Exemplo n.º 1
0
    def test_security_severity_security_bug_with_severity_set(
            self, project_name, policy):
        """Test security severity label is set when testcase is a security bug and
    has a security severity."""
        self.mock.get.return_value = policy
        security_severity_string_map = {
            data_types.SecuritySeverity.HIGH: 'Security_Severity-High',
            data_types.SecuritySeverity.MEDIUM: 'Security_Severity-Medium',
            data_types.SecuritySeverity.LOW: 'Security_Severity-Low',
        }

        for security_severity in security_severity_string_map:
            issue_tracker = monorail.IssueTracker(
                IssueTrackerManager(project_name))

            self.testcase1.security_flag = True
            self.testcase1.security_severity = security_severity
            self.testcase1.put()

            issue_filer.file_issue(self.testcase1, issue_tracker)
            self.assertIn(security_severity_string_map[security_severity],
                          issue_tracker._itm.last_issue.labels)
            self.assertEqual(
                1,
                len(
                    issue_tracker._itm.last_issue.get_labels_by_prefix(
                        'Security_Severity-')))
Exemplo n.º 2
0
 def test_testcase_metadata_invalid(self):
   """Tests issue filing with invalid metadata."""
   self.mock.get.return_value = CHROMIUM_POLICY
   issue_tracker = monorail.IssueTracker(IssueTrackerManager('chromium'))
   issue_filer.file_issue(self.testcase6, issue_tracker)
   self.assertItemsEqual(
       ['ClusterFuzz', 'Reproducible', 'Pri-1', 'Stability-Crash', 'Type-Bug'],
       issue_tracker._itm.last_issue.labels)
Exemplo n.º 3
0
 def test_filed_issues_chromium(self):
     """Tests issue filing for chromium."""
     self.mock.get.return_value = CHROMIUM_POLICY
     issue_tracker = monorail.IssueTracker(IssueTrackerManager('chromium'))
     issue_filer.file_issue(self.testcase4, issue_tracker)
     self.assertIn('OS-Chrome', issue_tracker._itm.last_issue.labels)
     self.assertEqual('Untriaged', issue_tracker._itm.last_issue.status)
     self.assertNotIn('Restrict-View-SecurityTeam',
                      issue_tracker._itm.last_issue.labels)
  def test_memory_tool_used(self, project_name, policy):
    """Test memory tool label is correctly set."""
    self.mock.get.return_value = policy
    for entry in issue_filer.MEMORY_TOOLS_LABELS:
      issue_tracker = monorail.IssueTracker(IssueTrackerManager(project_name))

      self.testcase1.crash_stacktrace = '\n\n%s\n' % entry['token']
      self.testcase1.put()
      issue_filer.file_issue(self.testcase1, issue_tracker)
      self.assertIn('Stability-' + entry['label'],
                    issue_tracker._itm.last_issue.labels)
  def test_security_severity_functional_bug(self, project_name, policy):
    """Test security severity label is not set for a functional bug."""
    self.mock.get.return_value = policy
    issue_tracker = monorail.IssueTracker(IssueTrackerManager(project_name))

    self.testcase1.security_flag = False
    self.testcase1.security_severity = None
    self.testcase1.put()
    issue_filer.file_issue(self.testcase1, issue_tracker)
    self.assertFalse(
        issue_tracker._itm.last_issue.has_label_by_prefix('Security_Severity-'))
Exemplo n.º 6
0
    def test_reproducible_flag(self):
        """Test (un)reproducible flag is correctly set."""
        self.mock.get.return_value = CHROMIUM_POLICY
        issue_tracker = monorail.IssueTracker(IssueTrackerManager('chromium'))

        self.testcase1.one_time_crasher_flag = True
        self.testcase1.put()
        issue_filer.file_issue(self.testcase1, issue_tracker)
        self.assertIn('Unreproducible', issue_tracker._itm.last_issue.labels)

        self.testcase1.one_time_crasher_flag = False
        self.testcase1.put()
        issue_filer.file_issue(self.testcase1, issue_tracker)
        self.assertIn('Reproducible', issue_tracker._itm.last_issue.labels)
  def test_crash_labels(self):
    """Test crash label setting."""
    self.mock.get.return_value = CHROMIUM_POLICY
    issue_tracker = monorail.IssueTracker(IssueTrackerManager('chromium'))

    self.testcase1.crash_type = 'UNKNOWN'
    self.testcase1.put()
    issue_filer.file_issue(self.testcase1, issue_tracker)
    self.assertIn('Pri-1', issue_tracker._itm.last_issue.labels)
    self.assertIn('Stability-Crash', issue_tracker._itm.last_issue.labels)

    self.testcase1.crash_type = 'Undefined-shift'
    self.testcase1.put()
    issue_filer.file_issue(self.testcase1, issue_tracker)
    self.assertIn('Pri-2', issue_tracker._itm.last_issue.labels)
    self.assertNotIn('Stability-Crash', issue_tracker._itm.last_issue.labels)
  def test_security_severity_security_bug_default_severity(
      self, project_name, policy):
    """Test security severity label is set when testcase is a security bug and
    no severity can be determined."""
    self.mock.get.return_value = policy
    issue_tracker = monorail.IssueTracker(IssueTrackerManager(project_name))

    self.testcase1.security_flag = True
    self.testcase1.security_severity = None
    self.testcase1.put()
    issue_filer.file_issue(self.testcase1, issue_tracker)
    self.assertIn('Security_Severity-High',
                  issue_tracker._itm.last_issue.labels)
    self.assertEqual(
        1,
        len(
            issue_tracker._itm.last_issue.get_labels_by_prefix(
                'Security_Severity-')))
 def test_testcase_metadata_labels_and_components(self):
   """Tests issue filing with additional labels and components."""
   self.mock.get.return_value = CHROMIUM_POLICY
   issue_tracker = monorail.IssueTracker(IssueTrackerManager('chromium'))
   issue_filer.file_issue(self.testcase5, issue_tracker)
   six.assertCountEqual(self, [
       'ClusterFuzz',
       'Reproducible',
       'Pri-1',
       'Stability-Crash',
       'Type-Bug',
       'label1',
       'label2',
   ], issue_tracker._itm.last_issue.labels)
   six.assertCountEqual(self, [
       'component1',
       'component2',
   ], issue_tracker._itm.last_issue.components)
Exemplo n.º 10
0
    def test_filed_issues_oss_fuzz_disable_disclose(self):
        """Test filing oss-fuzz issues with disclosure disabled."""
        self.job2.environment_string += 'DISABLE_DISCLOSURE = True\n'
        self.job2.put()

        self.mock.get.return_value = OSS_FUZZ_POLICY
        issue_tracker = monorail.IssueTracker(IssueTrackerManager('oss-fuzz'))

        issue_filer.file_issue(self.testcase2_security, issue_tracker)
        self.assertTrue(
            issue_tracker._itm.last_issue.has_label_matching(
                'restrict-view-commit'))
        self.assertFalse(
            issue_tracker._itm.last_issue.has_label_matching(
                'reported-2016-01-01'))
        self.assertNotIn(DEADLINE_NOTE, issue_tracker._itm.last_issue.body)
        self.assertIn(FIX_NOTE, issue_tracker._itm.last_issue.body)
        self.assertIn(QUESTIONS_NOTE, issue_tracker._itm.last_issue.body)
Exemplo n.º 11
0
  def test_security_severity_security_bug_severity_override(
      self, project_name, policy):
    """Test security severity label is set correct when testcase has its own
    severity but there is an override provided."""
    self.mock.get.return_value = policy
    issue_tracker = monorail.IssueTracker(IssueTrackerManager(project_name))

    self.testcase1.security_flag = True
    self.testcase1.security_severity = data_types.SecuritySeverity.HIGH
    self.testcase1.put()
    issue_filer.file_issue(
        self.testcase1,
        issue_tracker,
        security_severity=data_types.SecuritySeverity.MEDIUM)
    self.assertNotIn('Security_Severity-High',
                     issue_tracker._itm.last_issue.labels)
    self.assertIn('Security_Severity-Medium',
                  issue_tracker._itm.last_issue.labels)
    self.assertEqual(
        1,
        len(
            issue_tracker._itm.last_issue.get_labels_by_prefix(
                'Security_Severity-')))
Exemplo n.º 12
0
    def test_testcase_save_exception(self):
        """Tests issue filing when issue.save exception"""
        self.mock.get.return_value = CHROMIUM_POLICY_FALLBACK
        original_save = monorail.issue.Issue.save
        helpers.patch(self,
                      ['libs.issue_management.monorail.issue.Issue.save'])

        def my_save(*args, **kwargs):
            if getattr(my_save, 'raise_exception', True):
                setattr(my_save, 'raise_exception', False)
                raise Exception("Boom!")
            return original_save(*args, **kwargs)

        self.mock.save.side_effect = my_save

        issue_tracker = monorail.IssueTracker(IssueTrackerManager('chromium'))
        _, exception = issue_filer.file_issue(self.testcase5, issue_tracker)
        self.assertIsInstance(exception, Exception)

        six.assertCountEqual(
            self, ['fallback>component', '-component1', '-component2'],
            issue_tracker._itm.last_issue.components)
        self.assertIn(
            '**NOTE**: This bug was filed into this component due to permission or '
            'configuration issues with the specified component(s) component1 component2',
            issue_tracker._itm.last_issue.body)

