Skip to content

Commit

Permalink
fix: resolve errors of fuzzing job fuzz_intermediate_report_merge (in…
Browse files Browse the repository at this point in the history 
…tel#3857)

Signed-off-by: Meet Soni <meetsoni3017@gmail.com>
  • Loading branch information
@inosmeet
inosmeet authored Feb 27, 2024
1 parent e2d28fb commit 75d7edb
Show file tree
Hide file tree
Showing 3 changed files with 45 additions and 14 deletions.
28 changes: 27 additions & 1 deletion .github/workflows/fuzzing.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,33 @@ jobs:
python -m pip install --upgrade setuptools
python -m pip install --upgrade -r dev-requirements.txt
python -m pip install --upgrade .
- name: Get date
id: get-date
run: |
echo "date=$(/bin/date -u "+%Y%m%d")" >> $GITHUB_OUTPUT
echo "yesterday=$(/bin/date -d "-1 day" -u "+%Y%m%d")" >> $GITHUB_OUTPUT
- name: Get today's cached database
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
id: todays-cache
with:
path: fuzz-cache
key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}
- name: Get yesterday's cached database if today's is not available
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
if: steps.todays-cache.outputs.cache-hit != 'true'
with:
path: fuzz-cache
key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}

- name: Try single CLI run of tool
if: env.sbom != 'true'
run: |
[[ -e fuzz-cache ]] && mkdir -p .cache && mv fuzz-cache ~/.cache/cve-bin-tool
NO_EXIT_CVE_NUM=1 python -m cve_bin_tool.cli test/assets/test-kerberos-5-1.15.1.out
cp -r ~/.cache/cve-bin-tool fuzz-cache
- name: Run Fuzzing
id: fuzzing
env:
Expand All @@ -58,4 +84,4 @@ jobs:
at_index=$((($(date -u +%U) % ${#fuzzing_scripts[@]})))
selected_script="${fuzzing_scripts[$at_index]}"
echo "Selected script: $selected_script"
timeout --preserve-status --signal=SIGINT 60m python $selected_script
timeout --preserve-status --signal=SIGINT 60m python $selected_script
12 changes: 7 additions & 5 deletions cve_bin_tool/merge.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@
ErrorMode,
InvalidIntermediateJsonError,
InvalidJsonError,
MissingFieldsError,
)
from .input_engine import TriageData
from .log import LOGGER
Expand Down Expand Up @@ -82,7 +81,7 @@ def recursive_scan(self, merge_files):

def scan_intermediate_file(self, filename):
"""Reads intermediate json file through filename and verify missing fields"""
self.logger.info(f"Loading file: {filename}")
self.logger.debug(f"Loading file: {filename}")

with open(filename) as json_file:
filename = Path(filename)
Expand All @@ -102,7 +101,7 @@ def scan_intermediate_file(self, filename):
)
if missing_fields == set():
if isinstance(inter_data["report"], list):
self.logger.info(
self.logger.debug(
f"Adding data from {filename.name} with timestamp {inter_data['metadata']['timestamp']}"
)
inter_data["metadata"]["severity"] = get_severity_count(
Expand All @@ -111,8 +110,8 @@ def scan_intermediate_file(self, filename):
return inter_data

if missing_fields != set():
with ErrorHandler(mode=self.error_mode):
raise MissingFieldsError(f"{missing_fields} are required fields")
self.logger.debug(f"{missing_fields} are required fields")
return None

with ErrorHandler(mode=self.error_mode):
raise InvalidIntermediateJsonError(filename)
Expand All @@ -123,6 +122,9 @@ def merge_intermediate(self):
for inter_file in self.recursive_scan(self.merge_files):
# Create a list of intermediate files dictionary
intermediate_data = self.scan_intermediate_file(inter_file)
if intermediate_data is None:
return

if (
self.filter_tag == []
or intermediate_data["metadata"]["tag"] in self.filter_tag
Expand Down
19 changes: 11 additions & 8 deletions test/test_merge.py
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
# Copyright (C) 2021 Intel Corporation
# SPDX-License-Identifier: GPL-3.0-or-later

import logging
import re
from ast import literal_eval
from pathlib import Path

import pytest
Expand All @@ -13,7 +13,6 @@
REQUIRED_INTERMEDIATE_METADATA,
InvalidJsonError,
MergeReports,
MissingFieldsError,
)
from cve_bin_tool.util import ProductInfo, Remarks

Expand Down Expand Up @@ -68,16 +67,20 @@ def test_invalid_file(self, filepaths, exception):
),
),
)
def test_missing_fields(self, filepaths, missing_fields):
def test_missing_fields(self, filepaths, missing_fields, caplog):
merged_cves = MergeReports(
merge_files=filepaths, error_mode=ErrorMode.FullTrace
)
with pytest.raises(MissingFieldsError) as exc:
merged_cves.merge_intermediate()
match = self.MISSING_FIELD_REGEX.search(exc.value.args[0])
raised_fields = match.group(1)
merged_cves.logger.setLevel(logging.DEBUG)
merged_cves.merge_intermediate()

expected_string = str(missing_fields)
actual_string = caplog.records[-1].getMessage().split("}")[0] + "}"

expected_set = set(expected_string.strip("{}").split(", "))
actual_set = set(actual_string.strip("{}").split(", "))

assert missing_fields - literal_eval(raised_fields) == set()
assert expected_set == actual_set

@pytest.mark.parametrize(
"filepaths, merged_data",
Expand Down

0 comments on commit 75d7edb

Please sign in to comment.