fix(fuzz): deterministic path iteration and frequency dedup for numeric segments

[a638011]

Proposed Changes

Fixes #6398 — fuzzing templates skip numeric path parts (e.g. 55 in /user/55/profile).

Found two independent root causes:

1. Non-deterministic path segment iteration

Path.Parse() stored segments in a plain map[string]interface{}, which has random iteration order in Go. This caused segments to be visited in unpredictable order across runs, sometimes skipping numeric parts entirely.

Fix: Switch to OrderedMap (same pattern used by the Cookie component) and update Rebuild() to use the KV.Get() accessor instead of direct .Map.GetOrDefault() access.

2. Frequency tracker index collision

The frequency dedup in parts.go passed the numeric index key ("1", "2", "3") to IsParameterFrequent() instead of the actual parameter value ("user", "55", "profile"). This caused cross-target collisions — different URLs with the same number of path segments would suppress each other in the frequency tracker.

Fix: Use actualParameter (which already resolves numeric indices to their values) for frequency tracking.

Proof

All existing + new tests pass:

$ go test ./pkg/fuzz/component/ -run TestPathComponent -v -count=1
=== RUN   TestPathComponent_SQLInjection
    Key: 1, Value: user
    Key: 2, Value: 55
    Key: 3, Value: profile
    Modified path: /user/55 OR True/profile
--- PASS: TestPathComponent_SQLInjection
=== RUN   TestPathComponent_DeterministicOrder
--- PASS: TestPathComponent_DeterministicOrder  (50 iterations)
PASS

Checklist

• PR created against the dev branch
• All existing tests pass
• Regression test added (50 iterations for deterministic ordering)
• Minimal diff: 3 files, +37/-6 lines

/claim #6398

Summary by CodeRabbit

• Bug Fixes

  • Fixed parameter handling in frequency-based parameter skipping logic for accurate operation.

• Improvements

  • Path segment processing now maintains insertion order, providing deterministic and consistent results across multiple runs.

• Tests

  • Added regression test to verify path segment ordering consistency across repeated operations.

[neo-by-projectdiscovery-dev]

Neo - PR Security Review

No security issues found

Highlights

• Fixes non-deterministic path segment iteration by switching from plain map to OrderedMap
• Fixes frequency tracker collision by using actual parameter values instead of numeric indices
• Adds regression test with 50 iterations to verify deterministic ordering

_{Comment @neo help for available commands. · Open in Neo}

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9142eae and 1ae4450.

📒 Files selected for processing (3)

• pkg/fuzz/component/path.go
• pkg/fuzz/component/path_test.go
• pkg/fuzz/parts.go

---

Walkthrough

Changes address path segment fuzzing by replacing unordered maps with ordered maps to preserve insertion order, adding a regression test for deterministic ordering, and fixing a parameter reference in the frequent-parameter skip logic.

Changes

Cohort / File(s)	Summary
Path Component Data Structure pkg/fuzz/component/path.go, pkg/fuzz/component/path_test.go	Switches path segment collection from native map to NewOrderedMap[string, any]() for deterministic ordering. Updates storage to use dataformat.KVOrderedMap(&values). Modifies segment access patterns from Map.GetOrDefault() to direct Get() calls. Adds regression test TestPathComponent_DeterministicOrder to verify insertion order preservation across 50 runs with numeric and string path segments.
Parameter Reference Fix pkg/fuzz/parts.go	Corrects frequent-parameter skip logic to use actualParameter instead of parameter, aligning the frequency check with the parameter value that will be used after potential replacement.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 Ordered paths now hop with care,
Numeric segments skip no more fair,
Maps preserve the right sequence true,
Fuzzing templates fixed anew! 🐇✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main changes: fixing deterministic path iteration (via OrderedMap) and frequency dedup for numeric segments (via actualParameter), directly addressing the bug described in #6398.
Linked Issues check	✅ Passed	The PR fully addresses #6398 objectives: uses OrderedMap for deterministic path iteration, switches frequency dedup to use actualParameter instead of numeric indices, adds regression test, and restores correct fuzzing of all path segments.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to fixing #6398: path ordering in path.go, frequency dedup in parts.go, and a regression test in path_test.go. No extraneous modifications detected.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}