Skip to content
This repository has been archived by the owner on Nov 1, 2023. It is now read-only.

Use minimized stack for crash site if no ASAN logs available #2962

Merged
merged 2 commits into from
Apr 4, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -138,7 +138,7 @@ public async Async.Task<string> Render(string templateString, Uri instanceUrl, b
true => new TemplateContext {
EnableRelaxedFunctionAccess = false,
EnableRelaxedIndexerAccess = false,
EnableRelaxedMemberAccess = false,
EnableRelaxedMemberAccess = true,
EnableRelaxedTargetAccess = false
},
_ => new TemplateContext()
Expand Down
21 changes: 21 additions & 0 deletions src/ApiService/IntegrationTests/JinjaToScribanMigrationTests.cs
Original file line number Diff line number Diff line change
Expand Up @@ -362,6 +362,12 @@ public async Async.Task Access_WithoutAuthorization_IsRejected() {
result.StatusCode.Should().Be(System.Net.HttpStatusCode.BadRequest);
}

[Fact]
public async Async.Task Do_Not_Enforce_Key_Exists_In_Strict_Validation() {
(await JinjaTemplateAdapter.IsValidScribanNotificationTemplate(Context, Logger, ValidScribanAdoTemplate()))
.Should().BeTrue();
}

private async Async.Task ConfigureAuth() {
await Context.InsertAll(
new InstanceConfig(Context.ServiceConfiguration.OneFuzzInstanceName!) { Admins = new[] { _userObjectId } } // needed for admin check
Expand Down Expand Up @@ -412,4 +418,19 @@ private static GithubIssuesTemplate MigratableGithubTemplate() {
private static TeamsTemplate GetTeamsTemplate() {
return new TeamsTemplate(new SecretData<string>(new SecretValue<string>("https://example.com")));
}

private static AdoTemplate ValidScribanAdoTemplate() {
return new AdoTemplate(
new Uri("http://example.com"),
new SecretData<string>(new SecretValue<string>("some secret")),
"{{ if task.tags.project }} blah {{ end }}",
string.Empty,
Array.Empty<string>().ToList(),
new Dictionary<string, string>(),
new ADODuplicateTemplate(
Array.Empty<string>().ToList(),
new Dictionary<string, string>(),
new Dictionary<string, string>()
));
}
}
2 changes: 1 addition & 1 deletion src/agent/onefuzz-task/src/tasks/report/dotnet/generic.rs
Original file line number Diff line number Diff line change
Expand Up @@ -208,7 +208,7 @@ impl AsanProcessor {
input_blob,
executable,
crash_type: exception.exception,
crash_site: exception.call_stack[0].clone(),
Porges marked this conversation as resolved.
Show resolved Hide resolved
crash_site: exception.call_stack.first().cloned().unwrap_or_default(),
call_stack: exception.call_stack,
call_stack_sha256,
minimized_stack: None,
Expand Down
43 changes: 13 additions & 30 deletions src/agent/onefuzz/src/input_tester.rs
Original file line number Diff line number Diff line change
Expand Up @@ -16,14 +16,13 @@ use nix::sys::signal::{kill, Signal};
use stacktrace_parser::CrashLog;
#[cfg(any(target_os = "linux", target_family = "windows"))]
use stacktrace_parser::StackEntry;
use std::ffi::OsStr;
#[cfg(target_os = "linux")]
use std::process::Stdio;
use std::{collections::HashMap, path::Path, time::Duration};
use tempfile::tempdir;

const DEFAULT_TIMEOUT: Duration = Duration::from_secs(5);
#[cfg(any(target_os = "linux", target_family = "windows"))]
const CRASH_SITE_UNAVAILABLE: &str = "<crash site unavailable>";

pub struct Tester<'a> {
setup_dir: &'a Path,
Expand Down Expand Up @@ -140,14 +139,14 @@ impl<'a> Tester<'a> {
#[cfg(target_family = "windows")]
async fn test_input_debugger(
&self,
argv: Vec<String>,
env: HashMap<String, String>,
argv: &[impl AsRef<OsStr>],
env: &HashMap<String, String>,
) -> Result<Option<CrashLog>> {
const IGNORE_FIRST_CHANCE_EXCEPTIONS: bool = true;
let report = input_tester::crash_detector::test_process(
self.exe_path,
&argv,
&env,
argv,
env,
self.timeout,
IGNORE_FIRST_CHANCE_EXCEPTIONS,
)?;
Expand Down Expand Up @@ -182,18 +181,11 @@ impl<'a> Tester<'a> {
})
.collect();

let crash_site = if let Some(frame) = call_stack.get(0) {
frame.line.to_owned()
} else {
CRASH_SITE_UNAVAILABLE.to_owned()
};

let fault_type = exception.description.to_string();
let sanitizer = fault_type.to_string();
let summary = crash_site;

