Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add path traversal bug detector #419

Merged
merged 5 commits into from
Jun 15, 2023
Merged

feat: add path traversal bug detector #419

merged 5 commits into from
Jun 15, 2023

Conversation

0xricksanchez
Copy link
Contributor

@0xricksanchez 0xricksanchez commented Apr 27, 2023

Builds on top of #407 so that one should be reviewed first

@0xricksanchez 0xricksanchez marked this pull request as draft April 27, 2023 14:23
0xricksanchez added a commit that referenced this pull request May 2, 2023
@0xricksanchez 0xricksanchez marked this pull request as ready for review May 9, 2023 12:10
@0xricksanchez
Copy link
Contributor Author

0xricksanchez commented May 9, 2023

The necessary tests for the path traversal bug detector passed at this point, the failures are due to the remaining windows issues from the command injection bug detector.

The path traversal has one weakness, as it doesn't work in Safe mode yet. That needs to be solved in FUZZ-683, not just for this bug detector but in general for all of them.

Edit: I squashed all commits into one to have a clean latest state to build on.

@0xricksanchez 0xricksanchez marked this pull request as draft May 9, 2023 16:09
@oetr oetr force-pushed the FUZZ-589_bug_dect_ptrav branch 4 times, most recently from 9dad794 to b08d067 Compare May 24, 2023 07:38
@oetr oetr marked this pull request as ready for review May 24, 2023 07:38
@oetr oetr requested a review from a team May 24, 2023 07:39
@oetr oetr force-pushed the FUZZ-589_bug_dect_ptrav branch from e074574 to 6ea56ac Compare May 25, 2023 09:06
examples/bug-detectors/path-traversal/fuzz.js Show resolved Hide resolved
examples/bug-detectors/path-traversal/fuzz.js Outdated Show resolved Hide resolved
examples/bug-detectors/path-traversal/fuzz.js Outdated Show resolved Hide resolved
examples/bug-detectors/path-traversal/fuzz.js Outdated Show resolved Hide resolved
tests/bug-detectors/helpers.js Show resolved Hide resolved
packages/hooking/hook.ts Outdated Show resolved Hide resolved
packages/hooking/hook.ts Outdated Show resolved Hide resolved
packages/instrumentor/plugins/functionHooks.ts Outdated Show resolved Hide resolved
packages/instrumentor/plugins/functionHooks.ts Outdated Show resolved Hide resolved
@oetr oetr force-pushed the FUZZ-589_bug_dect_ptrav branch 3 times, most recently from ae501d8 to 80eb61f Compare May 31, 2023 10:03
@oetr oetr requested a review from bertschneider May 31, 2023 10:16
packages/instrumentor/plugins/functionHooks.test.ts Outdated Show resolved Hide resolved
tests/bug-detectors/path-traversal/fuzz.js Outdated Show resolved Hide resolved
tests/bug-detectors/path-traversal/fuzz.js Outdated Show resolved Hide resolved
tests/bug-detectors/package.json Outdated Show resolved Hide resolved
tests/bug-detectors/helpers.js Outdated Show resolved Hide resolved
@oetr oetr force-pushed the FUZZ-589_bug_dect_ptrav branch 3 times, most recently from c507d15 to ffd1b09 Compare June 5, 2023 09:47
@oetr oetr enabled auto-merge (rebase) June 15, 2023 14:08
0xricksanchez and others added 5 commits June 15, 2023 16:40
- remove internal libraries from the stack trace of the finding
- add tests for double-printed finding messages
- in verbose mode, print module names with full path (for non built-in modules only) to make it easier to debug hooked functions
- hooks in the path traversal bug detector that need several hookIds
now use the callSiteId function
Copy link
Contributor

@bertschneider bertschneider left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thx for the detector and all the other fixes and cleanups!

@oetr oetr merged commit b2c7f88 into main Jun 15, 2023
6 checks passed
@oetr oetr deleted the FUZZ-589_bug_dect_ptrav branch June 15, 2023 17:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants