fix(fuzz): use effective parameter for frequency tracking

[Rhan2020]

Fixes a bug in fuzz param frequency tracking where we computed an actualParameter (e.g. numeric path segment -> real segment value) but still fed the original parameter into the frequency tracker.

This could cause unrelated inputs to collide under numeric indices and suppress legitimate fuzzing.

Changes:

• Use actualParameter when calling FuzzParamsFrequency.IsParameterFrequent.

Proof:

• go test ./...

/claim #6398

Summary by CodeRabbit

• Bug Fixes
  • Fixed parameter frequency check in fuzzing operations to evaluate the correct parameter value when determining skip conditions. This improvement enhances accuracy for skipping fuzzing requests during parameter substitution, particularly for numeric and empty-original parameter scenarios.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9142eae and 00a48c0.

📒 Files selected for processing (1)

• pkg/fuzz/parts.go

---

Walkthrough

A parameter reference in the fuzz parameter frequency check was replaced from parameter to actualParameter in a single location, altering which value is evaluated when determining if a fuzzing request should be skipped due to parameter frequency.

Changes

Cohort / File(s)	Summary
Fuzz Parameter Evaluation pkg/fuzz/parts.go	Changed frequency check parameter from parameter to actualParameter, affecting which value is evaluated when substituted parameters (e.g., numeric or empty-original cases) are assessed for skip behavior.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 A hop, a skip, the parameter shifts,
From old to new, a logical gift,
actualParameter takes the stage,
Frequency checks turn a cleaner page,
Fuzzing flows true, the bugs take flight!

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the primary change: using the effective (actual) parameter instead of the original parameter for frequency tracking in the fuzz functionality.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[neo-by-projectdiscovery-dev]

Neo - PR Security Review

No security issues found

Highlights

• Fixes frequency tracking bug where numeric path indices collided instead of using actual parameter values
• Changes IsParameterFrequent() call to use actualParameter instead of parameter

_{Comment @neo help for available commands. · Open in Neo}