CN110474900B - Game protocol testing method and device - Google Patents

Game protocol testing method and device Download PDF

Info

Publication number
CN110474900B
CN110474900B CN201910743542.0A CN201910743542A CN110474900B CN 110474900 B CN110474900 B CN 110474900B CN 201910743542 A CN201910743542 A CN 201910743542A CN 110474900 B CN110474900 B CN 110474900B
Authority
CN
China
Prior art keywords
protocol
game
tested
test
file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910743542.0A
Other languages
Chinese (zh)
Other versions
CN110474900A (en
Inventor
罗德志
严明
王枭
周江
王建行
蒋洪伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201910743542.0A priority Critical patent/CN110474900B/en
Publication of CN110474900A publication Critical patent/CN110474900A/en
Application granted granted Critical
Publication of CN110474900B publication Critical patent/CN110474900B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/18Protocol analysers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/131Protocols for games, networked simulations or virtual reality

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention relates to the technical field of computers, in particular to a game protocol testing method and a device, wherein the method comprises the following steps: aiming at a game to be tested, acquiring each protocol file of the game to be tested and a definition document of each protocol file, wherein each protocol file at least comprises a plurality of protocol fields, and the definition document of each protocol file at least comprises an incidence relation of the plurality of protocol fields; constructing test objects aiming at different protocols according to each protocol field in each protocol file; aiming at each test object, determining the assignment of each protocol field from an assignment set according to the incidence relation of a plurality of protocol fields and a plurality of protocol fields in the test object to obtain the assigned test object, wherein the assignment set is determined according to different test strategies; and taking each assignment as test data to carry out game protocol test. By acquiring all protocol files of the game to be tested and carrying out the test better, invalid test data can not be generated.

