def reeval_test_result(pargs, logger=None):
race_suspect = None
with db_interface.get_connection(pargs.host, pargs.user,
pargs.pwd, pargs.database) as db_con:
test_suspect = db_interface.get_suspect_id_of_test(db_con,
pargs.testid,
logger)
race_suspect = db_interface.retrieve_race_suspect(db_con,
test_suspect,
logger)
xdebugTriplets = db_interface.get_test_xdebugs(db_con, pargs.testid)
suspectFingerprint = XdebugFingerprint(race_suspect._refXdebug[0], PaQu(race_suspect._refpaqu))
fingerprints = list()
for element in xdebugTriplets:
xdebug = Xdebug.XdebugTrace(element[2])
fingerprints.append(XdebugFingerprint(xdebug, PaQu(element[1])))
if pargs.relaxed_check:
count = count_equalp_fingerprints_relaxed(suspectFingerprint, race_suspect._query, fingerprints,
race_suspect._projname, race_suspect._session,
race_suspect._user, pargs.host, pargs.user, pargs.pwd, pargs.database, pargs.expid, logger=logger)
else:
count = count_equalp_fingerprints(suspectFingerprint, fingerprints, race_suspect._projname,
race_suspect._session, race_suspect._user, pargs.host, pargs.user, pargs.pwd, pargs.database, pargs.expid, logger=logger)
logger.info("overall {} hits".format(count))
def get_next_expid(pargs, logger=None):
with db_interface.get_connection(pargs.host, pargs.user,
pargs.pwd, pargs.database) as db_con:
expid = db_interface.get_highest_experiment_id(db_con, logger)[0]
if expid == None:
expid = 1
return expid
def get_litmus_test_results(experiment_id, db_host, db_user, db_pwd, db_name,
firebases, testcase, xpath, target, root_user,
root_password, vm_name, vm_state, logger=None,
sequentialp=True, do_not_run_tests=False):
with db_interface.get_connection(db_host, db_user, db_pwd, db_name) as db_con:
zipNameTriples, count = db_interface.get_litmus_test_results(db_con,
experiment_id,
sequentialp)
if len(zipNameTriples) == 0:
if do_not_run_tests:
raise Exception("No {} litmustest found but running test forbidden".format("sequential" if sequentialp else "parallel"))
logger.info("no stored {} litmus test results for experiment {} found. Generating them now.".format(
"sequential" if sequentialp else "parallel",
experiment_id))
with RunningVirtualMachine(vm_name, vm_state, target, root_user, root_password, _CONST_TARGET_FOLDERS,
logger=logger):
set_query(root_user, target, root_password, "SELECT nothing FROM fake", logger)
zipNameTriples, count = run_litmus_test(testcase, target, firebases,
root_user, root_password,
xpath, logger=logger,
sequentialp=sequentialp)
db_interface.enter_litmus_test_results(db_con, experiment_id,
count, zipNameTriples,
sequentialp)
else:
logger.info("found {} litmus test results for experiment {}".format("sequential" if sequentialp else "parallel",
experiment_id))
xdebugFingerprints = list()
for element in zipNameTriples:
xdebug = Xdebug.XdebugTrace(element[2])
# print xdebug
xdebugFingerprints.append(XdebugFingerprint(xdebug, PaQu(element[1])))
return xdebugFingerprints, count
def interleaving_single(expid, db_host, db_user, db_pwd, db_name,
logger, simulate=False):
request_hits = single_step_interleaving(expid,
db_host, db_user, db_pwd, db_name,
logger=logger)
# debug print if verbose
for request in request_hits:
for hit in request:
logger.debug("{}".format(hit))
ids = []
if not simulate:
logger.info("storing analysis results")
with db_interface.get_connection(db_host, db_user,
db_pwd, db_name) as con:
set_id = db_interface.get_next_set_id(con)
for request in request_hits:
for hit in request:
ids.append(db_interface.store_race_suspects(con, hit, set_id))
else:
logger.info("no storing of results due to simulate flag being set")
logger.debug("suspect ids: {}".format(ids))
logger.info("stored {} suspects".format(len(ids)))
return ids
def extract_and_show_results(db_host, db_user, db_pwd, db_name, expid, logger,
show_all=False, setid=None):
with db_interface.get_connection(db_host, db_user, db_pwd, db_name) as con:
if setid is None:
setids = db_interface.get_experiment_set_ids(con, expid)
logger.info("available set ids are: {}".format(setids))
if len(setids) == 0:
logger.info("no stored information")
return
setid = max(setids)
logger.info("chosing max value: {}".format(setid))
race_test_results = db_interface.get_race_test_results(con, expid, setid)
overall_test_amount = len(race_test_results)
print("Absolute Test Count: %03d" % (overall_test_amount,))
overall_test_time = float(sum([rtr.execution_time.total_seconds() for rtr in race_test_results])) / 60.0
# count the amount of all tests
# calculate the average test time per conducted test
avgttime = [rtr for rtr in race_test_results if rtr.success_count != -1]
if len(avgttime) == 0:
avgttime = -1
else:
avgttime = (float(sum([rtr.execution_time.total_seconds() for rtr in avgttime])) / float(len(avgttime))) / 60.0
counter = 1
print(" Absolute Test Time: %03f min" % (overall_test_time,))
print(" Average Test Time: %03f min" % (avgttime,))
for result in race_test_results:
if result.success_count != -1 or show_all:
print("------------------(%03d)----------------------" % (counter,))
print(result)
logger.info(result)
counter += 1
def single_suspect_test(pargs, logger):
firebases = []
for counter in range(4040,4050):
firebase = []
firebase.append('127.0.0.1')
firebase.append('%d' % counter)
firebase.append(pargs.max_fuse_delay)
firebase.append(pargs.walzing_barrage_timer)
firebases.append(firebase)
ids = [int(pargs.suspectid)]
testcase_scripts = get_testcase_scripts(pargs.selenese_script_folder)
with db_interface.get_connection(pargs.host, pargs.user, pargs.pwd, pargs.database) as db_con:
suspect = db_interface.retrieve_race_suspect(db_con, pargs.suspectid, logger)
expid = suspect._expid
sequentialRefPrints, sequentialRunCount = get_litmus_test_results(expid,
pargs.host,
pargs.user,
pargs.pwd,
pargs.database,
firebases,
testcase_scripts,
pargs.xpath,
pargs.vm_ip,
pargs.root_user,
pargs.root_pwd,
pargs.vm_name,
pargs.vm_state,
logger=logger,
sequentialp=True)
counter = 0
for id in ids:
check_type = RELAXED_CHECK if pargs.relaxed_check else STRICT_CHECK
counter = counter + 1
logger.info("running {}/{} of trace related race suspects".format(counter,
len(ids)))
vulnerability_single(id, pargs.host, pargs.user,
pargs.pwd, pargs.database,
firebases, testcase_scripts,
pargs.xpath, pargs.vm_ip, pargs.root_user,
pargs.root_pwd, pargs.vm_name, pargs.vm_state,
sequentialRefPrints, sequentialRunCount,
pargs.hit_threshold, expid,
logger=logger, check_type=check_type)
def show_litmus_queries(pargs, logger=None):
with db_interface.get_connection(pargs.host, pargs.user, pargs.pwd, pargs.database) as con:
data = db_interface.get_xdebug_queries(con, pargs.expid)
for selcmd in data:
print "Queries for SELCMD " + str(selcmd[0]) + " and HTTPREQ " + str(selcmd[1]) + ":"
try:
stream = StringIO.StringIO(zlib.decompress(selcmd[2]))
trace = Xdebug.XdebugTrace(stream)
stream.close()
queries = trace.get_sql_queries(keep_all_queries=True, logger=None)
for element in queries:
for subelement in element:
if type(pargs.search_query) is str:
if subelement.find(pargs.search_query) != -1:
print subelement
else:
print subelement
finally:
stream.close()
def extract_and_show_raw_queries(db_host, db_user, db_pwd, db_name, expid, logger=None):
with db_interface.get_connection(db_host, db_user, db_pwd, db_name) as con:
litmustest_xdebugs = db_interface.get_all_litmustest_xdebugs(con, expid)
for xdebug in litmustest_xdebugs:
xtrace, triple = XdebugTrace.XdebugTrace(xdebug)
for query in xtrace.get_all_queries():
print(triple)
print(query)
set_ids = db_interface.get_experiment_set_ids(con, expid)
logger.info("available set ids are: {}".format(set_ids))
setid = max(set_ids)
logger.info("chosing max value: {}".format(setid))
test_ids = db_interface.get_all_experiment_ids(con, expid, set_id)
for id in test_ids:
test_xdebugs = db_interface.get_all_xdebugs(con, id)
for xdebug in test_xdebugs:
xtrace, triple = XdebugTrace.XdebugTrace(xdebug)
for query in xtrace.get_all_queries():
print(triple)
print(query)
def vulnerability_single(suspect_id, db_host, db_user, db_pwd, db_name,
firebases, testcase_scripts, xpath,
target, root_user, root_password,
vm_name, vm_state,
sequentialRefPrints, sequentialRunCount,
hit_threshold, expid,
logger, check_type=STRICT_CHECK, dupl_set=Set()):
start_time = time.time()
logger.info("running vulnerability analysis of suspect {}".format(suspect_id))
race_suspect = None
with db_interface.get_connection(db_host, db_user,
db_pwd, db_name) as db_con:
race_suspect = db_interface.retrieve_race_suspect(db_con,
suspect_id,
logger)
suspectFingerprint = XdebugFingerprint(race_suspect._refXdebug[0], PaQu(race_suspect._refpaqu))
start_time_comp_ref = time.time()
testp = False
if check_type == STRICT_CHECK:
seq_matches = count_equalp_fingerprints(suspectFingerprint,
sequentialRefPrints,
race_suspect._projname,
race_suspect._session, race_suspect._user,
db_host, db_user, db_pwd, db_name, expid,
logger=logger)
elif check_type == RELAXED_CHECK:
seq_matches = count_equalp_fingerprints_relaxed(suspectFingerprint,
race_suspect._query,
sequentialRefPrints,
race_suspect._projname,
race_suspect._session, race_suspect._user,
db_host, db_user, db_pwd, db_name, expid,
logger=logger)
else:
raise Exception("Unknown testing function {}".format(check_type))
if seq_matches >= sequentialRunCount: # or seq_matches >= hit_threshold:
logger.info("NOTE: candidate has {}/{}({}) matches with sequential litmus test. Interleaving test won't yield additional information".format(seq_matches,
sequentialRunCount,
hit_threshold))
testp = False
else:
testp = True
query = race_suspect._query.replace("`", "")
qhash = subprocess.check_output(["./interceptor/hashQuery.pex", query])
if qhash in dupl_set:
logger.info("NOTE: we already ran an interleaving test on this changing query. Another test will just waste our time")
testp = False
else:
dupl_set.add(qhash)
end_time_comp_ref = time.time()
start_time_testing = time.time()
if testp:
logger.info("running race condition test with query:\n {}".format(race_suspect._query))
with RunningVirtualMachine(vm_name, vm_state, target, root_user, root_password, _CONST_TARGET_FOLDERS,
logger=logger):
set_query(root_user, target, root_password, race_suspect._query, logger)
success_count, xzips, succ, time_list = run_simple_interleaving(testcase_scripts,
target,
firebases,
root_user,
root_password,
xpath,
race_suspect._refXdebug[0],
race_suspect._refpaqu,
race_suspect._query,
race_suspect._projname,
race_suspect._session,
race_suspect._user,
logger, db_host,
db_user, db_pwd, db_name, expid,
hit_function=check_type)
start_time_testing, end_time_testing, start_time_eval, end_time_eval = time_list
get_apache_logs(root_user, target, root_password, logger)
else:
success_count = -1
xzips = []
succ = -1
start_time_eval = time.time()
end_time_eval = time.time()
end_time_testing = time.time()
testid = None
with db_interface.get_connection(db_host, db_user,
db_pwd, db_name) as db_con:
end_time = time.time()
testid = db_interface.enter_race_test_results(db_con, race_suspect,
success_count, xzips,
succ, seq_matches,
-1, # removed parallel reference check
start_time,
end_time,
start_time_comp_ref,
end_time_comp_ref,
start_time_testing,
end_time_testing,
start_time_eval,
end_time_eval,
check_type)
logger.info("inserted test result into database with id {}".format(testid))
logger.info("forced interleaving check for suspect {} done.\n Results: {}/{}".format(suspect_id,
success_count,
succ))