Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mozillasecurity/ffpuppet
A Python module that aids in the automation of Firefox at the process level
https://github.com/mozillasecurity/ffpuppet
automated-testing automation firefox fuzzing python
Last synced: about 16 hours ago
JSON representation
A Python module that aids in the automation of Firefox at the process level
- Host: GitHub
- URL: https://github.com/mozillasecurity/ffpuppet
- Owner: MozillaSecurity
- License: mpl-2.0
- Created: 2016-04-27T20:09:08.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2024-12-24T17:51:41.000Z (1 day ago)
- Last Synced: 2024-12-24T18:32:59.853Z (1 day ago)
- Topics: automated-testing, automation, firefox, fuzzing, python
- Language: Python
- Homepage:
- Size: 6.57 MB
- Stars: 32
- Watchers: 11
- Forks: 7
- Open Issues: 5
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
FFPuppet
========
[](https://community-tc.services.mozilla.com/api/github/v1/repository/MozillaSecurity/ffpuppet/master/latest)
[](https://codecov.io/gh/MozillaSecurity/ffpuppet)
[].num_joined_members&suffix=%20users&url=https%3A%2F%2Fmozilla.modular.im%2F_matrix%2Fclient%2Fr0%2FpublicRooms&style=flat&logo=matrix)](https://riot.im/app/#/room/#fuzzing:mozilla.org)
[](https://pypi.org/project/ffpuppet)
FFPuppet is a Python module that automates browser process related tasks to aid in fuzzing. Happy bug hunting!
Are you [fuzzing](https://firefox-source-docs.mozilla.org/tools/fuzzing/index.html) the browser? [Grizzly](https://github.com/MozillaSecurity/grizzly) can help.
Installation
------------
##### To install the latest version from PyPI
pip install ffpuppet
##### Xvfb on Linux
On Linux `xvfb` can be used in order to run headless (this is not the same as Firefox's `-headless` mode).
To install `xvfb` on Ubuntu run:
apt-get install xvfb
##### Install minidump-stackwalk
`minidump-stackwalk` is used to collect crash reports from minidump files. More
information can be found [here](https://lib.rs/crates/minidump-stackwalk).
Browser Builds
--------------
If you are looking for builds to use with FFPuppet there are a few options.
##### Download a build
[fuzzfetch](https://github.com/MozillaSecurity/fuzzfetch) is the recommended method for obtaining builds and is also very helpful in automation.
Taskcluster has a collection of many different build types for multiple platforms and branches.
An index of the latest mozilla-central builds can be found [here](https://firefox-ci-tc.services.mozilla.com/tasks/index/gecko.v2.mozilla-central.latest.firefox/).
##### Create your own build
If you would like to compile your own, build instructions can be found [here](https://firefox-source-docs.mozilla.org/setup/index.html). When using `minidump-stackwalk`
breakpad [symbols](https://firefox-source-docs.mozilla.org/setup/building_with_debug_symbols.html#building-with-debug-symbols) are required for symbolized stacks.
Usage
-----
Once installed FFPuppet can be run using the following command:
python -m ffpuppet
```
usage: ffpuppet [-h] [-d] [--log-level LOG_LEVEL] [-e EXTENSION] [-p PREFS]
[-P PROFILE] [-u URL] [--xvfb] [-a ABORT_TOKEN]
[--launch-timeout LAUNCH_TIMEOUT] [-l LOGS]
[--log-limit LOG_LIMIT] [-m MEMORY]
[--poll-interval POLL_INTERVAL] [--save-all]
[--gdb | --pernosco | --rr | --valgrind]
binary
FFPuppet - Firefox process launcher and log collector. Happy bug hunting!
positional arguments:
binary Firefox binary to launch
optional arguments:
-h, --help show this help message and exit
-d, --display-logs Display summary of browser logs on process exit.
--log-level LOG_LEVEL
Configure console logging. Options: DEBUG, INFO, WARN,
ERROR (default: INFO)
Browser Configuration:
-e EXTENSION, --extension EXTENSION
Install extensions. Specify the path to the xpi or the
directory containing the unpacked extension.
-p PREFS, --prefs PREFS
Custom prefs.js file to use (default: profile default)
-P PROFILE, --profile PROFILE
Profile to use. This is non-destructive. A copy of the
target profile will be used. (default: temporary
profile)
-u URL, --url URL Server URL or path to local file to load.
--xvfb Use Xvfb. (Linux only)
Issue Detection & Reporting:
-a ABORT_TOKEN, --abort-token ABORT_TOKEN
Scan the browser logs for the given value and close
browser if detected. For example '-a ###!!!
ASSERTION:' would be used to detect soft assertions.
--launch-timeout LAUNCH_TIMEOUT
Number of seconds to wait for the browser to become
responsive after launching. (default: 300)
-l LOGS, --logs LOGS Location to save browser logs. A sub-directory
containing the browser logs will be created.
--log-limit LOG_LIMIT
Browser log file size limit in MBs (default: 0, no
limit)
-m MEMORY, --memory MEMORY
Browser memory limit in MBs (default: 0, no limit)
--poll-interval POLL_INTERVAL
Delay between checks for results (default: 0.5)
--save-all Always save logs. By default logs are saved only when
an issue is detected.
Available Debuggers:
--gdb Use GDB. (Linux only)
--pernosco Use rr. Trace intended to be submitted to Pernosco. (Linux only)
--rr Use rr. (Linux only)
--valgrind Use Valgrind. (Linux only)
```
##### Replaying a test case
python -m ffpuppet -p -d -u
This will open the provided test case file in Firefox using the provided prefs.js file and any log data (stderr, stdout, ASan logs... etc) will be dumped to the console when the browser process terminates. [Grizzly Replay](https://github.com/MozillaSecurity/grizzly/wiki/Grizzly-Replay) is recommended for replaying test cases.
##### Prefs.js files
prefs.js files that can be used for fuzzing or other automated testing can be generated with [PrefPicker](https://github.com/MozillaSecurity/prefpicker).