Description

Game protocol testing method and device
Technical Field
The present application relates to the field of computer technologies, and in particular, to a game protocol testing method and apparatus.
Background
Protocol testing is testing performed on a communication protocol, and can realize processes which cannot be realized in some conventional tests. When the protocol test is carried out, a series of test processes such as interception, analysis, tampering, sending and the like are carried out on the protocol.
With the popularity of gaming, testing against gaming protocols is required. A method for testing game protocol is to use historical experience data value to test, but because the historical experience value has less channels to obtain, and the subjectivity is strong, the testing effect is not ideal; another method for conducting game protocol testing is to generate a large amount of test data by constructing a test data generating function interface. However, the method is mainly applied to vulnerability mining of stand-alone games, and a game protocol test scheme aiming at the network games is not provided.
Based on the above, the prior art cannot provide a game protocol testing method suitable for online games.
Disclosure of Invention
The embodiment of the application provides a game protocol testing method and device, and provides a game protocol testing method for online games.
In one aspect, an embodiment of the present application provides a game protocol testing method, including:
aiming at a game to be tested, acquiring each protocol file of the game to be tested and a definition document of each protocol file, wherein each game function of the game to be tested at least corresponds to one protocol file, each protocol file at least comprises a plurality of protocol fields, and the definition document of each protocol file at least comprises an incidence relation of the plurality of protocol fields;
constructing test objects aiming at different protocols according to each protocol field in each protocol file;
for each test object, determining the assignment of each protocol field from an assignment set according to the incidence relation of a plurality of protocol fields and a plurality of protocol fields in the test object to obtain the test object after assignment, wherein the assignment set is determined according to different test strategies, and the test strategies are determined at least according to the data types of the protocol fields in the protocol files of the game to be tested and the communication mode of the game to be tested;
and taking each assignment as test data to carry out game protocol test.
In one aspect, an embodiment of the present application provides a game protocol testing apparatus, including:
the game testing device comprises an acquisition unit, a storage unit and a processing unit, wherein the acquisition unit is used for acquiring each protocol file of a game to be tested and a definition document of each protocol file, each game function of the game to be tested at least corresponds to one protocol file, each protocol file at least comprises a plurality of protocol fields, and the definition document of each protocol file at least comprises an incidence relation of the plurality of protocol fields;
the test object constructing unit is used for constructing test objects aiming at different protocols according to the protocol fields in the protocol files;
the evaluation unit is used for determining the evaluation of each protocol field from an evaluation set according to the incidence relation between a plurality of protocol fields and a plurality of protocol fields in each test object to obtain the evaluated test object, wherein the evaluation set is determined according to different test strategies, and the test strategies are determined at least according to the data types of the protocol fields in the protocol files of the game to be tested and the communication mode of the game to be tested;
and the testing unit is used for carrying out game protocol testing by taking each assignment as testing data.
Optionally, the obtaining unit is specifically configured to:
acquiring definition documents of each protocol file of the game to be tested through the development file of the game to be tested, and acquiring each protocol file of the game to be tested through reading the memory file of the game to be tested;
and determining the incidence relation of the protocol fields in the protocol files according to the field identifications of the definition documents of the protocol files, and traversing the fields in the protocol files to obtain a plurality of protocol fields at least included in each protocol file.
Optionally, the apparatus further comprises:
the testing strategy making unit is used for determining a data type testing strategy corresponding to each protocol file according to the data type of each protocol field in each protocol file of the game to be tested, wherein the data type testing strategy at least comprises a data type random value sub-strategy and a data type boundary value sub-strategy corresponding to each protocol file;
determining a communication attack strategy between the game server to be tested and the game client to be tested according to the communication mode of the game to be tested, wherein the attack strategy at least comprises a communication attack sub-strategy from the game client to be tested to the game server to be tested, a communication attack sub-strategy from the game server to be tested to the game client to be tested and a communication attack sub-strategy from the game server to be tested to the game server to be tested;
and taking the data type test strategy corresponding to each protocol file and the communication attack strategy between the game server to be tested and the game client to be tested as test strategies.
Optionally, the communication attack sub-policy from the game client to be tested to the game server to be tested includes:
pre-burying a communication attack sub-strategy and a waste communication attack sub-strategy.
Optionally, the test unit is specifically configured to:
sending the test data to a game client to be tested, and sending the test data to a game server to be tested through the game client to be tested;
receiving a test response fed back by a game client to be tested, wherein the test response is determined by the game server to be tested according to the running result of the test data;
and determining a game protocol test result according to the test response.
In one aspect, embodiments of the present application provide a computer device, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor executes the steps of the game protocol testing method.
In one aspect, embodiments of the present application provide a computer-readable storage medium storing a computer program executable by a computer device, the program, when executed on the computer device, causing the computer device to execute the steps of the game protocol testing method.
In the embodiment of the application, for a game to be tested, which is to be subjected to a game protocol test, each protocol file of the game to be tested and a definition document of each protocol file are firstly obtained, the game to be tested has a plurality of functions, each function at least corresponds to one protocol file, each protocol file in the obtained protocol files at least comprises a plurality of protocol fields, and each obtained protocol file definition document at least comprises an association relation of the plurality of protocol fields; that is, the protocol field format in each protocol file can be determined by acquiring each protocol file, and the association relationship existing between each protocol field in each protocol file can be determined by each protocol file definition document; after the protocol field format in each protocol file is determined, test objects aiming at different protocols can be constructed, the test objects are the same as the execution objects in the running process of the game to be tested, and the execution objects in the running process of the game to be tested are determined by determining the test objects.
In the embodiment of the application, all protocol files of the game to be tested can be obtained, the protocols can be the protocols of a stand-alone game or the protocols of an online game, the test objects corresponding to all the protocols are determined according to all the protocol files, the test objects are matched with the protocols, the test can be better carried out, and invalid test data cannot be generated.
