From 1f76499ad085d969a59ce44d65e094211ba854ec Mon Sep 17 00:00:00 2001 From: Simon Resch Date: Thu, 3 Dec 2020 16:59:05 +0100 Subject: [PATCH 1/8] Update github action config --- .github/workflows/main.yml | 69 +++++++++++++++++++++++++------------- 1 file changed, 46 insertions(+), 23 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 820c3052..e545fda5 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,31 +1,54 @@ name: CI -on: push - -defaults: - run: - working-directory: / - +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + env: - FUZZER_DAEMON_ADDRESS: grpc-api.cloud.code-intelligence.com:443 PROJECT_NAME: dp3t - COGNITO_USER: ${{secrets.COGNITO_USER}} - COGNITO_PASSWORD: ${{secrets.COGNITO_PASSWORD}} - REPORT_EMAIL: simon.resch@code-intelligence.de + FUZZING_SERVER_ADDRESS: grpc-api.code-intelligence.com:443 + DASHBOARD_ADDRESS: https://app.code-intelligence.com jobs: - fuzz_AllController: + fuzz_AllController: runs-on: ubuntu-latest - container: cifuzz/cictl - steps: - - name: Log-in with Cognito - run: cictl login -u "${COGNITO_USER}" -p "${COGNITO_PASSWORD}" - - - name: Start fuzzing and wait for a crash for 5 minutes - run: | - cictl start_and_monitor_fuzzing \ - --daemon_listen_address="${FUZZER_DAEMON_ADDRESS}" \ - --project_name="${PROJECT_NAME}" \ - --campaign_name="AllController" \ - --cloud_report_recipient_email="${REPORT_EMAIL}" + - id: start-fuzzing + name: Build and Instrument + uses: CodeIntelligenceTesting/github-actions/start-fuzzing@master + with: + ci_fuzz_api_token: ${{ secrets.CI_FUZZ_API_TOKEN }} + project: ${{ env.PROJECT_NAME }} + test_collection: "AllController" + git_reference: ${{ github.sha }} + fuzzing_server_address: ${{ env.FUZZING_SERVER_ADDRESS }} + - id: monitor-fuzzing + name: Fuzzing + uses: CodeIntelligenceTesting/github-actions/monitor-fuzzing@master + with: + ci_fuzz_api_token: ${{ secrets.CI_FUZZ_API_TOKEN }} + project: ${{ env.PROJECT_NAME }} + test_collection_run: ${{ steps.start-fuzzing.outputs.test_collection_run_display_name }} + github_token: ${{ secrets.GITHUB_TOKEN }} + pull_request_number: ${{ github.event.pull_request.number }} + owner: ${{ github.event.repository.owner.login }} + repository: ${{ github.event.repository.name }} + fuzzing_server_address: ${{ env.FUZZING_SERVER_ADDRESS }} + dashboard_address: ${{ env.DASHBOARD_ADDRESS }} + - id: report-coverage + name: Report Coverage + uses: CodeIntelligenceTesting/github-actions/report-coverage@master + if: ${{ github.event_name == 'pull_request' && (success() || failure()) }} + with: + ci_fuzz_api_token: ${{ secrets.CI_FUZZ_API_TOKEN }} + project: ${{ env.PROJECT_NAME }} + test_collection_run: ${{ steps.start-fuzzing.outputs.test_collection_run_resource_name }} + github_token: ${{ secrets.GITHUB_TOKEN }} + pull_request_number: ${{ github.event.pull_request.number }} + owner: ${{ github.event.repository.owner.login }} + repository: ${{ github.event.repository.name }} + git_reference: ${{ github.sha }} + fuzzing_server_address: ${{ env.FUZZING_SERVER_ADDRESS }} + dashboard_address: ${{ env.DASHBOARD_ADDRESS }} From f97bd3fabce804ea74e7328f342e1e7949369727 Mon Sep 17 00:00:00 2001 From: simonresch <65217285+simonresch@users.noreply.github.com> Date: Thu, 3 Dec 2020 17:18:43 +0100 Subject: [PATCH 2/8] Update main.yml --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index e545fda5..b749bb34 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -2,9 +2,9 @@ name: CI on: push: - branches: [ master ] + branches: [ master, demo_before_fix ] pull_request: - branches: [ master ] + branches: [ master, demo_before_fix ] env: PROJECT_NAME: dp3t From 475294862c3b83606b79e30f5207b70af5f33f74 Mon Sep 17 00:00:00 2001 From: simonresch <65217285+simonresch@users.noreply.github.com> Date: Thu, 3 Dec 2020 17:20:34 +0100 Subject: [PATCH 3/8] Update main.yml --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index b749bb34..a72d3fa9 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -8,8 +8,8 @@ on: env: PROJECT_NAME: dp3t - FUZZING_SERVER_ADDRESS: grpc-api.code-intelligence.com:443 - DASHBOARD_ADDRESS: https://app.code-intelligence.com + FUZZING_SERVER_ADDRESS: grpc-api.demo.code-intelligence.com:443 + DASHBOARD_ADDRESS: https://app.demo.code-intelligence.com jobs: fuzz_AllController: From 824b95d53b6fb2cc762a52ce0195f21cbe669579 Mon Sep 17 00:00:00 2001 From: Simon Resch Date: Thu, 3 Dec 2020 17:41:45 +0100 Subject: [PATCH 4/8] Public builder docker image --- .code-intelligence/ci_info | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.code-intelligence/ci_info b/.code-intelligence/ci_info index b44bb2e1..b4c23368 100755 --- a/.code-intelligence/ci_info +++ b/.code-intelligence/ci_info @@ -759,10 +759,10 @@ }, "projectEnvironment": { "dockerBuild": { - "name": "registry.gitlab.com/code-intelligence/core/builders/webgoat" + "name": "cifuzz/builders:maven" }, "dockerRun": { - "name": "registry.gitlab.com/code-intelligence/core/builders/webgoat" + "name": "cifuzz/builders:maven" } } } \ No newline at end of file From 73481aacd9cd6b58e6a6ed02e85aa511b7b5f116 Mon Sep 17 00:00:00 2001 From: simonresch <65217285+simonresch@users.noreply.github.com> Date: Tue, 16 Feb 2021 16:34:16 +0100 Subject: [PATCH 5/8] Use self hosted runners --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index a72d3fa9..9a4834a6 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -13,7 +13,7 @@ env: jobs: fuzz_AllController: - runs-on: ubuntu-latest + runs-on: self-hosted steps: - id: start-fuzzing name: Build and Instrument From d87d71946cffd8ee1d9be33eed34d284960ea957 Mon Sep 17 00:00:00 2001 From: Henning Perl Date: Fri, 16 Apr 2021 17:59:42 +0200 Subject: [PATCH 6/8] switch server --- .github/workflows/main.yml | 30 +++++++++++++----------------- 1 file changed, 13 insertions(+), 17 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 9a4834a6..17e19fb9 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,4 +1,4 @@ -name: CI +name: Code Intelligence Fuzzing on: push: @@ -7,48 +7,44 @@ on: branches: [ master, demo_before_fix ] env: - PROJECT_NAME: dp3t - FUZZING_SERVER_ADDRESS: grpc-api.demo.code-intelligence.com:443 - DASHBOARD_ADDRESS: https://app.demo.code-intelligence.com + FUZZING_SERVER_ADDRESS: demo.code-intelligence.com:6773 + WEB_APP_ADDRESS: https://demo.code-intelligence.com jobs: fuzz_AllController: - runs-on: self-hosted + runs-on: ubuntu-latest steps: - id: start-fuzzing name: Build and Instrument - uses: CodeIntelligenceTesting/github-actions/start-fuzzing@master + uses: CodeIntelligenceTesting/github-actions/start-fuzzing@v3 with: ci_fuzz_api_token: ${{ secrets.CI_FUZZ_API_TOKEN }} - project: ${{ env.PROJECT_NAME }} - test_collection: "AllController" + test_collection: "projects/organizations_fd88fc683ec28c97_dp3t-a20f89fc/campaigns/AllController-a7e91866" git_reference: ${{ github.sha }} - fuzzing_server_address: ${{ env.FUZZING_SERVER_ADDRESS }} + fuzzing_server_address: ${{ env.FUZZING_SERVER_ADDRESS }} - id: monitor-fuzzing name: Fuzzing - uses: CodeIntelligenceTesting/github-actions/monitor-fuzzing@master + uses: CodeIntelligenceTesting/github-actions/monitor-fuzzing@v3 with: ci_fuzz_api_token: ${{ secrets.CI_FUZZ_API_TOKEN }} - project: ${{ env.PROJECT_NAME }} - test_collection_run: ${{ steps.start-fuzzing.outputs.test_collection_run_display_name }} + test_collection_run: ${{ steps.start-fuzzing.outputs.test_collection_run }} github_token: ${{ secrets.GITHUB_TOKEN }} pull_request_number: ${{ github.event.pull_request.number }} owner: ${{ github.event.repository.owner.login }} repository: ${{ github.event.repository.name }} fuzzing_server_address: ${{ env.FUZZING_SERVER_ADDRESS }} - dashboard_address: ${{ env.DASHBOARD_ADDRESS }} + dashboard_address: ${{ env.WEB_APP_ADDRESS }} - id: report-coverage name: Report Coverage - uses: CodeIntelligenceTesting/github-actions/report-coverage@master + uses: CodeIntelligenceTesting/github-actions/report-coverage@v3 if: ${{ github.event_name == 'pull_request' && (success() || failure()) }} with: ci_fuzz_api_token: ${{ secrets.CI_FUZZ_API_TOKEN }} - project: ${{ env.PROJECT_NAME }} - test_collection_run: ${{ steps.start-fuzzing.outputs.test_collection_run_resource_name }} + test_collection_run: ${{ steps.start-fuzzing.outputs.test_collection_run }} github_token: ${{ secrets.GITHUB_TOKEN }} pull_request_number: ${{ github.event.pull_request.number }} owner: ${{ github.event.repository.owner.login }} repository: ${{ github.event.repository.name }} git_reference: ${{ github.sha }} fuzzing_server_address: ${{ env.FUZZING_SERVER_ADDRESS }} - dashboard_address: ${{ env.DASHBOARD_ADDRESS }} + dashboard_address: ${{ env.WEB_APP_ADDRESS }} From fdb90c6968a2c69093b6d7eb6315da33f09ed939 Mon Sep 17 00:00:00 2001 From: Khaled Yakdan Date: Sat, 17 Apr 2021 11:35:06 +0200 Subject: [PATCH 7/8] setup fuzzing for all end points --- .code-intelligence/.gitignore | 1 + .../campaigns/AllController-a7e91866.json | 17 ++++++++++++++++- .../fuzz_targets/FuzzTarget_AllController.java | 9 +++++---- .../FuzzTarget_AllController.java.json | 2 +- 4 files changed, 23 insertions(+), 6 deletions(-) create mode 100644 .code-intelligence/.gitignore diff --git a/.code-intelligence/.gitignore b/.code-intelligence/.gitignore new file mode 100644 index 00000000..b7f13992 --- /dev/null +++ b/.code-intelligence/.gitignore @@ -0,0 +1 @@ +.build \ No newline at end of file diff --git a/.code-intelligence/campaigns/AllController-a7e91866.json b/.code-intelligence/campaigns/AllController-a7e91866.json index 696e7a0b..1cd0a122 100644 --- a/.code-intelligence/campaigns/AllController-a7e91866.json +++ b/.code-intelligence/campaigns/AllController-a7e91866.json @@ -1,6 +1,6 @@ { "name": "AllController-a7e91866", - "displayName": "AllController", + "displayName": "FuzzAllEndPoints", "maxRunTime": "1800s", "fuzzTargets": [ "AllController-ae4f0ca2" @@ -14,5 +14,20 @@ "engine": "ZAP", "numberOfJobs": 1 } + ], + "configuredTargets": [ + { + "fuzzTarget": "AllController-ae4f0ca2", + "fuzzerRunConfigurations": [ + { + "engine": "JAVA_LIBFUZZER", + "numberOfJobs": 1 + }, + { + "engine": "ZAP", + "numberOfJobs": 1 + } + ] + } ] } \ No newline at end of file diff --git a/.code-intelligence/fuzz_targets/FuzzTarget_AllController.java b/.code-intelligence/fuzz_targets/FuzzTarget_AllController.java index e82f21af..2a5fe724 100644 --- a/.code-intelligence/fuzz_targets/FuzzTarget_AllController.java +++ b/.code-intelligence/fuzz_targets/FuzzTarget_AllController.java @@ -76,11 +76,12 @@ public static void fuzzerTearDown() { } } - public static boolean fuzzerTestOneInput(byte[] input) throws Throwable { + public static void fuzzerTestOneInput(byte[] input) throws Throwable { if (fuzzWeb == null) { - System.err.println("ERROR: fuzzRest is not initialized yet!"); - return false; + throw new IllegalStateException("fuzzRest is not initialized yet!"); + } + if (fuzzWeb.doRequest(input)) { + throw new IllegalStateException("Sending the request failed"); } - return fuzzWeb.doRequest(input); } } diff --git a/.code-intelligence/fuzz_targets/FuzzTarget_AllController.java.json b/.code-intelligence/fuzz_targets/FuzzTarget_AllController.java.json index 3d0ed87c..4b79d081 100644 --- a/.code-intelligence/fuzz_targets/FuzzTarget_AllController.java.json +++ b/.code-intelligence/fuzz_targets/FuzzTarget_AllController.java.json @@ -1,6 +1,6 @@ { "name": "AllController-ae4f0ca2", - "displayName": "AllController", + "displayName": "FuzzAllEndPoints", "javaWebApp": { "webApplication": { "applicationName": "Application", From 83966f089cd91729a54af1d46db03c1b4eef92aa Mon Sep 17 00:00:00 2001 From: Khaled Yakdan Date: Sat, 17 Apr 2021 12:12:34 +0200 Subject: [PATCH 8/8] setup fuzzing for all end points --- .../fuzz_targets/FuzzTarget_AllController.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.code-intelligence/fuzz_targets/FuzzTarget_AllController.java b/.code-intelligence/fuzz_targets/FuzzTarget_AllController.java index 2a5fe724..8f47cbe9 100644 --- a/.code-intelligence/fuzz_targets/FuzzTarget_AllController.java +++ b/.code-intelligence/fuzz_targets/FuzzTarget_AllController.java @@ -39,7 +39,7 @@ public static void fuzzerInitialize(String[] fuzzerArgs) { System.getProperties().put("logging.level.org.springframework.web", "error"); String[] springBootArgs = {}; try { - Application.main(springBootArgs); + StartWebGoat.main(springBootArgs); } catch (Exception e) { e.printStackTrace(); throw new RuntimeException("Failed to start application."); @@ -53,8 +53,8 @@ public static void fuzzerInitialize(String[] fuzzerArgs) { public static void main(String[] fuzzerArgs) { String webControllerDBPath = null; for (String arg : fuzzerArgs) { - if (arg.startsWith("--web-controller-db=")) { - webControllerDBPath = arg.replace("--web-controller-db=", ""); + if (arg.startsWith("--web_controller_db=")) { + webControllerDBPath = arg.replace("--web_controller_db=", ""); } } fuzzerInitialize(fuzzerArgs);