def handle_timeout(subscriber, subscription, ack_id, oss_fuzz_dir, message):
"""Handle a timeout."""
subscriber.acknowledge(subscription=subscription, ack_ids=[ack_id])
bisect_type = message.attributes['type']
source_id = get_source_id(message)
logging.error('Task %s timed out (source_id=%s)', bisect_type, source_id)
if bisect_type not in ('fixed', 'regressed'):
return
old_commit = message.attributes['old_commit']
new_commit = message.attributes['new_commit']
if bisect_type == 'fixed':
entity = osv.FixResult(id=source_id)
else:
assert bisect_type == 'regressed'
entity = osv.RegressResult(id=source_id)
_set_result_attributes(oss_fuzz_dir, message, entity)
entity.commit = format_commit_range(old_commit, new_commit)
entity.error = 'Timeout'
entity.put()
def process_bisect_task(oss_fuzz_dir, bisect_type, source_id, message):
"""Process a bisect task."""
bisect_type = message.attributes['type']
project_name = message.attributes['project_name']
engine = 'libfuzzer'
architecture = message.attributes['architecture'] or 'x86_64'
sanitizer = message.attributes['sanitizer']
fuzz_target = message.attributes['fuzz_target']
old_commit = message.attributes['old_commit']
new_commit = message.attributes['new_commit']
testcase = message.data
logging.info(
'Performing %s bisect on source_id=%s, project=%s, engine=%s, '
'architecture=%s, sanitizer=%s, fuzz_target=%s, old_commit=%s, '
'new_commit=%s', bisect_type, source_id, project_name, engine,
architecture, sanitizer, fuzz_target, old_commit, new_commit)
result = None
if project_name in PROJECT_DENYLIST:
logging.info('Skipping bisect for denylisted project %s', project_name)
elif not old_commit:
logging.info('Skipping bisect since there is no old_commit.')
else:
result = do_bisect(bisect_type, source_id, project_name, engine,
sanitizer, architecture, fuzz_target, old_commit,
new_commit, testcase)
if result.repo_url in REPO_DENYLIST:
logging.info('Skipping because of denylisted repo %s.',
result.repo_url)
return
if bisect_type == 'fixed':
entity = osv.FixResult(id=source_id)
else:
assert bisect_type == 'regressed'
entity = osv.RegressResult(id=source_id)
_set_result_attributes(oss_fuzz_dir, message, entity)
if result and result.commit:
logging.info('Bisected to %s', result.commit)
entity.commit = result.commit
entity.repo_url = result.repo_url
else:
logging.info(
'Bisect not successfully performed. Setting commit range from request.'
)
entity.commit = format_commit_range(old_commit, new_commit)
entity.repo_url = result.repo_url if result else None
entity.error = 'Bisect error'
entity.put()
def test_fixed_range_too_long(self):
"""Test fixed range that's too long."""
message = mock.Mock()
message.attributes = {
'source_id': 'oss-fuzz:123',
'allocated_id': 'OSV-2020-1337',
}
regress_result = osv.RegressResult(
id='oss-fuzz:123',
commit='eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
repo_url='https://repo.com/repo',
issue_id='9001',
project='project',
ecosystem='ecosystem',
summary='Heap-buffer-overflow in Foo',
severity='MEDIUM',
reference_urls=['https://url/'])
regress_result.put()
fix_result = osv.FixResult(
id='oss-fuzz:123',
commit=('eefe8ec3f1f90d0e684890e810f3f21e8500a4cd:'
'b587c21c36a84e16cfc6b39eb68578d43b5281ad'),
repo_url='https://repo.com/repo',
project='project',
ecosystem='ecosystem',
summary='Heap-buffer-overflow in Foo',
details='DETAILS',
severity='MEDIUM',
reference_urls=['https://url/'])
fix_result.put()
oss_fuzz.process_impact_task('oss-fuzz:123', message)
self.expect_dict_equal(
'fixed_range_too_long',
ndb.Key(osv.Bug, 'OSV-2020-1337').get()._to_dict())
affected_commits = list(osv.AffectedCommit.query())
self.assertCountEqual([
'b9b3fd4732695b83c3068b7b6a14bb372ec31f98',
'ff8cc32ba60ad9cbb3b23f0a82aad96ebe9ff76b',
'febfac1940086bc1f6d3dc33fda0a1d1ba336209',
'4c155795426727ea05575bd5904321def23c03f4',
'b1c95a196f22d06fcf80df8c6691cd113d8fefff',
'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
'8d8242f545e9cec3e6d0d2e3f5bde8be1c659735',
'3ea6feea9bb853596c727abab309476cc07d1505',
'36f0bd9549298b44f9ff2496c9dd1326b3a9d0e2',
], [commit.commit for commit in affected_commits])
def handle_timeout(task_type, source_id, oss_fuzz_dir, message):
"""Handle a timeout."""
old_commit = message.attributes['old_commit']
new_commit = message.attributes['new_commit']
if task_type == 'fixed':
entity = osv.FixResult(id=source_id)
else:
assert task_type == 'regressed'
entity = osv.RegressResult(id=source_id)
_set_result_attributes(oss_fuzz_dir, message, entity)
entity.commit = format_commit_range(old_commit, new_commit)
entity.error = 'Timeout'
entity.put()
def test_zero_regression_range(self):
"""Test regression range with "0:X"."""
message = mock.Mock()
message.attributes = {
'source_id': 'oss-fuzz:123',
'allocated_id': 'OSV-2020-1337',
}
regress_result = osv.RegressResult(
id='oss-fuzz:123',
commit='unknown:eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
repo_url='https://repo.com/repo',
issue_id='9001',
project='project',
ecosystem='ecosystem',
summary='Heap-buffer-overflow in Foo',
severity='MEDIUM',
reference_urls=['https://url/'])
regress_result.put()
fix_result = osv.FixResult(
id='oss-fuzz:123',
commit='8d8242f545e9cec3e6d0d2e3f5bde8be1c659735',
repo_url='https://repo.com/repo',
project='project',
ecosystem='ecosystem',
summary='Heap-buffer-overflow in Foo',
details='DETAILS',
severity='MEDIUM',
reference_urls=['https://url/'])
fix_result.put()
oss_fuzz.process_impact_task('oss-fuzz:123', message)
self.expect_dict_equal(
'zero_regression_range',
ndb.Key(osv.Bug, 'OSV-2020-1337').get()._to_dict())
affected_commits = list(osv.AffectedCommit.query())
self.assertCountEqual([
'ff8cc32ba60ad9cbb3b23f0a82aad96ebe9ff76b',
'febfac1940086bc1f6d3dc33fda0a1d1ba336209',
'4c155795426727ea05575bd5904321def23c03f4',
'b1c95a196f22d06fcf80df8c6691cd113d8fefff',
'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
], [commit.commit for commit in affected_commits])
def test_simplify_range(self):
"""Test simplifying commit range."""
message = mock.Mock()
message.attributes = {
'source_id': 'oss-fuzz:123',
'allocated_id': 'OSV-2020-1337',
}
regress_result = osv.RegressResult(
id='oss-fuzz:123',
commit=('a2ba949290915d445d34d0e8e9de2e7ce38198fc:'
'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd'),
repo_url='https://repo.com/repo',
issue_id='9001',
project='project',
ecosystem='ecosystem',
summary='Heap-buffer-overflow in Foo',
severity='MEDIUM',
reference_urls=['https://url/'])
regress_result.put()
fix_result = osv.FixResult(
id='oss-fuzz:123',
commit=('b1c95a196f22d06fcf80df8c6691cd113d8fefff:'
'8d8242f545e9cec3e6d0d2e3f5bde8be1c659735'),
repo_url='https://repo.com/repo',
project='project',
ecosystem='ecosystem',
summary='Heap-buffer-overflow in Foo',
details='DETAILS',
severity='MEDIUM',
reference_urls=['https://url/'])
fix_result.put()
oss_fuzz.process_impact_task('oss-fuzz:123', message)
self.expect_dict_equal(
'simplify_range',
ndb.Key(osv.Bug, 'OSV-2020-1337').get()._to_dict())
def test_not_fixed(self):
"""Test not fixed bug."""