Furthermore, after the test object is determined, the assignment of the test object needs to be determined to form test data, in the assignment process, the assignment is determined from an assignment set, and then the test object is assigned, wherein the assignment set is determined according to different test strategies, and the test strategies are determined at least according to the data types of the protocol fields in the protocol files of the game to be tested and the communication mode of the game to be tested, that is, in the embodiment of the application, different test strategies can be formulated according to the actual attributes of the game to be tested, that is, the data attributes and the communication mode attributes, the different test strategies correspond to the multiple assignments, the assignment set is constructed by the multiple assignments, and the faults and attacks which are possibly encountered in the real game running process can be simulated, so that the test accuracy is improved.
In summary, the game protocol testing method in the embodiment of the present application can perform a game protocol test for the online game, and construct a test object according to the field format of the game protocol, thereby avoiding a large amount of invalid test data generated in the prior art; in the process of assigning the test object, the abnormal condition and the attack condition which mainly exist in the game running process are considered, various test strategies are formulated, and the assignment set is determined according to the various test strategies for assigning, so that massive test data can be constructed, and the coverage of game protocol testing is enlarged.
Drawings
Fig. 1 is an application scenario architecture diagram according to an embodiment of the present invention;
FIG. 2 is a flow chart illustrating a game protocol testing method according to an embodiment of the present invention;
fig. 3 is a schematic diagram of a protocol word association relationship according to an embodiment of the present invention;
fig. 4 is an application scenario architecture diagram provided in the embodiment of the present invention;
FIG. 5 is a flowchart illustrating a game protocol testing method according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a game protocol testing apparatus according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
To facilitate an understanding of the embodiments of the present invention, a few concepts are briefly introduced below:
and (3) software testing, namely, a process of operating the program under specified conditions to find out program errors, measure the quality of the software and evaluate whether the software can meet the design requirements.
The fuzz test is a software test technology. Random data generated automatically or semi-automatically is input into a program and program anomalies are monitored. Fuzz testing is often used to detect security breaches of a software or computer system.
Protocol, data format of communication between the game client to be tested and the game server to be tested in the present application.
And packaging, also called serialization, to process the memory protocol object into continuous binary stream data for network transmission.
Unpacking, also called deserializing, parses a binary data stream into memory protocol objects according to the definition of a protocol structure.
CS, client to server communication.
SC, server to server, server to client communication.
SS, server to server communication.
In a specific practical process, the applicant of the present application finds that, in a game protocol testing scheme, an early team reads test experience data in a configuration list one by one according to a data type of a protocol field to perform a test. However, due to the fact that the test experience data in the configuration list is insufficient in acquisition capability and strong in subjectivity, the test accuracy is not high.
In the prior art, a game protocol test scheme is provided, which generates a large amount of test data according to a test data generation function interface. However, the testing method is mainly applied to single-machine vulnerability mining, online application only supports common website servers, and a game protocol testing scheme for online games is not provided.
Based on the above problems, the applicant of the present application has conceived a game protocol testing method, by acquiring all protocols of a game to be tested, constructing a test object matching the protocols, compared with the prior art, the method determines the test data through the assignment of the test object, determines the test object matched with each protocol file aiming at each protocol file of the game to be tested, and in the assignment process, according to the data characteristics and communication characteristics of the game to be tested, different testing strategies are formulated, massive testing data can be constructed, the coverage of protocol testing is enlarged, and the constructed test data are all test objects matched with the protocol files of the game to be tested, therefore, test data can be constructed and verified through unpacking of the server to be tested, and compared with a traditional fuzzy test scheme, the method is more efficient and can find more vulnerability risks.
The game protocol testing method in the embodiment of the present application may be applied to an application scenario as shown in fig. 1, where the application scenario includes a testing tool 101, a game client to be tested 102, and a game server to be tested 103. Wherein the testing tool 101 can be run in the game client 102 to be tested, and can also be run in other terminals. The testing tool 101 can acquire each protocol file of the game to be tested from the game client 102 to be tested through script injection, determine fields in each protocol file, form a testing object through the fields, and assign values to the testing object through assignment in an assignment set; in the process of assigning, the association relationship of the fields in each protocol file needs to be considered, so the test tool 101 can also obtain the definition document of each protocol file, and determine the association relationship of the fields in each protocol file by the definition document; after assigning values to each test object, the test tool 101 sends the assigned values as test data to the game client 102 to be tested; the game client 102 to be tested executes the test data, interacts with the game server 103 to be tested in the execution process, receives the test data execution result returned by the game server 103 to be tested, and returns the test data execution result to the test tool 101, and the test tool 101 determines whether a bug exists according to the execution result.
In the implementation of the present application, the game client 102 to be tested is an electronic device used by a game user, and the electronic device may be a computer device having a certain computing capability and running instant messaging software and a website or social software and a website, such as a personal computer, a mobile phone, a tablet computer, a notebook computer, and the like. Each game client 102 to be tested is connected with the game server 103 through a wireless network, and the game server 103 to be tested is a server or a server cluster or a cloud computing center formed by a plurality of servers.
It should be noted that the architecture diagram in the embodiment of the present application is for more clearly illustrating the technical solution in the embodiment of the present invention, and does not limit the technical solution provided in the embodiment of the present application, and for other application scenario architectures and business applications, the technical solution provided in the embodiment of the present application is also applicable to similar problems.
Based on the application scenario diagram shown in fig. 1, an embodiment of the present application provides a game protocol testing method, where a flow of the method may be executed by a game protocol testing apparatus, as shown in fig. 2, and the method includes the following steps:
step S201, aiming at a game to be tested, acquiring each protocol file of the game to be tested and a definition document of each protocol file, wherein each game function of the game to be tested at least corresponds to one protocol file, each protocol file at least comprises a plurality of protocol fields, and the definition document of each protocol file at least comprises an incidence relation of the plurality of protocol fields.
Specifically, in the embodiment of the present application, when it is required to determine whether a certain game has a protocol vulnerability, the game is a game to be tested, and test data needs to be determined for the game to be tested. In order to solve the problems that the testing scheme in the prior art cannot support the online game and constructed massive data cannot pass through unpacking and checking of the game server, so that the testing data is invalid, the embodiment of the application needs to determine the data format which can be executed by the game to be tested.