Some(CrashLog::new(
None, summary, sanitizer, fault_type, None, None, call_stack,
None, None, sanitizer, fault_type, None, None, call_stack,
)?)
} else {
None
Expand All @@ -205,12 +197,12 @@ impl<'a> Tester<'a> {
#[cfg(target_os = "linux")]
async fn test_input_debugger(
&self,
args: Vec<String>,
env: HashMap<String, String>,
args: &[impl AsRef<OsStr>],
env: &HashMap<String, String>,
) -> Result<Option<CrashLog>> {
let mut cmd = std::process::Command::new(self.exe_path);
cmd.args(args).stdin(Stdio::null());
cmd.envs(&env);
cmd.envs(env);

let (sender, receiver) = std::sync::mpsc::channel();

Expand Down Expand Up @@ -265,19 +257,11 @@ impl<'a> Tester<'a> {
.collect();

let crash_type = crash.signal.to_string();

let crash_site = if let Some(frame) = crash_thread.callstack.get(0) {
frame.to_string()
} else {
CRASH_SITE_UNAVAILABLE.to_owned()
};

let summary = crash_site;
let sanitizer = crash_type.clone();
let fault_type = crash_type;

Some(CrashLog::new(
None, summary, sanitizer, fault_type, None, None, call_stack,
None, None, sanitizer, fault_type, None, None, call_stack,
)?)
} else {
None
Expand All @@ -301,9 +285,7 @@ impl<'a> Tester<'a> {
.target_exe(self.exe_path)
.target_options(self.arguments)
.setup_dir(self.setup_dir)
.set_optional(self.extra_dir.as_ref(), |expand, extra_dir| {
expand.extra_dir(extra_dir)
});
.set_optional(self.extra_dir, Expand::extra_dir);

let argv = expand.evaluate(self.arguments)?;
let mut env: HashMap<String, String> = HashMap::new();
Expand All @@ -317,6 +299,7 @@ impl<'a> Tester<'a> {
Some(v) => update_path(v.clone().into(), setup_dir)?,
None => get_path_with_directory(PATH, setup_dir)?,
};

env.insert(PATH.to_string(), new_path.to_string_lossy().to_string());
}
if self.add_setup_to_ld_library_path {
Expand All @@ -343,7 +326,7 @@ impl<'a> Tester<'a> {
let attempts = 1 + self.check_retry_count;
for _ in 0..attempts {
let result = if self.check_debugger {
match self.test_input_debugger(argv.clone(), env.clone()).await {
match self.test_input_debugger(&argv, &env).await {
Ok(crash) => (crash, None, None),
Err(error) => (None, Some(error), None),
}
Expand Down
15 changes: 13 additions & 2 deletions src/agent/stacktrace-parser/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -155,7 +155,7 @@ fn filter_funcs(entry: &StackEntry, stack_filter: &RegexSet) -> Option<StackEntr
impl CrashLog {
pub fn new(
text: Option<String>,
summary: String,
summary: Option<String>,
sanitizer: String,
fault_type: String,
scariness_score: Option<u32>,
Expand Down Expand Up @@ -197,6 +197,15 @@ impl CrashLog {
let minimized_stack_function_names = stack_names(&minimized_stack_details);
let minimized_stack_function_lines = stack_function_lines(&minimized_stack_details);

// if summary was not supplied,
// use first line of minimized stack
// or else first line of stack,
// or else nothing
let summary = summary
.or_else(|| minimized_stack.first().cloned())
.or_else(|| call_stack.first().cloned())
.unwrap_or_else(|| "<crash site unavailable>".to_string());

Ok(Self {
text,
sanitizer,
Expand All @@ -220,7 +229,7 @@ impl CrashLog {
let (scariness_score, scariness_description) = parse_scariness(&text);
Self::new(
Some(text),
summary,
Some(summary),
sanitizer,
fault_type,
scariness_score,
Expand Down Expand Up @@ -325,6 +334,8 @@ mod tests {
if skip_files.contains(&file_name) {
eprintln!("skipping file: {file_name}");
continue;
} else {
eprintln!("parsing file: {file_name}");
}

let data_raw =
Expand Down