def failure_action(repo_owner, repo_name, issue_no, comment, id, github):
create_label(repo_owner, repo_name, "failed", "000000", \
"Verification failed.", github)
update_label(repo_owner, repo_name, issue_no, github, "failed")
create_comment(repo_owner, repo_name, issue_no, comment, github)
close_issue(repo_owner, repo_name, issue_no, github)
mark_as_read(id, github)
def process_issue(repo_name, num, id, config, gen_time, github, scoreboard):
repo_owner = config['repo_owner']
if is_closed(repo_owner, repo_name, num, github):
mark_as_read(id, github)
return
title, _, _, _ = get_github_issue(repo_owner, repo_name, num, github)
create_label(repo_owner, repo_name, "eval", "9466CB", \
"Exploit is under review.", github)
update_label(repo_owner, repo_name, num, github, "eval")
defender = get_defender(config, repo_name)
if defender is None:
print '[*] Fatal error: unknown target %s.' % repo_name
sys.exit()
return
branch, commit, attacker, log = verify_issue(defender, repo_name, num, \
config, github)
if branch is None:
log = "```\n" + log + "```"
failure_action(repo_owner, repo_name, num, \
log + '\n\n[*] The exploit did not work.', id, github)
return
if config['individual'][attacker]['team'] == defender:
failure_action(repo_owner, repo_name, num, \
'[*] Self-attack is not allowed: %s.' % attacker, \
id, github)
return
create_label(repo_owner, repo_name, branch, "DA0019", \
"Exploit for %s" % branch , github)
update_label(repo_owner, repo_name, num, github, branch)
#XXX: We should fix this logic and scoreboard representation
if branch == "master":
kind = commit
else:
kind = branch
info = {'attacker': attacker, 'defender': defender, 'bugkind': kind}
sync_scoreboard(scoreboard)
if kind.startswith('bug'):
process_intended(repo_name, num, config, gen_time, info, scoreboard, \
id, github)
else:
process_unintended(repo_name, num, config, gen_time, info, scoreboard,
id, github)
def process_issue(repo_name, num, id, config, gen_time, github, scoreboard):
repo_owner = config['repo_owner']
if is_closed(repo_owner, repo_name, num, github):
mark_as_read(id, github)
return
title, _, _, _ = get_github_issue(repo_owner, repo_name, num, github)
create_label(repo_owner, repo_name, "eval", "DA0019", \
"Exploit is under review.", github)
update_label(repo_owner, repo_name, num, github, "eval")
defender = get_defender(config, repo_name)
if defender is None:
print('[*] Fatal error: unknown target %s.' % repo_name)
sys.exit()
return
branch, commit, attacker, log = verify_issue(defender, repo_name, num, \
config, github)
if branch is None:
log = "```\n" + log + "```"
failure_action(repo_owner, repo_name, num, \
log + '\n\n[*] The exploit did not work.', id, github)
return
if config['individual'][attacker]['team'] == defender:
failure_action(repo_owner, repo_name, num, \
'[*] Self-attack is not allowed: %s.' % attacker, \
id, github)
return
create_label(repo_owner, repo_name, "verified", "9466CB", \
"Successfully verified.", github)
update_label(repo_owner, repo_name, num, github, "verified")
create_comment(repo_owner, repo_name, num,
"This submission has been verified. Well done!", github)
kind = commit
info = {
'attacker': attacker,
'defender': defender,
'branch': branch,
'bugkind': kind
}
sync_scoreboard(scoreboard)
process_unintended(repo_name, num, config, gen_time, info, scoreboard, id,
github, repo_owner)
def process_unintended(repo_name, num, config, gen_time, info, scoreboard, id,
github, repo_owner):
unintended_pts = config['unintended_pts']
target_commit = find_the_last_attack(scoreboard, gen_time, info)
if target_commit is None:
# This exploit is previously unseen, give point.
write_score(gen_time, info, scoreboard, unintended_pts)
write_message(info, scoreboard, unintended_pts)
commit_and_push(scoreboard)
else:
while True:
target_commit = get_next_commit(target_commit, \
info['defender'], info['branch'], config)
if target_commit is None:
print '[*] No more commit to verify against'
break
_, verified_commit, _, _ = \
verify_issue(info['defender'], repo_name, num, config, \
github, target_commit)
info['bugkind'] = target_commit
if verified_commit is None:
# Found a correct patch that defeats the exploit.
current_time = int(time.time())
write_score(current_time, info, scoreboard, 0)
write_message(info, scoreboard, 0)
commit_and_push(scoreboard)
mark_as_read(id, github)
create_label(repo_owner, repo_name, "defended", "0000ff", \
"Defended.", github)
update_label(repo_owner, repo_name, num, github, "defended")
break
else:
# Exploit still works on this commit, update score and continue
write_score(gen_time, info, scoreboard, unintended_pts)
write_message(info, scoreboard, unintended_pts)
commit_and_push(scoreboard)