In the embodiment of the application, the protocol files of the games to be tested are obtained to determine the data format that the games to be tested can execute, the number of the protocol files included in each game to be tested is determined according to the functions of the game to be tested, each function of the game to be tested corresponds to at least one protocol file, for example, if the number of the functions of the game to be tested is 4, the number of the protocol files is at least 4. In the embodiment of the present application, the protocol file refers to both a protocol standard file that is common to different games to be tested and is in a text form, and a protocol definition, that is, the protocol standard file is converted into a definition language of each game to be tested, and the definition languages of different games to be tested may be the same or different.
In the embodiment of the present application, the function of the game to be tested refers to a function that can be used by the user when using the game to be tested, for example, a game function in the game to be tested, a function of purchasing a virtual article, a chat function, and the like. Further, the functions of the game to be tested can also comprise a pre-embedded function and a waste function, namely the functions of the game to be tested comprise functions which are not shown to the user, part of the functions are functions which are not on-line, and the other functions are functions which are considered that the effect of function display is not ideal, so the functions are off-line. For the test comprehensiveness, the protocols corresponding to these non-shown functions also need to be tested.
In the actual running process of the game to be tested, the execution operation process of the game to be tested is realized through each field and the value of each field in each protocol file, so in the embodiment of the application, each protocol file of the obtained game to be tested at least comprises a plurality of protocol fields, and the protocol fields may have an association relationship, so that the association relationship of the protocol fields needs to be determined.
In the embodiment of the present application, the structure of each protocol is determined by traversing the fields of each protocol file, for example, the protocol a is traversed, and the obtained traversal result is the field a, the field b, and the field c, so that the protocol format of the protocol a may be considered as abc. Optionally, in the embodiment of the present application, fields in each protocol may be determined using a recursive method, that is, fields in each protocol are quickly traversed by a recursive method.
In the embodiment of the application, each protocol file stored in the game memory to be tested only has information of each field of the programming language, and does not have the relevance between information of each field, so in the embodiment of the application, the relevance of the protocol field in each protocol can be determined through the definition document of each protocol file.
Optionally, in the embodiment of the present invention, when the game to be tested is online, the definition document of each protocol file is stored in the development file of the game to be tested, and when the game to be tested is obtained during testing, the development file of the game to be tested can be obtained.
After the development file of the game to be tested is read, the association relationship of each protocol field can be determined by reading the field identifier in the development file, for example, a tree structure as shown in fig. 3 can be constructed by reading the field identifier in the development file, in fig. 3, the identifier a field has an association relationship with the identifier B field and the identifier E field, the identifier a field has an association relationship with the identifier B field and the identifier F field, the identifier a field has an association relationship with the identifier B field and the identifier G field, the identifier a field has an association relationship with the identifier C field and the identifier H field, the identifier a field has an association relationship with the identifier D field and the identifier I field, and the identifier a field has an association relationship with the identifier D field and the identifier J field.
Step S202, constructing test objects aiming at different protocols according to each protocol field in each protocol file.
Specifically, in the embodiment of the present application, since the structure of each field in each protocol file is determined, test objects for different protocols are determined by the structure of each protocol field. That is, in the embodiment of the present application, the test object constructed first is matched with the protocol, and useless test data is not generated. For example, in the embodiment of the present application, the determined structure of protocol a is field abc, and then field abc is used as the test object of protocol a.
Optionally, in this embodiment of the present application, the test objects of each protocol may be determined in parallel, or the test objects of each protocol may be determined sequentially.
Step S203, aiming at each test object, determining the assignment of each protocol field from an assignment set according to the incidence relation of a plurality of protocol fields and a plurality of protocol fields in the test object to obtain the test object after assignment, wherein the assignment set is determined according to different test strategies, and the test strategies are determined at least according to the data types of the protocol fields in the protocol files of the game to be tested and the communication mode of the game to be tested.
Specifically, in the embodiment of the present application, after each protocol field is determined, each protocol field needs to be assigned, so that the assignments are executed as test data during the test execution process.
In the embodiment of the present application, when assigning values according to each protocol field, an association relationship between the assignments, that is, an association relationship between the protocol fields, for example, as shown in fig. 3, an identifier a field has an association relationship with an identifier B field and an identifier E field, and when assigning values to the identifier a field, the identifier E field needs to be assigned first, then the identifier B field needs to be assigned, and finally the identifier a field needs to be assigned.
In the embodiment of the application, when assigning values to each identification field, compared with the prior art in which the assignment is determined by a fixed assignment function, an assignment set is determined by different test strategies, and the assignment of each identification field is determined in the assignment set.
In the embodiment of the application, the test policy is determined at least according to the data type of each protocol field in each protocol file of the game to be tested and the communication mode of the game to be tested, that is, the test policy is determined according to the data type of the value assignment of each protocol field in the execution process and the communication characteristics of each protocol.
Specifically, in the embodiment of the present application, the data type of each protocol field may refer to a specific type of a numerical value used by each protocol field, such as a single-precision floating point type, an integer type, a long integer type, a double-precision floating point type, or the like, or may refer to a specific range of a specific type of a numerical value used by each protocol field, such as a numerical range of a single-precision floating point type or a numerical range of an integer type, or the like.
Specifically, in the embodiment of the present application, the communication characteristics of each protocol refer to protocol characteristics that may be generated when each protocol is used for communication, for example, different assigned value data can be determined through communication characteristics between the game client to be tested and the game server to be tested, that is, CS communication, SC communication, and the like, and an erroneous communication connection can also be used as the assigned value data, so as to detect whether there is a vulnerability generated by erroneous communication in addition to normal communication, and thus, vulnerability detection can be performed more comprehensively.
In an optional embodiment, the data type test policy corresponding to each protocol file is determined according to the data type of each protocol field in each protocol file of the game to be tested, where the data type test policy at least includes a data type random value sub-policy and a data type boundary value sub-policy corresponding to each protocol file, that is, a policy is defined for each data type used by each protocol file and for each boundary of the data type.
