ExternalVendorCode/onefuzz
1
0
Fork 0
mirror of https://github.com/microsoft/onefuzz.git synced 2025-06-17 12:28:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove function allowlist (#2859)

Browse Source
This commit is contained in:
Joe Ranweiler
2023-02-17 20:19:38 -08:00
committed by GitHub
parent 1ac3fd4bed
commit d5cff033d9
11 changed files with 0 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/ApiService/ApiService/OneFuzzTypes/Enums.cs
View File

@ -274,7 +274,6 @@ public enum TaskFeature {
ReportList, ReportList,
MinimizedStackDepth, MinimizedStackDepth,
CoverageFilter, CoverageFilter,
FunctionAllowlist,
ModuleAllowlist, ModuleAllowlist,
SourceAllowlist, SourceAllowlist,
TargetMustUseInput, TargetMustUseInput,

2
src/ApiService/ApiService/OneFuzzTypes/Model.cs
View File

@ -213,7 +213,6 @@ public record TaskDetails(
// Deprecated. Retained for processing old table data. // Deprecated. Retained for processing old table data.
string? CoverageFilter = null, string? CoverageFilter = null,
string? FunctionAllowlist = null,
string? ModuleAllowlist = null, string? ModuleAllowlist = null,
string? SourceAllowlist = null, string? SourceAllowlist = null,
string? TargetAssembly = null, string? TargetAssembly = null,
@ -1002,7 +1001,6 @@ public record TaskUnitConfig(
// Deprecated. Retained for processing old table data. // Deprecated. Retained for processing old table data.
public string? CoverageFilter { get; set; } public string? CoverageFilter { get; set; }
public string? FunctionAllowlist { get; set; }
public string? ModuleAllowlist { get; set; } public string? ModuleAllowlist { get; set; }
public string? SourceAllowlist { get; set; } public string? SourceAllowlist { get; set; }
public string? TargetAssembly { get; set; } public string? TargetAssembly { get; set; }

6
src/ApiService/ApiService/onefuzzlib/Config.cs
View File

@ -262,12 +262,6 @@ public class Config : IConfig {
} }
} }
if (definition.Features.Contains(TaskFeature.FunctionAllowlist)) {
if (task.Config.Task.FunctionAllowlist != null) {
config.FunctionAllowlist = task.Config.Task.FunctionAllowlist;
}
}
if (definition.Features.Contains(TaskFeature.ModuleAllowlist)) { if (definition.Features.Contains(TaskFeature.ModuleAllowlist)) {
if (task.Config.Task.ModuleAllowlist != null) { if (task.Config.Task.ModuleAllowlist != null) {
config.ModuleAllowlist = task.Config.Task.ModuleAllowlist; config.ModuleAllowlist = task.Config.Task.ModuleAllowlist;

1
src/ApiService/ApiService/onefuzzlib/Defs.cs
View File

@ -15,7 +15,6 @@ public static class Defs {
// Deprecated. Retained for processing old table data. // Deprecated. Retained for processing old table data.
TaskFeature.CoverageFilter, TaskFeature.CoverageFilter,
TaskFeature.FunctionAllowlist,
TaskFeature.ModuleAllowlist, TaskFeature.ModuleAllowlist,
TaskFeature.SourceAllowlist, TaskFeature.SourceAllowlist,
}, },

7
src/agent/coverage/examples/coverage.rs
View File

@ -15,9 +15,6 @@ struct Args {
#[arg(long)] #[arg(long)]
module_allowlist: Option<String>, module_allowlist: Option<String>,
#[arg(long)]
function_allowlist: Option<String>,
#[arg(long)] #[arg(long)]
source_allowlist: Option<String>, source_allowlist: Option<String>,
@ -63,10 +60,6 @@ fn main() -> Result<()> {
allowlist.modules = AllowList::load(path)?; allowlist.modules = AllowList::load(path)?;
} }
if let Some(path) = &args.function_allowlist {
allowlist.functions = AllowList::load(path)?;
}
if let Some(path) = &args.source_allowlist { if let Some(path) = &args.source_allowlist {
allowlist.source_files = AllowList::load(path)?; allowlist.source_files = AllowList::load(path)?;
} }