message = mock.Mock()
message.attributes = {
'source_id': 'oss-fuzz:123',
'allocated_id': '2020-1337',
}
regress_result = osv.RegressResult(
id='oss-fuzz:123',
commit='eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
repo_url='https://repo.com/repo',
issue_id='9001',
project='project',
ecosystem='ecosystem',
summary='Heap-buffer-overflow in Foo',
details='DETAILS',
severity='MEDIUM',
reference_urls=['https://url/'])
regress_result.put()
oss_fuzz.process_impact_task('oss-fuzz:123', message)
self.assertDictEqual(
{
'affected': [
'branch-v0.1.1', 'branch-v0.1.1-with-fix',
'branch_1_cherrypick_regress', 'v0.1.1', 'v0.2'
],
'affected_fuzzy': ['0-1-1', '0-1-1', '1', '0-1-1', '0-2'],
'additional_commit_ranges': [{
'introduced_in':
'febfac1940086bc1f6d3dc33fda0a1d1ba336209',
'fixed_in': None
}],
'fixed':
'',
'regressed':
'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
'repo_url':
'https://repo.com/repo',
'confidence':
100,
'issue_id':
'9001',
'last_modified':
datetime.datetime(2021, 1, 1, 0, 0),
'timestamp':
datetime.datetime(2020, 1, 1),
'source_id':
'oss-fuzz:123',
'project':
'project',
'ecosystem':
'ecosystem',
'summary':
'Heap-buffer-overflow in Foo',
'details':
'DETAILS',
'severity':
'MEDIUM',
'sort_key':
'2020-0001337',
'source_of_truth':
osv.SourceOfTruth.INTERNAL,
'reference_urls': ['https://url/'],
'public':
False,
'status':
osv.BugStatus.PROCESSED.value,
'has_affected':
True,
'search_indices': ['project', '2020-1337', '2020', '1337'],
},
ndb.Key(osv.Bug, '2020-1337').get()._to_dict())
affected_commits = list(osv.AffectedCommit.query())
for commit in affected_commits:
self.assertEqual(100, commit.confidence)
self.assertEqual('project', commit.project)
self.assertCountEqual([
'ff8cc32ba60ad9cbb3b23f0a82aad96ebe9ff76b',
'febfac1940086bc1f6d3dc33fda0a1d1ba336209',
'4c155795426727ea05575bd5904321def23c03f4',
'b1c95a196f22d06fcf80df8c6691cd113d8fefff',
'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
'36f0bd9549298b44f9ff2496c9dd1326b3a9d0e2',
'8d8242f545e9cec3e6d0d2e3f5bde8be1c659735',
'b9b3fd4732695b83c3068b7b6a14bb372ec31f98',
'b587c21c36a84e16cfc6b39eb68578d43b5281ad',
'88e5ae3c40c85b702ba89a34c29f233048abb12b',
'3ea6feea9bb853596c727abab309476cc07d1505',
], [commit.commit for commit in affected_commits])
def test_simplify_range(self):
"""Test simplifying commit range."""