In another optional embodiment, a communication attack strategy between the game server to be tested and the game client to be tested is determined according to a communication mode of the game to be tested, wherein the attack strategy at least comprises a communication attack sub-strategy from the game client to be tested to the game server to be tested, a communication attack sub-strategy from the game server to be tested to the game client to be tested, and a communication attack sub-strategy from the game server to be tested to the game server to be tested, that is, different communication attack strategies are formulated for communication characteristics between the game client to be tested and the game server to be tested.
And taking the data type test strategy corresponding to each protocol file and the communication attack strategy between the game server to be tested and the game client to be tested as test strategies.
In the embodiment of the present application, the communication attack sub-policy from the game server to be tested to the game server to be tested may further include a pre-embedded communication attack sub-policy and a obsolete communication attack sub-policy, that is, it is necessary to determine whether the protocol corresponding to the pre-embedded function can generate an attack vulnerability or not, and it is necessary to determine whether the protocol corresponding to the obsolete function can generate an attack vulnerability or not.
In an optional embodiment, as shown in table 1, the test strategy in the embodiment of the present application specifically includes:
TABLE 1
Figure BDA0002164807260000111
Specifically, in the explanation of the above partial policy, the random value policy means that any value in the data type range can be used as an assignment, for example, any value in the floating point type data is a value in the assignment set.
The boundary value policy refers to the upper and lower boundary of the data type, and the upper and lower line boundary of each data type is used as the value in the assignment set.
The abnormal value is mainly divided into two parts, and one part is accumulated by experience values of game protocol tests, such as: the abnormal value of the integer data, the abnormal value of the floating point data, the positive and negative infinite values of the floating point data and the like. Another part is a library of outliers that references an industry game protocol testing tool.
The protocol identification information strategy refers to that different protocols have different representation information, the identification information of the protocols can be identified when the protocols are analyzed, and if the matching verification of the identification information of the games to be tested on the protocols and the protocol packet body is not strict, all CS, SC and SS protocols can be tested in a traversing way through the strategy.
The SC protocol policy refers to sending protocol data of the game server to be tested to the client, and then sending the protocol data to the server for processing, that is, usually, the game server to be tested sends the protocol data to the game client to be tested, and when a bug exists, that is, if the logic check of the game server to be tested is not strict, the SC protocol is processed, which may cause server logic abnormality, so the SC protocol policy is used to determine whether such a bug exists.
The wrong communication connection strategy means that a plurality of network interface connections exist between the game client to be tested and the game server to be tested, such as: when a game to be tested is logged in and enters a game hall for operation, the client is in network connection with a hall server; when the client enters the replica battle, the client is in network connection with the battle server. The ranges of the protocol identification information processed by different network interfaces are different, so that the same protocol can be sent to the game server to be tested through different network interfaces for processing, logic abnormality of the game server to be tested can be caused, and whether a bug exists or not can be conveniently determined.
The user-defined character string attack strategy refers to that some character strings defined by users can cause the abnormity of the client to be tested, such as crash, death or blockage, the user-defined character strings such as the names of game objects defined by users, and some character strings defined by users can cause the abnormity of the game client to be tested, so that the user-defined character string attack strategy is needed to determine the assignment in the assignment set and test the assignment.
In the embodiment of the application, after the protocol fields and the relevance of the protocol fields are determined, assignments are selected from the assignment set to serve as the assignments of the protocol fields. In an alternative embodiment, the assignments may be randomly chosen from the set of assignments as the assignments for the protocol fields.
In another alternative embodiment, it is determined that each policy in the assignment set has a different weight, and these weights are determined according to the importance of each policy test, and can be adjusted at each test. The corresponding assignments of different strategies are different, so the assignments in the assignment set also have weights, and when the assignments are carried out, the assignments are carried out according to the assignments with different weights.
For example, for fields a, B and C in a test object determined by one protocol, the fields a, B and C need to be assigned, and the assignments in the assignment set are a, B and C, where a corresponds to a policy weight of 1, B corresponds to a policy weight of 2, C corresponds to a policy weight of 3, and weight 1 is greater than weight 2 and greater than weight 3, when an assignment is performed, a is assigned to the field a, B is assigned to the field B, and C is assigned to the field C.
And step S204, taking each assignment as test data to carry out game protocol test.
After the assignment is carried out on the test objects of each protocol, the assignment is used as test data to carry out game protocol test, specifically, in the embodiment of the application, the test data is sent to the game client to be tested, and the test data is sent to the game server to be tested through the game client to be tested; receiving a test response fed back by the game client to be tested, wherein the test response is determined by the game server to be tested according to the running result of the test data; and determining a game protocol test result according to the test response.
In the embodiment of the application, the test response can be test completion or test abnormity, some assignment strategies can consider that the game to be tested has abnormity when the test is abnormal, and some assignment strategies can consider that the game to be tested has abnormity when the test is successful. For example, the assignment corresponding to the abandon/pre-buried protocol policy is used as test data to be tested, and if the test response is test completion, the abandon/pre-buried protocol vulnerability is considered to exist.
In the embodiment of the application, the test of the test data corresponding to each protocol can be performed in parallel, or the test data corresponding to each protocol can be tested one by one. When testing the test data corresponding to one protocol, the method can traverse all the assignments in the assignment set to perform multiple tests, obtain the test responses of the multiple tests, and determine the test result according to the test responses, namely judge whether the game to be tested has a bug.
In order to better explain the embodiment of the present application, a game protocol testing method provided by the embodiment of the present application is described below with reference to a specific implementation scenario, in the present application, a testing tool is an application program running in a game client to be tested, the game client to be tested is a personal computer, for convenience of description, a game to be tested is a game a, the specific scenario is shown in fig. 4, fig. 4 includes a personal computer and a game server to be tested, and the testing tool runs in the personal computer.
When the game protocol test is carried out, firstly, the test tool is operated behind the personal computer, all protocols of the game A are obtained at the storage position of the personal computer game A through the tool to be tested, and the protocols correspond to the game operation function, the game friend-making function and the game upgrading function of the game A. Meanwhile, the association relation of the protocol fields of all the protocols is obtained through the development file of the game A. The protocol fields of all the protocols of the game A are traversed through a recursive algorithm, and test objects aiming at each protocol are constructed according to the format of the traversed fields, and the test objects are matched with the format of the fields of the game A in actual operation.
And then, value assignment needs to be carried out on the test object corresponding to each protocol of the game A, in the embodiment of the application, the weight of the protocol identification information strategy in the value assignment set is the highest, when the value assignment is carried out, the value assignment corresponding to the protocol identification information strategy is firstly selected, and then the game A is tested after the value assignment is carried out. After the test, a test response is obtained, and whether a bug exists in the game A is determined according to the test response.
The above testing process is illustrated by using a flowchart shown in fig. 5, and fig. 5 specifically describes an interaction process among the testing tool, the game a client, and the game a server in the above testing process.
Based on the above embodiments, referring to fig. 6, an embodiment of the present invention provides a game protocol testing apparatus 600, including:
an obtaining unit 601, configured to obtain, for a game to be tested, protocol files of the game to be tested and definition documents of the protocol files, where each game function of the game to be tested corresponds to at least one protocol file, each protocol file at least includes a plurality of protocol fields, and a definition document of each protocol file at least includes an association relationship of the plurality of protocol fields;
a test object constructing unit 602, configured to construct a test object for different protocols according to each protocol field in each protocol file;
an assignment unit 603, configured to determine, for each test object, an assignment of each protocol field from an assignment set according to an association relationship between a plurality of protocol fields and the plurality of protocol fields in the test object, so as to obtain the test object after the assignment, where the assignment set is determined according to different test policies, and the test policies are determined at least according to data types of the protocol fields in each protocol file of the game to be tested and communication modes of the game to be tested;
a test unit 604 for performing game protocol tests using the respective assignments as test data.
Optionally, the obtaining unit 601 is specifically configured to:
acquiring definition documents of each protocol file of the game to be tested through the development file of the game to be tested, and acquiring each protocol file of the game to be tested through reading the memory file of the game to be tested;
and determining the incidence relation of the protocol fields in the protocol files according to the field identifications of the definition documents of the protocol files, and traversing the fields in the protocol files to obtain a plurality of protocol fields at least included in each protocol file.
Optionally, the assignment unit 603 is specifically configured to:
and according to the weight of each assignment in the assignment set, sequentially selecting the assignments in the assignment set as the assignments of each protocol field, wherein the weight of each assignment is determined according to the weight of the test policy.
Optionally, the apparatus further comprises:
a test strategy making unit 606, configured to determine a data type test strategy corresponding to each protocol file according to a data type of each protocol field in each protocol file of the game to be tested, where the data type test strategy at least includes a data type random value sub-strategy and a data type boundary value sub-strategy corresponding to each protocol file;
determining a communication attack strategy between the game server to be tested and the game client to be tested according to the communication mode of the game to be tested, wherein the attack strategy at least comprises a communication attack sub-strategy from the game client to be tested to the game server to be tested, a communication attack sub-strategy from the game server to be tested to the game client to be tested and a communication attack sub-strategy from the game server to be tested to the game server to be tested;
and taking the data type test strategy corresponding to each protocol file and the communication attack strategy between the game server to be tested and the game client to be tested as test strategies.
Optionally, the communication attack sub-policy from the game client to be tested to the game server to be tested includes:
pre-burying a communication attack sub-strategy and a waste communication attack sub-strategy.
Optionally, the test unit 604 is specifically configured to:
sending the test data to a game client to be tested, and sending the test data to a game server to be tested through the game client to be tested;
receiving a test response fed back by a game client to be tested, wherein the test response is determined by the game server to be tested according to the running result of the test data;
and determining a game protocol test result according to the test response.
Based on the same technical concept, the embodiment of the present application provides a computer device, as shown in fig. 7, including at least one processor 701 and a memory 702 connected to the at least one processor, where a specific connection medium between the processor 701 and the memory 702 is not limited in this embodiment, and the processor 701 and the memory 702 are connected through a bus in fig. 7 as an example. The bus may be divided into an address bus, a data bus, a control bus, etc.
In the embodiment of the present application, the memory 702 stores instructions executable by the at least one processor 701, and the at least one processor 701 may execute the steps included in the foregoing game protocol testing method by executing the instructions stored in the memory 702.
The processor 701 is a control center of the computer device, and may connect various parts of the terminal device by using various interfaces and lines, and obtain the client address by executing or executing the instructions stored in the memory 702 and calling the data stored in the memory 702. Optionally, the processor 701 may include one or more processing units, and the processor 701 may integrate an application processor and a modem processor, wherein the application processor mainly handles an operating system, a user interface, an application program, and the like, and the modem processor mainly handles wireless communication. It will be appreciated that the modem processor described above may not be integrated into the processor 701. In some embodiments, processor 701 and memory 702 may be implemented on the same chip, or in some embodiments, they may be implemented separately on separate chips.
The processor 701 may be a general-purpose processor, such as a Central Processing Unit (CPU), a digital signal processor, an Application Specific Integrated Circuit (ASIC), a field programmable gate array or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination thereof, configured to implement or perform the methods, steps, and logic blocks disclosed in the embodiments of the present Application. A general purpose processor may be a microprocessor or any conventional processor or the like. The steps of a method disclosed in connection with the embodiments of the present application may be directly implemented by a hardware processor, or may be implemented by a combination of hardware and software modules in a processor.
Memory 702, which is a non-volatile computer-readable storage medium, may be used to store non-volatile software programs, non-volatile computer-executable programs, and modules. The Memory 702 may include at least one type of storage medium, and may include, for example, a flash Memory, a hard disk, a multimedia card, a card-type Memory, a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Programmable Read Only Memory (PROM), a Read Only Memory (ROM), a charge Erasable Programmable Read Only Memory (EEPROM), a magnetic Memory, a magnetic disk, an optical disk, and so on. The memory 702 is any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to such. The memory 702 in the embodiments of the present application may also be circuitry or any other device capable of performing a storage function for storing program instructions and/or data.
Based on the same technical concept, embodiments of the present application provide a computer-readable storage medium storing a computer program executable by a computer device, which, when the program is run on the computer device, causes the computer device to execute the steps of a game protocol testing method.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made in the embodiments of the present invention without departing from the spirit or scope of the embodiments of the invention. Thus, if such modifications and variations of the embodiments of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to encompass such modifications and variations.

