202210663510.1A 2022-06-13 2022-06-13 Application program testing method and device, storage medium and electronic equipment Pending CN115048299A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210663510.1A CN115048299A (en) 2022-06-13 2022-06-13 Application program testing method and device, storage medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210663510.1A CN115048299A (en) 2022-06-13 2022-06-13 Application program testing method and device, storage medium and electronic equipment

Publications (1)

Publication Number Publication Date
CN115048299A true CN115048299A (en) 2022-09-13

Family

ID=83160801

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210663510.1A Pending CN115048299A (en) 2022-06-13 2022-06-13 Application program testing method and device, storage medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN115048299A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115774677A (en) * 2022-12-20 2023-03-10 上海安般信息科技有限公司 Fuzzy test method and device based on multi-parameter input

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115774677A (en) * 2022-12-20 2023-03-10 上海安般信息科技有限公司 Fuzzy test method and device based on multi-parameter input
CN115774677B (en) * 2022-12-20 2024-02-23 上海安般信息科技有限公司 Fuzzy test method and device based on multi-parameter input

Similar Documents

Publication Publication Date Title
Shihab et al. High-impact defects: a study of breakage and surprise defects
US8893089B2 (en) Fast business process test case composition
TWI575397B (en) Point-wise protection of application using runtime agent and dynamic security analysis
WO2019100577A1 (en) Automated test management method and apparatus, terminal device, and storage medium
CN109800258B (en) Data file deployment method, device, computer equipment and storage medium
Habchi et al. A qualitative study on the sources, impacts, and mitigation strategies of flaky tests
CN113220588A (en) Automatic testing method, device and equipment for data processing and storage medium
CN112799722A (en) Command recognition method, device, equipment and storage medium
CN115048299A (en) Application program testing method and device, storage medium and electronic equipment
Ndukwe et al. How have views on Software Quality differed over time? Research and practice viewpoints
Fucci et al. Who (self) admits technical debt?
CN111723377B (en) Platform vulnerability assessment method and device, electronic equipment and storage medium
CN111459796B (en) Automated testing method, apparatus, computer device and storage medium
CN117914737A (en) Mirror image resource testing method and device for network target range
CN114880637B (en) Account risk verification method and device, computer equipment and storage medium
CN113723071B (en) Electronic archive verification method, system, storage medium and equipment
Flemström et al. Exploring test overlap in system integration: An industrial case study
CN111241547A (en) Detection method, device and system for unauthorized vulnerability
US10162849B1 (en) System, method, and computer program for automatic database validation associated with a software test
CN111240882B (en) Method and system for detecting abnormal state
CN117195183B (en) Data security compliance risk assessment system
CN114860549B (en) Buried data verification method, buried data verification device, buried data verification equipment and storage medium
US20230083977A1 (en) Method and apparatus for identifying a logic defect in an application
CN114640507B (en) WebShell detection method, webShell detection device and storage medium
CN116434043A (en) Image processing method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination