Fix critical bugs and stabilize attack surface approximation module#11
Draft
krpandrei05 wants to merge 13 commits into
Draft
Fix critical bugs and stabilize attack surface approximation module#11krpandrei05 wants to merge 13 commits into
krpandrei05 wants to merge 13 commits into
Conversation
Fixes: open-crs#10 Signed-off-by: Andrei Carp <andrei.krp@gmail.com>
Added a check in the CLI to ensure the --elf option is provided when using binary_pattern_matching, preventing crashes and misleading results. Fixes: open-crs#12 Signed-off-by: Andrei Carp <andrei.krp@gmail.com>
Added commons library as a local path dependency to fix ModuleNotFoundError and updated Docker SDK to 7.1.0 to support modern URL schemes. Fixes: open-crs#13, Fixes: open-crs#15 Signed-off-by: Andrei Carp <andrei.krp@gmail.com>
Replaced the hardcoded 'uname' command with the dynamic CONTAINER_EXECUTABLE from configuration. This ensures the fuzzer analyzes the intended binary. Signed-off-by: Andrei Carp <andrei.krp@gmail.com>
Added a check for argc > 1 before accessing command line arguments in the C tracer. This fixes intermittent crashes when running the binary without arguments during calibration. Signed-off-by: Andrei Carp <andrei.krp@gmail.com>
Introduced a separate counter for executable segments to avoid out-of-bounds writes. Previously, the global map index was used for a restricted array, causing SIGSEGV. Signed-off-by: Andrei Carp <andrei.krp@gmail.com>
Migrated from stack allocation to dynamic allocation (malloc) for the hashed buffer and increased its size. This prevents stack corruption caused by buffer overflow when processing a large number of basic blocks. Signed-off-by: Andrei Carp <andrei.krp@gmail.com>
Added chmod calls to ensure result directories and files created by the root user in Docker are readable by the host Python process. Signed-off-by: Andrei Carp <andrei.krp@gmail.com>
Added a command to remove CMakeCache.txt before compilation. This ensures that changes to the tracer source or headers are correctly reflected in the compiled library. Signed-off-by: Andrei Carp <andrei.krp@gmail.com>
Modified the generator to test simple flags before complex combinations. This prevents valid flags from being ignored due to hash collisions with previously seen invalid combinations. Signed-off-by: Andrei Carp <andrei.krp@gmail.com>
Corrected the return type to bool and added safety checks for null instrumentation hashes in both the validation logic and history tracking. This prevents crashes and incorrect deduplication when Docker runs fail. Signed-off-by: Andrei Carp <andrei.krp@gmail.com>
Decoupled business logic from presentation in cli.py by introducing run_detection and run_fuzzing helpers. Updated the analyze command to collect all results before rendering, ensuring instantaneous output and eliminating visual latency between static and dynamic analysis phases. Signed-off-by: Andrei Carp <andrei.krp@gmail.com>
Pinned all dependencies in pyproject.toml to exact versions to ensure environment reproducibility. Updated the black package to a secure version to resolve two critical security vulnerabilities: arbitrary file write via unsanitized cache filenames and Regular Expression Denial of Service (ReDoS). Fixes: #1, Fixes: #2 Signed-off-by: Andrei Carp <andrei.krp@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This Pull Request introduces a series of critical fixes required to make the
attack_surface_approximationmodule fully functional and stable.Key changes include:
man_parsing,binary_pattern_matching).This is the final update aimed at stabilizing the execution environment and module dependencies using Poetry, ensuring full compatibility with the OpenCRS framework.
Fixes: #10, Fixes: #12, Fixes: #13, Fixes: #15
This PR addresses the following Dependabot alerts:
blackblack