def handle_timeout(subscriber, subscription, ack_id, oss_fuzz_dir, message): """Handle a timeout.""" subscriber.acknowledge(subscription=subscription, ack_ids=[ack_id]) bisect_type = message.attributes['type'] source_id = get_source_id(message) logging.error('Task %s timed out (source_id=%s)', bisect_type, source_id) if bisect_type not in ('fixed', 'regressed'): return old_commit = message.attributes['old_commit'] new_commit = message.attributes['new_commit'] if bisect_type == 'fixed': entity = osv.FixResult(id=source_id) else: assert bisect_type == 'regressed' entity = osv.RegressResult(id=source_id) _set_result_attributes(oss_fuzz_dir, message, entity) entity.commit = format_commit_range(old_commit, new_commit) entity.error = 'Timeout' entity.put()
def process_bisect_task(oss_fuzz_dir, bisect_type, source_id, message): """Process a bisect task.""" bisect_type = message.attributes['type'] project_name = message.attributes['project_name'] engine = 'libfuzzer' architecture = message.attributes['architecture'] or 'x86_64' sanitizer = message.attributes['sanitizer'] fuzz_target = message.attributes['fuzz_target'] old_commit = message.attributes['old_commit'] new_commit = message.attributes['new_commit'] testcase = message.data logging.info( 'Performing %s bisect on source_id=%s, project=%s, engine=%s, ' 'architecture=%s, sanitizer=%s, fuzz_target=%s, old_commit=%s, ' 'new_commit=%s', bisect_type, source_id, project_name, engine, architecture, sanitizer, fuzz_target, old_commit, new_commit) result = None if project_name in PROJECT_DENYLIST: logging.info('Skipping bisect for denylisted project %s', project_name) elif not old_commit: logging.info('Skipping bisect since there is no old_commit.') else: result = do_bisect(bisect_type, source_id, project_name, engine, sanitizer, architecture, fuzz_target, old_commit, new_commit, testcase) if result.repo_url in REPO_DENYLIST: logging.info('Skipping because of denylisted repo %s.', result.repo_url) return if bisect_type == 'fixed': entity = osv.FixResult(id=source_id) else: assert bisect_type == 'regressed' entity = osv.RegressResult(id=source_id) _set_result_attributes(oss_fuzz_dir, message, entity) if result and result.commit: logging.info('Bisected to %s', result.commit) entity.commit = result.commit entity.repo_url = result.repo_url else: logging.info( 'Bisect not successfully performed. Setting commit range from request.' ) entity.commit = format_commit_range(old_commit, new_commit) entity.repo_url = result.repo_url if result else None entity.error = 'Bisect error' entity.put()
def test_fixed_range_too_long(self): """Test fixed range that's too long.""" message = mock.Mock() message.attributes = { 'source_id': 'oss-fuzz:123', 'allocated_id': 'OSV-2020-1337', } regress_result = osv.RegressResult( id='oss-fuzz:123', commit='eefe8ec3f1f90d0e684890e810f3f21e8500a4cd', repo_url='https://repo.com/repo', issue_id='9001', project='project', ecosystem='ecosystem', summary='Heap-buffer-overflow in Foo', severity='MEDIUM', reference_urls=['https://url/']) regress_result.put() fix_result = osv.FixResult( id='oss-fuzz:123', commit=('eefe8ec3f1f90d0e684890e810f3f21e8500a4cd:' 'b587c21c36a84e16cfc6b39eb68578d43b5281ad'), repo_url='https://repo.com/repo', project='project', ecosystem='ecosystem', summary='Heap-buffer-overflow in Foo', details='DETAILS', severity='MEDIUM', reference_urls=['https://url/']) fix_result.put() oss_fuzz.process_impact_task('oss-fuzz:123', message) self.expect_dict_equal( 'fixed_range_too_long', ndb.Key(osv.Bug, 'OSV-2020-1337').get()._to_dict()) affected_commits = list(osv.AffectedCommit.query()) self.assertCountEqual([ 'b9b3fd4732695b83c3068b7b6a14bb372ec31f98', 'ff8cc32ba60ad9cbb3b23f0a82aad96ebe9ff76b', 'febfac1940086bc1f6d3dc33fda0a1d1ba336209', '4c155795426727ea05575bd5904321def23c03f4', 'b1c95a196f22d06fcf80df8c6691cd113d8fefff', 'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd', '8d8242f545e9cec3e6d0d2e3f5bde8be1c659735', '3ea6feea9bb853596c727abab309476cc07d1505', '36f0bd9549298b44f9ff2496c9dd1326b3a9d0e2', ], [commit.commit for commit in affected_commits])
def handle_timeout(task_type, source_id, oss_fuzz_dir, message): """Handle a timeout.""" old_commit = message.attributes['old_commit'] new_commit = message.attributes['new_commit'] if task_type == 'fixed': entity = osv.FixResult(id=source_id) else: assert task_type == 'regressed' entity = osv.RegressResult(id=source_id) _set_result_attributes(oss_fuzz_dir, message, entity) entity.commit = format_commit_range(old_commit, new_commit) entity.error = 'Timeout' entity.put()
def test_zero_regression_range(self): """Test regression range with "0:X".""" message = mock.Mock() message.attributes = { 'source_id': 'oss-fuzz:123', 'allocated_id': 'OSV-2020-1337', } regress_result = osv.RegressResult( id='oss-fuzz:123', commit='unknown:eefe8ec3f1f90d0e684890e810f3f21e8500a4cd', repo_url='https://repo.com/repo', issue_id='9001', project='project', ecosystem='ecosystem', summary='Heap-buffer-overflow in Foo', severity='MEDIUM', reference_urls=['https://url/']) regress_result.put() fix_result = osv.FixResult( id='oss-fuzz:123', commit='8d8242f545e9cec3e6d0d2e3f5bde8be1c659735', repo_url='https://repo.com/repo', project='project', ecosystem='ecosystem', summary='Heap-buffer-overflow in Foo', details='DETAILS', severity='MEDIUM', reference_urls=['https://url/']) fix_result.put() oss_fuzz.process_impact_task('oss-fuzz:123', message) self.expect_dict_equal( 'zero_regression_range', ndb.Key(osv.Bug, 'OSV-2020-1337').get()._to_dict()) affected_commits = list(osv.AffectedCommit.query()) self.assertCountEqual([ 'ff8cc32ba60ad9cbb3b23f0a82aad96ebe9ff76b', 'febfac1940086bc1f6d3dc33fda0a1d1ba336209', '4c155795426727ea05575bd5904321def23c03f4', 'b1c95a196f22d06fcf80df8c6691cd113d8fefff', 'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd', ], [commit.commit for commit in affected_commits])
def test_simplify_range(self): """Test simplifying commit range.""" message = mock.Mock() message.attributes = { 'source_id': 'oss-fuzz:123', 'allocated_id': 'OSV-2020-1337', } regress_result = osv.RegressResult( id='oss-fuzz:123', commit=('a2ba949290915d445d34d0e8e9de2e7ce38198fc:' 'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd'), repo_url='https://repo.com/repo', issue_id='9001', project='project', ecosystem='ecosystem', summary='Heap-buffer-overflow in Foo', severity='MEDIUM', reference_urls=['https://url/']) regress_result.put() fix_result = osv.FixResult( id='oss-fuzz:123', commit=('b1c95a196f22d06fcf80df8c6691cd113d8fefff:' '8d8242f545e9cec3e6d0d2e3f5bde8be1c659735'), repo_url='https://repo.com/repo', project='project', ecosystem='ecosystem', summary='Heap-buffer-overflow in Foo', details='DETAILS', severity='MEDIUM', reference_urls=['https://url/']) fix_result.put() oss_fuzz.process_impact_task('oss-fuzz:123', message) self.expect_dict_equal( 'simplify_range', ndb.Key(osv.Bug, 'OSV-2020-1337').get()._to_dict())
def test_not_fixed(self): """Test not fixed bug.""" message = mock.Mock() message.attributes = { 'source_id': 'oss-fuzz:123', 'allocated_id': '2020-1337', } regress_result = osv.RegressResult( id='oss-fuzz:123', commit='eefe8ec3f1f90d0e684890e810f3f21e8500a4cd', repo_url='https://repo.com/repo', issue_id='9001', project='project', ecosystem='ecosystem', summary='Heap-buffer-overflow in Foo', details='DETAILS', severity='MEDIUM', reference_urls=['https://url/']) regress_result.put() oss_fuzz.process_impact_task('oss-fuzz:123', message) self.assertDictEqual( { 'affected': [ 'branch-v0.1.1', 'branch-v0.1.1-with-fix', 'branch_1_cherrypick_regress', 'v0.1.1', 'v0.2' ], 'affected_fuzzy': ['0-1-1', '0-1-1', '1', '0-1-1', '0-2'], 'additional_commit_ranges': [{ 'introduced_in': 'febfac1940086bc1f6d3dc33fda0a1d1ba336209', 'fixed_in': None }], 'fixed': '', 'regressed': 'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd', 'repo_url': 'https://repo.com/repo', 'confidence': 100, 'issue_id': '9001', 'last_modified': datetime.datetime(2021, 1, 1, 0, 0), 'timestamp': datetime.datetime(2020, 1, 1), 'source_id': 'oss-fuzz:123', 'project': 'project', 'ecosystem': 'ecosystem', 'summary': 'Heap-buffer-overflow in Foo', 'details': 'DETAILS', 'severity': 'MEDIUM', 'sort_key': '2020-0001337', 'source_of_truth': osv.SourceOfTruth.INTERNAL, 'reference_urls': ['https://url/'], 'public': False, 'status': osv.BugStatus.PROCESSED.value, 'has_affected': True, 'search_indices': ['project', '2020-1337', '2020', '1337'], }, ndb.Key(osv.Bug, '2020-1337').get()._to_dict()) affected_commits = list(osv.AffectedCommit.query()) for commit in affected_commits: self.assertEqual(100, commit.confidence) self.assertEqual('project', commit.project) self.assertCountEqual([ 'ff8cc32ba60ad9cbb3b23f0a82aad96ebe9ff76b', 'febfac1940086bc1f6d3dc33fda0a1d1ba336209', '4c155795426727ea05575bd5904321def23c03f4', 'b1c95a196f22d06fcf80df8c6691cd113d8fefff', 'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd', '36f0bd9549298b44f9ff2496c9dd1326b3a9d0e2', '8d8242f545e9cec3e6d0d2e3f5bde8be1c659735', 'b9b3fd4732695b83c3068b7b6a14bb372ec31f98', 'b587c21c36a84e16cfc6b39eb68578d43b5281ad', '88e5ae3c40c85b702ba89a34c29f233048abb12b', '3ea6feea9bb853596c727abab309476cc07d1505', ], [commit.commit for commit in affected_commits])
def test_simplify_range(self): """Test simplifying commit range.""" message = mock.Mock() message.attributes = { 'source_id': 'oss-fuzz:123', 'allocated_id': '2020-1337', } regress_result = osv.RegressResult( id='oss-fuzz:123', commit=('a2ba949290915d445d34d0e8e9de2e7ce38198fc:' 'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd'), repo_url='https://repo.com/repo', issue_id='9001', project='project', ecosystem='ecosystem', summary='Heap-buffer-overflow in Foo', severity='MEDIUM', reference_urls=['https://url/']) regress_result.put() fix_result = osv.FixResult( id='oss-fuzz:123', commit=('b1c95a196f22d06fcf80df8c6691cd113d8fefff:' '8d8242f545e9cec3e6d0d2e3f5bde8be1c659735'), repo_url='https://repo.com/repo', project='project', ecosystem='ecosystem', summary='Heap-buffer-overflow in Foo', details='DETAILS', severity='MEDIUM', reference_urls=['https://url/']) fix_result.put() oss_fuzz.process_impact_task('oss-fuzz:123', message) self.assertDictEqual( { 'affected': ['branch-v0.1.1', 'branch_1_cherrypick_regress', 'v0.1.1'], 'affected_fuzzy': ['0-1-1', '1', '0-1-1'], 'additional_commit_ranges': [{ 'introduced_in': 'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd', 'fixed_in': 'b9b3fd4732695b83c3068b7b6a14bb372ec31f98' }, { 'introduced_in': 'febfac1940086bc1f6d3dc33fda0a1d1ba336209', 'fixed_in': None }], 'fixed': '8d8242f545e9cec3e6d0d2e3f5bde8be1c659735', 'regressed': 'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd', 'repo_url': 'https://repo.com/repo', 'confidence': 100, 'issue_id': '9001', 'last_modified': datetime.datetime(2021, 1, 1, 0, 0), 'timestamp': datetime.datetime(2020, 1, 1), 'source_id': 'oss-fuzz:123', 'project': 'project', 'ecosystem': 'ecosystem', 'summary': 'Heap-buffer-overflow in Foo', 'details': 'DETAILS', 'severity': 'MEDIUM', 'sort_key': '2020-0001337', 'source_of_truth': osv.SourceOfTruth.INTERNAL, 'reference_urls': ['https://url/'], 'public': False, 'status': osv.BugStatus.PROCESSED.value, 'has_affected': True, 'search_indices': ['project', '2020-1337', '2020', '1337'], }, ndb.Key(osv.Bug, '2020-1337').get()._to_dict())
def test_zero_regression_range(self): """Test regression range with "0:X".""" message = mock.Mock() message.attributes = { 'source_id': 'oss-fuzz:123', 'allocated_id': '2020-1337', } regress_result = osv.RegressResult( id='oss-fuzz:123', commit='unknown:eefe8ec3f1f90d0e684890e810f3f21e8500a4cd', repo_url='https://repo.com/repo', issue_id='9001', project='project', ecosystem='ecosystem', summary='Heap-buffer-overflow in Foo', severity='MEDIUM', reference_urls=['https://url/']) regress_result.put() fix_result = osv.FixResult( id='oss-fuzz:123', commit='8d8242f545e9cec3e6d0d2e3f5bde8be1c659735', repo_url='https://repo.com/repo', project='project', ecosystem='ecosystem', summary='Heap-buffer-overflow in Foo', details='DETAILS', severity='MEDIUM', reference_urls=['https://url/']) fix_result.put() oss_fuzz.process_impact_task('oss-fuzz:123', message) self.assertDictEqual( { 'affected': ['branch-v0.1.1', 'branch_1_cherrypick_regress', 'v0.1.1'], 'affected_fuzzy': ['0-1-1', '1', '0-1-1'], 'additional_commit_ranges': [], 'fixed': '8d8242f545e9cec3e6d0d2e3f5bde8be1c659735', 'regressed': 'unknown:eefe8ec3f1f90d0e684890e810f3f21e8500a4cd', 'repo_url': 'https://repo.com/repo', 'confidence': 80, 'issue_id': '9001', 'last_modified': datetime.datetime(2021, 1, 1, 0, 0), 'timestamp': datetime.datetime(2020, 1, 1), 'source_id': 'oss-fuzz:123', 'project': 'project', 'ecosystem': 'ecosystem', 'summary': 'Heap-buffer-overflow in Foo', 'details': 'DETAILS', 'severity': 'MEDIUM', 'sort_key': '2020-0001337', 'source_of_truth': osv.SourceOfTruth.INTERNAL, 'reference_urls': ['https://url/'], 'public': False, 'status': osv.BugStatus.PROCESSED.value, 'has_affected': True, 'search_indices': ['project', '2020-1337', '2020', '1337'], }, ndb.Key(osv.Bug, '2020-1337').get()._to_dict()) affected_commits = list(osv.AffectedCommit.query()) for commit in affected_commits: self.assertEqual(80, commit.confidence) self.assertEqual('project', commit.project) self.assertCountEqual([ 'ff8cc32ba60ad9cbb3b23f0a82aad96ebe9ff76b', 'febfac1940086bc1f6d3dc33fda0a1d1ba336209', '4c155795426727ea05575bd5904321def23c03f4', 'b1c95a196f22d06fcf80df8c6691cd113d8fefff', 'eefe8ec3f1f90d0e684890e810f3f21e8500a4cd', ], [commit.commit for commit in affected_commits])