        # call without fallback_component in policy
        # Expected result: no issue is added to itm
        setattr(my_save, 'raise_exception', True)
        issue_tracker = monorail.IssueTracker(IssueTrackerManager('chromium'))
        self.mock.get.return_value = CHROMIUM_POLICY
        with self.assertRaises(Exception):
            issue_filer.file_issue(self.testcase1, issue_tracker)

        self.assertIsNone(issue_tracker._itm.last_issue)
Exemplo n.º 13
0
  def test_footer_formatting(self):
    """Test footer message with formatting."""
    policy = issue_tracker_policy.IssueTrackerPolicy({
        'status': {
            'assigned': 'Assigned',
            'duplicate': 'Duplicate',
            'verified': 'Verified',
            'new': 'Untriaged',
            'wontfix': 'WontFix',
            'fixed': 'Fixed'
        },
        'all': {
            'status': 'new',
            'issue_body_footer': 'Target: %FUZZ_TARGET%, Project: %PROJECT%'
        },
        'non_security': {},
        'labels': {},
        'security': {},
        'existing': {},
    })
    self.mock.get.return_value = policy

    issue_tracker = monorail.IssueTracker(IssueTrackerManager('chromium'))
    self.testcase1.project_name = 'proj'
    self.testcase1.fuzzer_name = 'libFuzzer'
    self.testcase1.overridden_fuzzer_name = 'libFuzzer_proj_target'

    data_types.FuzzTarget(
        id='libFuzzer_proj_target',
        project='proj',
        engine='libFuzzer',
        binary='target').put()

    issue_filer.file_issue(self.testcase1, issue_tracker)
    self.assertIn('Target: target, Project: proj',
                  issue_tracker._itm.last_issue.body)
Exemplo n.º 14
0
    def create_issue(testcase, severity, cc_me):
        """Create an issue."""
        issue_tracker = helpers.get_issue_tracker_for_testcase(testcase)
        user_email = helpers.get_user_email()

        if severity is not None:
            severity = helpers.cast(
                severity, int,
                'Invalid value for security severity (%s).' % severity)

        additional_ccs = []
        if cc_me:
            additional_ccs.append(user_email)

        issue_id = issue_filer.file_issue(testcase,
                                          issue_tracker,
                                          security_severity=severity,
                                          user_email=user_email,
                                          additional_ccs=additional_ccs)

        if not issue_id:
            raise helpers.EarlyExitException('Unable to create new issue.',
                                             500)
Exemplo n.º 15
0
    def get(self):
        """Handle a get request."""
        try:
            grouper.group_testcases()
        except:
            logs.log_error('Error occurred while grouping test cases.')
            return

        # Free up memory after group task run.
        utils.python_gc()

        # Get a list of jobs excluded from bug filing.
        excluded_jobs = _get_excluded_jobs()

        # Get a list of all jobs. This is used to filter testcases whose jobs have
        # been removed.
        all_jobs = data_handler.get_all_job_type_names()

        for testcase_id in data_handler.get_open_testcase_id_iterator():
            try:
                testcase = data_handler.get_testcase_by_id(testcase_id)
            except errors.InvalidTestcaseError:
                # Already deleted.
                continue

            # Skip if testcase's job is removed.
            if testcase.job_type not in all_jobs:
                continue

            # Skip if testcase's job is in exclusions list.
            if testcase.job_type in excluded_jobs:
                continue

            # Skip if we are running progression task at this time.
            if testcase.get_metadata('progression_pending'):
                continue

            # If the testcase has a bug filed already, no triage is needed.
            if _is_bug_filed(testcase):
                continue

            # Check if the crash is important, i.e. it is either a reproducible crash
            # or an unreproducible crash happening frequently.
            if not _is_crash_important(testcase):
                continue

            # Require that all tasks like minimizaton, regression testing, etc have
            # finished.
            if not data_handler.critical_tasks_completed(testcase):
                continue

            # For testcases that are not part of a group, wait an additional time till
            # group task completes.
            # FIXME: In future, grouping might be dependent on regression range, so we
            # would have to add an additional wait time.
            if not testcase.group_id and not dates.time_has_expired(
                    testcase.timestamp,
                    hours=data_types.MIN_ELAPSED_TIME_SINCE_REPORT):
                continue

            # If this project does not have an associated issue tracker, we cannot
            # file this crash anywhere.
            issue_tracker = issue_tracker_utils.get_issue_tracker_for_testcase(
                testcase)
            if not issue_tracker:
                continue

            # If there are similar issues to this test case already filed or recently
            # closed, skip filing a duplicate bug.
            if _check_and_update_similar_bug(testcase, issue_tracker):
                continue

            # Clean up old triage messages that would be not applicable now.
            testcase.delete_metadata(TRIAGE_MESSAGE_KEY, update_testcase=False)

            # File the bug first and then create filed bug metadata.
            try:
                issue_filer.file_issue(testcase, issue_tracker)
            except Exception:
                logs.log_error('Failed to file issue for testcase %d.' %
                               testcase_id)
                continue

            _create_filed_bug_metadata(testcase)
            logs.log('Filed new issue %s for testcase %d.' %
                     (testcase.bug_information, testcase_id))
Exemplo n.º 16
0
 def test_filed_issues_chromium_ios(self):
     """Tests issue filing for chromium iOS."""
     self.mock.get.return_value = CHROMIUM_POLICY
     issue_tracker = monorail.IssueTracker(IssueTrackerManager('chromium'))
     issue_filer.file_issue(self.testcase7, issue_tracker)
     self.assertIn('OS-iOS', issue_tracker._itm.last_issue.labels)
Exemplo n.º 17
0
    def test_filed_issues_oss_fuzz(self):
        """Tests issue filing for oss-fuzz."""
        self.mock.get.return_value = OSS_FUZZ_POLICY
        issue_tracker = monorail.IssueTracker(IssueTrackerManager('oss-fuzz'))
        issue_filer.file_issue(self.testcase1, issue_tracker)
        self.assertEqual('New', issue_tracker._itm.last_issue.status)
        self.assertTrue(
            issue_tracker._itm.last_issue.has_label_matching(
                'restrict-view-commit'))
        self.assertFalse(
            issue_tracker._itm.last_issue.has_label_matching(
                'reported-2016-01-01'))
        self.assertNotIn(DEADLINE_NOTE, issue_tracker._itm.last_issue.body)

        issue_filer.file_issue(self.testcase1_security, issue_tracker)
        self.assertTrue(
            issue_tracker._itm.last_issue.has_label_matching(
                'restrict-view-commit'))
        self.assertFalse(
            issue_tracker._itm.last_issue.has_label_matching(
                'reported-2016-01-01'))
        self.assertNotIn(DEADLINE_NOTE, issue_tracker._itm.last_issue.body)

        issue_filer.file_issue(self.testcase2, issue_tracker)
        self.assertFalse(
            issue_tracker._itm.last_issue.has_label_matching(
                'restrict-view-commit'))
        self.assertTrue(
            issue_tracker._itm.last_issue.has_label_matching(
                'reported-2016-01-01'))
        self.assertNotIn(DEADLINE_NOTE, issue_tracker._itm.last_issue.body)

        issue_filer.file_issue(self.testcase2_security, issue_tracker)
        self.assertTrue(
            issue_tracker._itm.last_issue.has_label_matching(
                'restrict-view-commit'))
        self.assertTrue(
            issue_tracker._itm.last_issue.has_label_matching(
                'reported-2016-01-01'))
        self.assertIn(DEADLINE_NOTE, issue_tracker._itm.last_issue.body)

        issue_filer.file_issue(self.testcase3, issue_tracker)
        self.assertFalse(
            issue_tracker._itm.last_issue.has_label_matching(
                'restrict-view-commit'))
        self.assertFalse(
            issue_tracker._itm.last_issue.has_label_matching(
                'reported-2016-01-01'))
        self.assertNotIn(DEADLINE_NOTE, issue_tracker._itm.last_issue.body)

        issue_filer.file_issue(self.testcase3_security, issue_tracker)
        self.assertFalse(
            issue_tracker._itm.last_issue.has_label_matching(
                'restrict-view-commit'))
        self.assertTrue(
            issue_tracker._itm.last_issue.has_label_matching(
                'reported-2016-01-01'))
        self.assertNotIn(DEADLINE_NOTE, issue_tracker._itm.last_issue.body)