6
src/agent/coverage/src/allowlist.rs
View File

@ -7,18 +7,13 @@ use std::path::Path;
#[derive(Clone, Debug, Default)] #[derive(Clone, Debug, Default)]
pub struct TargetAllowList { pub struct TargetAllowList {
pub functions: AllowList,
pub modules: AllowList, pub modules: AllowList,
pub source_files: AllowList, pub source_files: AllowList,
} }
impl TargetAllowList { impl TargetAllowList {
pub fn new(modules: AllowList, source_files: AllowList) -> Self { pub fn new(modules: AllowList, source_files: AllowList) -> Self {
// Allow all.
let functions = AllowList::default();
Self { Self {
functions,
modules, modules,
source_files, source_files,
} }
@ -28,7 +23,6 @@ impl TargetAllowList {
pub fn extend(&self, other: &Self) -> Self { pub fn extend(&self, other: &Self) -> Self {
let mut new = Self::default(); let mut new = Self::default();
new.functions = self.functions.extend(&other.functions);
new.modules = self.modules.extend(&other.modules); new.modules = self.modules.extend(&other.modules);
new.source_files = self.source_files.extend(&other.source_files); new.source_files = self.source_files.extend(&other.source_files);

8
src/agent/coverage/src/binary.rs
View File

@ -120,10 +120,6 @@ pub fn find_coverage_sites(
let mut offsets = BTreeSet::new(); let mut offsets = BTreeSet::new();
for function in debuginfo.functions() { for function in debuginfo.functions() {
if !allowlist.functions.is_allowed(&function.name) {
continue;
}
let blocks = block::sweep_region(module, &debuginfo, function.offset, function.size)?; let blocks = block::sweep_region(module, &debuginfo, function.offset, function.size)?;
for block in &blocks { for block in &blocks {
@ -133,10 +129,6 @@ pub fn find_coverage_sites(
// Apply allowlists per block, to account for inlining. The `location` values // Apply allowlists per block, to account for inlining. The `location` values
// here describe the top of the inline-inclusive call stack. // here describe the top of the inline-inclusive call stack.
if !allowlist.functions.is_allowed(&path) {
continue;
}
if !allowlist.source_files.is_allowed(&path) { if !allowlist.source_files.is_allowed(&path) {
continue; continue;
} }

1
src/agent/onefuzz-task/src/local/coverage.rs
View File

@ -56,7 +56,6 @@ pub fn build_coverage_config(
target_options, target_options,
target_timeout, target_timeout,
coverage_filter: None, coverage_filter: None,
function_allowlist: None,
module_allowlist: None, module_allowlist: None,
source_allowlist: None, source_allowlist: None,
input_queue, input_queue,

5
src/agent/onefuzz-task/src/tasks/coverage/generic.rs
View File

@ -55,7 +55,6 @@ pub struct Config {
// Retained only to informatively fail tasks that were qeueued pre-upgrade. // Retained only to informatively fail tasks that were qeueued pre-upgrade.
pub coverage_filter: Option<String>, pub coverage_filter: Option<String>,
pub function_allowlist: Option<String>,
pub module_allowlist: Option<String>, pub module_allowlist: Option<String>,
pub source_allowlist: Option<String>, pub source_allowlist: Option<String>,
@ -161,10 +160,6 @@ impl CoverageTask {
// source files are excluded. // source files are excluded.
let mut allowlist = TargetAllowList::default(); let mut allowlist = TargetAllowList::default();
if let Some(functions) = &self.config.function_allowlist {
allowlist.functions = self.load_allowlist(functions).await?;
}
if let Some(modules) = &self.config.module_allowlist { if let Some(modules) = &self.config.module_allowlist {
allowlist.modules = self.load_allowlist(modules).await?; allowlist.modules = self.load_allowlist(modules).await?;
} }

2
src/cli/onefuzz/api.py
View File

@ -979,7 +979,6 @@ class Tasks(Endpoint):
colocate: bool = False, colocate: bool = False,
report_list: Optional[List[str]] = None, report_list: Optional[List[str]] = None,
minimized_stack_depth: Optional[int] = None, minimized_stack_depth: Optional[int] = None,
function_allowlist: Optional[str] = None,
module_allowlist: Optional[str] = None, module_allowlist: Optional[str] = None,
source_allowlist: Optional[str] = None, source_allowlist: Optional[str] = None,
) -> models.Task: ) -> models.Task:
@ -1057,7 +1056,6 @@ class Tasks(Endpoint):
report_list=report_list, report_list=report_list,
preserve_existing_outputs=preserve_existing_outputs, preserve_existing_outputs=preserve_existing_outputs,
minimized_stack_depth=minimized_stack_depth, minimized_stack_depth=minimized_stack_depth,
function_allowlist=function_allowlist,
module_allowlist=module_allowlist, module_allowlist=module_allowlist,
source_allowlist=source_allowlist, source_allowlist=source_allowlist,
), ),

11
src/cli/onefuzz/templates/libfuzzer.py
View File

@ -68,7 +68,6 @@ class Libfuzzer(Command):
check_fuzzer_help: bool = True, check_fuzzer_help: bool = True,
expect_crash_on_failure: bool = False, expect_crash_on_failure: bool = False,
minimized_stack_depth: Optional[int] = None, minimized_stack_depth: Optional[int] = None,
function_allowlist: Optional[str] = None,
module_allowlist: Optional[str] = None, module_allowlist: Optional[str] = None,
source_allowlist: Optional[str] = None, source_allowlist: Optional[str] = None,
analyzer_exe: Optional[str] = None, analyzer_exe: Optional[str] = None,
@ -220,7 +219,6 @@ class Libfuzzer(Command):
debug=debug, debug=debug,
colocate=colocate_all_tasks or colocate_secondary_tasks, colocate=colocate_all_tasks or colocate_secondary_tasks,
check_fuzzer_help=check_fuzzer_help, check_fuzzer_help=check_fuzzer_help,
function_allowlist=function_allowlist,
module_allowlist=module_allowlist, module_allowlist=module_allowlist,
source_allowlist=source_allowlist, source_allowlist=source_allowlist,
) )
@ -327,7 +325,6 @@ class Libfuzzer(Command):
check_fuzzer_help: bool = True, check_fuzzer_help: bool = True,
expect_crash_on_failure: bool = False, expect_crash_on_failure: bool = False,
minimized_stack_depth: Optional[int] = None, minimized_stack_depth: Optional[int] = None,
function_allowlist: Optional[File] = None,
module_allowlist: Optional[File] = None, module_allowlist: Optional[File] = None,
source_allowlist: Optional[File] = None, source_allowlist: Optional[File] = None,
analyzer_exe: Optional[str] = None, analyzer_exe: Optional[str] = None,
@ -402,13 +399,6 @@ class Libfuzzer(Command):
target_exe_blob_name = helper.setup_relative_blob_name(target_exe, setup_dir) target_exe_blob_name = helper.setup_relative_blob_name(target_exe, setup_dir)
if function_allowlist:
function_allowlist_blob_name: Optional[
str
] = helper.setup_relative_blob_name(function_allowlist, setup_dir)
else:
function_allowlist_blob_name = None
if module_allowlist: if module_allowlist:
module_allowlist_blob_name: Optional[str] = helper.setup_relative_blob_name( module_allowlist_blob_name: Optional[str] = helper.setup_relative_blob_name(
module_allowlist, setup_dir module_allowlist, setup_dir
@ -445,7 +435,6 @@ class Libfuzzer(Command):
check_fuzzer_help=check_fuzzer_help, check_fuzzer_help=check_fuzzer_help,
expect_crash_on_failure=expect_crash_on_failure, expect_crash_on_failure=expect_crash_on_failure,
minimized_stack_depth=minimized_stack_depth, minimized_stack_depth=minimized_stack_depth,
function_allowlist=function_allowlist_blob_name,
module_allowlist=module_allowlist_blob_name, module_allowlist=module_allowlist_blob_name,
source_allowlist=source_allowlist_blob_name, source_allowlist=source_allowlist_blob_name,
analyzer_exe=analyzer_exe, analyzer_exe=analyzer_exe,