message = mock.Mock()
message.attributes = {
'source_id': 'oss-fuzz:123',
'allocated_id': '2020-1337',
}
regress_result = osv.RegressResult(
id='oss-fuzz:123',
commit=('a2ba949290915d445d34d0e8e9de2e7ce38198fc:'
'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd'),
repo_url='https://repo.com/repo',
issue_id='9001',
project='project',
ecosystem='ecosystem',
summary='Heap-buffer-overflow in Foo',
severity='MEDIUM',
reference_urls=['https://url/'])
regress_result.put()
fix_result = osv.FixResult(
id='oss-fuzz:123',
commit=('b1c95a196f22d06fcf80df8c6691cd113d8fefff:'
'8d8242f545e9cec3e6d0d2e3f5bde8be1c659735'),
repo_url='https://repo.com/repo',
project='project',
ecosystem='ecosystem',
summary='Heap-buffer-overflow in Foo',
details='DETAILS',
severity='MEDIUM',
reference_urls=['https://url/'])
fix_result.put()
oss_fuzz.process_impact_task('oss-fuzz:123', message)
self.assertDictEqual(
{
'affected':
['branch-v0.1.1', 'branch_1_cherrypick_regress', 'v0.1.1'],
'affected_fuzzy': ['0-1-1', '1', '0-1-1'],
'additional_commit_ranges': [{
'introduced_in':
'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
'fixed_in':
'b9b3fd4732695b83c3068b7b6a14bb372ec31f98'
}, {
'introduced_in':
'febfac1940086bc1f6d3dc33fda0a1d1ba336209',
'fixed_in': None
}],
'fixed':
'8d8242f545e9cec3e6d0d2e3f5bde8be1c659735',
'regressed':
'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
'repo_url':
'https://repo.com/repo',
'confidence':
100,
'issue_id':
'9001',
'last_modified':
datetime.datetime(2021, 1, 1, 0, 0),
'timestamp':
datetime.datetime(2020, 1, 1),
'source_id':
'oss-fuzz:123',
'project':
'project',
'ecosystem':
'ecosystem',
'summary':
'Heap-buffer-overflow in Foo',
'details':
'DETAILS',
'severity':
'MEDIUM',
'sort_key':
'2020-0001337',
'source_of_truth':
osv.SourceOfTruth.INTERNAL,
'reference_urls': ['https://url/'],
'public':
False,
'status':
osv.BugStatus.PROCESSED.value,
'has_affected':
True,
'search_indices': ['project', '2020-1337', '2020', '1337'],
},
ndb.Key(osv.Bug, '2020-1337').get()._to_dict())
def test_zero_regression_range(self):
"""Test regression range with "0:X"."""
message = mock.Mock()
message.attributes = {
'source_id': 'oss-fuzz:123',
'allocated_id': '2020-1337',
}
regress_result = osv.RegressResult(
id='oss-fuzz:123',
commit='unknown:eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
repo_url='https://repo.com/repo',
issue_id='9001',
project='project',
ecosystem='ecosystem',
summary='Heap-buffer-overflow in Foo',
severity='MEDIUM',
reference_urls=['https://url/'])
regress_result.put()
fix_result = osv.FixResult(
id='oss-fuzz:123',
commit='8d8242f545e9cec3e6d0d2e3f5bde8be1c659735',
repo_url='https://repo.com/repo',
project='project',
ecosystem='ecosystem',
summary='Heap-buffer-overflow in Foo',
details='DETAILS',
severity='MEDIUM',
reference_urls=['https://url/'])
fix_result.put()
oss_fuzz.process_impact_task('oss-fuzz:123', message)
self.assertDictEqual(
{
'affected':
['branch-v0.1.1', 'branch_1_cherrypick_regress', 'v0.1.1'],
'affected_fuzzy': ['0-1-1', '1', '0-1-1'],
'additional_commit_ranges': [],
'fixed':
'8d8242f545e9cec3e6d0d2e3f5bde8be1c659735',
'regressed':
'unknown:eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
'repo_url':
'https://repo.com/repo',
'confidence':
80,
'issue_id':
'9001',
'last_modified':
datetime.datetime(2021, 1, 1, 0, 0),
'timestamp':
datetime.datetime(2020, 1, 1),
'source_id':
'oss-fuzz:123',
'project':
'project',
'ecosystem':
'ecosystem',
'summary':
'Heap-buffer-overflow in Foo',
'details':
'DETAILS',
'severity':
'MEDIUM',
'sort_key':
'2020-0001337',
'source_of_truth':
osv.SourceOfTruth.INTERNAL,
'reference_urls': ['https://url/'],
'public':
False,
'status':
osv.BugStatus.PROCESSED.value,
'has_affected':
True,
'search_indices': ['project', '2020-1337', '2020', '1337'],
},
ndb.Key(osv.Bug, '2020-1337').get()._to_dict())
affected_commits = list(osv.AffectedCommit.query())
for commit in affected_commits:
self.assertEqual(80, commit.confidence)
self.assertEqual('project', commit.project)
self.assertCountEqual([
'ff8cc32ba60ad9cbb3b23f0a82aad96ebe9ff76b',
'febfac1940086bc1f6d3dc33fda0a1d1ba336209',
'4c155795426727ea05575bd5904321def23c03f4',
'b1c95a196f22d06fcf80df8c6691cd113d8fefff',
'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd',
], [commit.commit for commit in affected_commits])