Claims (8)

1. A game protocol testing method, the method comprising:
aiming at a game to be tested, acquiring each protocol file of the game to be tested and a definition document of each protocol file, wherein each game function of the game to be tested at least corresponds to one protocol file, each protocol file at least comprises a plurality of protocol fields, and the definition document of each protocol file at least comprises an incidence relation of the plurality of protocol fields;
constructing test objects aiming at different protocols according to each protocol field in each protocol file;
for each test object, determining the assignment sequence of a plurality of protocol fields in the test object according to the incidence relation of the plurality of protocol fields in the test object; randomly selecting assignments from an assignment set according to the assignment sequence as assignments of each protocol field, or sequentially selecting assignments from the assignment set according to the assignment sequence and the weight of each assignment in the assignment set as assignments of each protocol field to obtain an assigned test object, wherein the weight of each assignment is determined according to the weight of a test strategy, the assignment set is determined according to different test strategies, and the test strategy is determined at least according to the data types of each protocol field in each protocol file of the game to be tested and the communication mode of the game to be tested;
and taking each assignment as test data to carry out game protocol test.
2. The method according to claim 1, wherein the acquiring of the protocol files of the game to be tested and the definition documents of the protocol files specifically comprises:
acquiring definition documents of each protocol file of the game to be tested through the development file of the game to be tested, and acquiring each protocol file of the game to be tested through reading the memory file of the game to be tested;
and determining the incidence relation of the protocol fields in the protocol files according to the field identifications of the definition documents of the protocol files, and traversing the fields in the protocol files to obtain a plurality of protocol fields at least included in each protocol file.
3. The method of claim 1, wherein the testing strategy is determined according to at least a data type of each protocol field in each protocol file of the game to be tested and a communication mode of the game to be tested, and comprises:
determining a data type test strategy corresponding to each protocol file according to the data type of each protocol field in each protocol file of the game to be tested, wherein the data type test strategy at least comprises a data type random value sub-strategy and a data type boundary value sub-strategy corresponding to each protocol file;
determining a communication attack strategy between the game server to be tested and the game client to be tested according to the communication mode of the game to be tested, wherein the attack strategy at least comprises a communication attack sub-strategy from the game client to be tested to the game server to be tested, a communication attack sub-strategy from the game server to be tested to the game client to be tested and a communication attack sub-strategy from the game server to be tested to the game server to be tested;
and taking the data type test strategy corresponding to each protocol file and the communication attack strategy between the game server to be tested and the game client to be tested as test strategies.
4. The method of claim 3, wherein the communication attack sub-strategy of the game client to be tested to the game server to be tested comprises:
pre-burying a communication attack sub-strategy and a waste communication attack sub-strategy.
5. The method of claim 1, wherein said conducting game protocol testing using the respective valuations as test data comprises:
sending the test data to a game client to be tested, and sending the test data to a game server to be tested through the game client to be tested;
receiving a test response fed back by a game client to be tested, wherein the test response is determined by the game server to be tested according to the running result of the test data;
and determining a game protocol test result according to the test response.
6. A game protocol testing apparatus, comprising:
the game testing device comprises an acquisition unit, a storage unit and a processing unit, wherein the acquisition unit is used for acquiring each protocol file of a game to be tested and a definition document of each protocol file, each game function of the game to be tested at least corresponds to one protocol file, each protocol file at least comprises a plurality of protocol fields, and the definition document of each protocol file at least comprises an incidence relation of the plurality of protocol fields;
the test object constructing unit is used for constructing test objects aiming at different protocols according to the protocol fields in the protocol files;
the assignment unit is used for determining the assignment sequence of a plurality of protocol fields in each test object according to the incidence relation of the plurality of protocol fields in the test object; randomly selecting assignments from an assignment set according to the assignment sequence as assignments of each protocol field, or sequentially selecting assignments from the assignment set according to the assignment sequence and the weight of each assignment in the assignment set as assignments of each protocol field to obtain an assigned test object, wherein the weight of each assignment is determined according to the weight of a test strategy, the assignment set is determined according to different test strategies, and the test strategy is determined at least according to the data types of each protocol field in each protocol file of the game to be tested and the communication mode of the game to be tested;
and the testing unit is used for carrying out game protocol testing by taking each assignment as testing data.
7. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the steps of the method of any one of claims 1 to 5 are performed when the program is executed by the processor.
8. A computer-readable storage medium, having stored thereon a computer program executable by a computer device, for causing the computer device to perform the steps of the method of any one of claims 1 to 5, when the program is run on the computer device.
CN201910743542.0A 2019-08-13 2019-08-13 Game protocol testing method and device Active CN110474900B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910743542.0A CN110474900B (en) 2019-08-13 2019-08-13 Game protocol testing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910743542.0A CN110474900B (en) 2019-08-13 2019-08-13 Game protocol testing method and device

