Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat/fuzz #249

Closed
wants to merge 58 commits into from
Closed

Feat/fuzz #249

wants to merge 58 commits into from

Conversation

joaosantos15
Copy link
Collaborator

This PR implements the Fuzz commands, with the arm, disarm and run sub-comands.

dmuhs and others added 24 commits February 12, 2021 14:11
@dmuhs
Add basic projects support
e2162f8
@dmuhs
Bump pythx version
dfb5a41
@dmuhs
Add fuzz subcommand scaffold
4138a25
@dmuhs
Add arm subcommand scaffold
a79d728
@dmuhs
Add arm and disarm commands
ca879cf
@dmuhs
Fix minor formatting issues
3cf6431
@dmuhs
Update install make command
f328a70
@dmuhs
Add notes on fuzz FaaS commands
46f2705
@joaosantos15
sync
7946f2b
@joaosantos15
creates brownie class
8b4adcd
@blitz-1306
Add support for --instrumentation-metadata-file for a Scribble invoca…
dcfdbaa 
…tion during mythx fuzz arm
@joaosantos15
feat: adds support for directories as targets and config file paramet…
f3cc7f1 
…ers for fuzz
@joaosantos15
Merge pull request #246 from dmuhs/feat/fuzz-scribble-meta
65fc5bb 
Add support for Scribble instrumentation metadata for a Fuzz feature
@joaosantos15
feat: adds support for directories as targets on fuzz arm and disarm …
da61537 
…commands
@joaosantos15
refactor rpc logic into separate class
d7dcd18 
feat: add rpc_url and faas_url as config file options

feat: create and start campaign with fuzz run command

feat: print url with faas frontend report link
@joaosantos15
fix: issue with __scrible_* file
f1c4c5d
@joaosantos15
feat: add error messages for bad configs
8d5edef 
refactor faas api interaction
@joaosantos15
Adds comments and custom Exceptions
1de182d
@JoranHonig
initial rewrite
9a91487
@JoranHonig
rewrite generics
ed86d9f
@JoranHonig
restructure generics
849a6ff
@JoranHonig
traverse nested directories
aa4c553
@joaosantos15
Merge pull request #248 from JoranHonig/feat/fuzz
2a4d1e7 
Fuzzing ide generics
@joaosantos15
Add error messages, improve error handling
5e06772 
Adds tests to fuzz run
@joaosantos15 joaosantos15 requested a review from dmuhs March 30, 2021 18:50
blitz-1306
blitz-1306 reviewed Apr 5, 2021
View reviewed changes
Copy link

@blitz-1306 blitz-1306 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good work. A few suggestions and questions.

mythx_cli/analyze/command.py Outdated Show resolved Hide resolved
mythx_cli/analyze/truffle.py Outdated Show resolved Hide resolved
mythx_cli/cli.py Outdated Show resolved Hide resolved
mythx_cli/fuzz/faas.py Outdated Show resolved Hide resolved
mythx_cli/fuzz/rpc.py Outdated Show resolved Hide resolved
mythx_cli/fuzz/disarm.py
:param remap_import: List of import remappings to pass on to solc
:param solc_version: The solc version to use for Solidity compilation
"""
analyze_config = ctx.get("analyze")
Copy link

@blitz-1306 blitz-1306 Apr 5, 2021
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Was wondering why do we stick to ctx.get("analyze") and analyze_config while we should be in fuzz context. Is there a real reason?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, some properties are defined under the "analyze" key. I don't think we should duplicate them under the fuzz key. So I would just keep it like that. I'll just change the "targets" to be fetched from the "fuzz" key, since the user might want different targets for mythx scans and fuzzing.

mythx_cli/fuzz/arm.py Show resolved Hide resolved
mythx_cli/util.py
@offset.setter
def offset(self, value: int) -> None:
value = int(value)
if value <= 0:
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question: do we really restrict assigning 0 for offset?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dmuhs made this so we'll have to wait for the reply

mythx_cli/util.py
@length.setter
def length(self, value: int) -> None:
value = int(value)
if value <= 0:
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question: do we really restrict assigning 0 for length?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dmuhs made this so we'll have to wait for the reply

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See https://github.com/ConsenSys/mythx-postprocessor/pull/132 and then even more https://github.com/ConsenSys/mythx-postprocessor/pull/134.

tests/common.py Outdated Show resolved Hide resolved
blitz-1306 and others added 28 commits April 7, 2021 10:41
@blitz-1306
Fix affected tests
0788e6a
@joaosantos15
Merge pull request #250 from dmuhs/feat/fuzz-tweaks
bfff154 
Tweak feat/fuzz to follow changes
@joaosantos15
qa: code tidy ups
889c51f
@joaosantos15
Merge branch 'master' into feat/fuzz
520c7c6
@Nurchik
Hardhat integration
037091d
@Nurchik
Fixed hardhat unit tests
d6d5e47
@Nurchik
Fix sourcePaths data format
d0c7e97
@Nurchik
Add corpus target parameter to fuzzing
9182bca
@Nurchik
Fix errors output
83f30fd
@joaosantos15
Merge pull request #252 from dmuhs/feat/fuzz-hardhat
85eeedd 
Hardhat integration
@joaosantos15
feat: add map_to_original_source flag
dbb2959
@Nurchik
Truffle IDE support for fuzz
6c4832e
@Nurchik
Fix submission logic
2f90ec1
@joaosantos15
fix: feature broken in brownie
9973ce7 
feat: feature support for hardhat
@joaosantos15
cleanup
8c90c06
@joaosantos15
test: adds brownie tests fr map to original source
bb75d5f
@Nurchik
Fix an issue with relative paths in a target for truffle projects
83aaa45
@Nurchik
Refactor IDE code
51e4bab
@joaosantos15
Merge pull request #256 from dmuhs/feat/fuzz-map-original-source
ac6b963 
Feat/fuzz map original source
@Nurchik
Remove gql requirement
268e755
@joaosantos15
feat: adds --dry-run flag
bb11a55
@joaosantos15
Merge pull request #258 from dmuhs/feat/add-dry-run
80c3bed 
feat: adds --dry-run flag
@joaosantos15
feat: add api_key as config file parameter
f512d49
@joaosantos15
Merge pull request #259 from dmuhs/feat/faas-auth
a745721 
feat: add api_key as config file parameter
@joaosantos15
update default faas url
428827b
@joaosantos15
Merge pull request #260 from dmuhs/feat/faas-auth
19d2d86 
update default faas url
@Nurchik
Merge branch 'feat/fuzz' into feat/fuzz-truffle
6b4e466
@Nurchik
Merge pull request #261 from dmuhs/feat/fuzz-truffle
81ef764 
Feat/fuzz truffle
@joaosantos15
Copy link
Collaborator Author

Moved here: https://github.com/ConsenSys/dili-faas-cli/pull/1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blitz-1306 blitz-1306 blitz-1306 left review comments

@dmuhs dmuhs Awaiting requested review from dmuhs

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@joaosantos15 @blitz-1306 @dmuhs @JoranHonig @Nurchik