Publications (2)

Publication Number Publication Date
CN110474900A CN110474900A (en) 2019-11-19
CN110474900B true CN110474900B (en) 2021-11-02

Family

ID=68510575

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910743542.0A Active CN110474900B (en) 2019-08-13 2019-08-13 Game protocol testing method and device

Country Status (1)

Country Link
CN (1) CN110474900B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112948232A (en) * 2019-12-10 2021-06-11 腾讯科技(深圳)有限公司 Game protocol testing method and device, electronic equipment and storage medium
CN111309620B (en) * 2020-02-24 2024-05-07 腾讯科技(成都)有限公司 Game protocol testing method and device, electronic equipment and storage medium
CN113765862B (en) * 2020-06-05 2024-02-09 腾讯科技(成都)有限公司 Game protocol testing method, device, equipment and computer readable storage medium
CN112565026B (en) * 2021-02-20 2021-06-04 支付宝(杭州)信息技术有限公司 Test frame generation method, device and equipment
CN113709126A (en) * 2021-08-18 2021-11-26 深圳开源互联网安全技术有限公司 Network protocol security fuzzy test method, device, equipment and storage medium
CN114944997B (en) * 2022-03-24 2024-02-20 浙江大华技术股份有限公司 Protocol detection method, protocol detection device and computer readable storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102035857A (en) * 2010-12-31 2011-04-27 北京像素软件科技股份有限公司 Method for simulating group self-organization behaviors of multiple game characters
CN102819486A (en) * 2011-06-09 2012-12-12 腾讯科技(深圳)有限公司 Automatic networking product testing system and automatic networking product testing method
CN103593294A (en) * 2013-11-21 2014-02-19 福建天晴数码有限公司 Method and system for testing network game performance
US8868646B2 (en) * 2010-12-21 2014-10-21 Electronics And Telecommunications Research Institute Apparatus and method for generating virtual game clients
CN104536888A (en) * 2014-12-24 2015-04-22 网易(杭州)网络有限公司 Game testing method and system for mobile devices
CN105721239A (en) * 2016-01-18 2016-06-29 网易(杭州)网络有限公司 Game test method, device and game system
CN108255727A (en) * 2018-01-18 2018-07-06 网易(杭州)网络有限公司 Data receiver, sending method and device test system, storage medium

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020091968A1 (en) * 2001-01-08 2002-07-11 Donald Moreaux Object-oriented data driven software GUI automated test harness
US20080222463A1 (en) * 2007-03-05 2008-09-11 Interdigital Technology Corporation Apparatus, method and product for testing communications components

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8868646B2 (en) * 2010-12-21 2014-10-21 Electronics And Telecommunications Research Institute Apparatus and method for generating virtual game clients
CN102035857A (en) * 2010-12-31 2011-04-27 北京像素软件科技股份有限公司 Method for simulating group self-organization behaviors of multiple game characters
CN102819486A (en) * 2011-06-09 2012-12-12 腾讯科技(深圳)有限公司 Automatic networking product testing system and automatic networking product testing method
CN103593294A (en) * 2013-11-21 2014-02-19 福建天晴数码有限公司 Method and system for testing network game performance
CN104536888A (en) * 2014-12-24 2015-04-22 网易(杭州)网络有限公司 Game testing method and system for mobile devices
CN105721239A (en) * 2016-01-18 2016-06-29 网易(杭州)网络有限公司 Game test method, device and game system
CN108255727A (en) * 2018-01-18 2018-07-06 网易(杭州)网络有限公司 Data receiver, sending method and device test system, storage medium

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
An Automated Negotiation Protocol Based On Game Theory;Chenming Li;《http://www.scirp.org/journal/cweee》;20140731;全文 *
游戏协议测试理论;佚名;《https://blog.csdn.net/SR0ad/article/details/8253126》;20121203;全文 *
网络游戏闯关系统的设计与实现;阳福林;《中国优秀硕士学位论文全文数据库信息科技辑》;20160815(第08期);全文 *

Also Published As

Publication number Publication date
CN110474900A (en) 2019-11-19

Similar Documents

Publication Publication Date Title
CN110474900B (en) Game protocol testing method and device
CN109347787B (en) Identity information identification method and device
CN109375945B (en) Firmware version detection method and vulnerability repair rate evaluation method for Internet of things equipment
CN109376078B (en) Mobile application testing method, terminal equipment and medium
CN108427731B (en) Page code processing method and device, terminal equipment and medium
CN113489713B (en) Network attack detection method, device, equipment and storage medium
CN107329894B (en) Application program system testing method and device and electronic equipment
CN110866258B (en) Rapid vulnerability positioning method, electronic device and storage medium
CN106528393A (en) Method and device for Mock testing of WebService
CN111338692B (en) Vulnerability classification method and device based on vulnerability codes and electronic equipment
CN109783346B (en) Keyword-driven automatic testing method and device and terminal equipment
CN111414402A (en) Log threat analysis rule generation method and device
US9026612B2 (en) Generating a custom parameter rule based on a comparison of a run-time value to a request URL
CN110287700B (en) iOS application security analysis method and device
US10241957B2 (en) Workload patterns for realistic load recreation in performance testing
CN112181430A (en) Code change statistical method and device, electronic equipment and storage medium
CN114139161A (en) Method, device, electronic equipment and medium for batch vulnerability detection
CN106709335B (en) Vulnerability detection method and device
WO2021183382A1 (en) Graph-based method for inductive bug localization
CN110766402B (en) Transaction sequence dependency vulnerability detection method, system, electronic device and storage medium
US10931693B2 (en) Computation apparatus and method for identifying attacks on a technical system on the basis of events of an event sequence
CN109446054B (en) Processing method and terminal equipment for override operation request based on big data
CN111046393A (en) Vulnerability information uploading method and device, terminal equipment and storage medium
CN115391230A (en) Test script generation method, test script penetration method, test script generation device, test penetration device, test equipment and test medium
CN115643044A (en) Data processing method, device, server and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant