From 6137b2ce6fd96f048219a35e8fe520ff7fc150eb Mon Sep 17 00:00:00 2001 From: n3op2 Date: Tue, 13 Sep 2022 07:05:34 +0100 Subject: [PATCH 1/5] DSBD-BUGFIX: a quick fix for including error message for UI. --- src/controllers/scenario/__tests__/index.test.ts | 2 +- src/controllers/scenario/index.ts | 8 ++++---- src/types/models/scenario.ts | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/controllers/scenario/__tests__/index.test.ts b/src/controllers/scenario/__tests__/index.test.ts index eab15a7..32dae8c 100644 --- a/src/controllers/scenario/__tests__/index.test.ts +++ b/src/controllers/scenario/__tests__/index.test.ts @@ -90,7 +90,7 @@ EOF` expect(res).to.deep.equal({ status: 'error', output: 'stdout - some error output', - exception: { message: 'error' }, + exception: { message: 'error' } }) }) }) diff --git a/src/controllers/scenario/index.ts b/src/controllers/scenario/index.ts index 82d8fce..b81921d 100644 --- a/src/controllers/scenario/index.ts +++ b/src/controllers/scenario/index.ts @@ -42,14 +42,14 @@ ${eof}` this.log.debug({ msg: `executing ${bin} on ${this.address} host`, scp, ssh }) return new Promise((resolve) => { - exec(`${scp}; ${ssh}`, (err, stdout) => { + exec(`${scp}; ${ssh}`, (stderr, stdout, err) => { exec(rm) // fire and forget, remove binary file return resolve( - err + stderr ? { status: 'error', - output: stdout, - exception: err, + output: err || stdout, + exception: stderr, } : { status: 'success', diff --git a/src/types/models/scenario.ts b/src/types/models/scenario.ts index 0c26159..2c7dc15 100644 --- a/src/types/models/scenario.ts +++ b/src/types/models/scenario.ts @@ -20,8 +20,8 @@ export type HostResponseSuccess = { export type HostResponseError = { status: 'error' - output: string - exception: ExecException + output: string + exception: ExecException | string } export type HostResponse = HostResponseSuccess | HostResponseError From db9fff94b0f5b46690293ed191d72fcb9c9174ba Mon Sep 17 00:00:00 2001 From: n3op2 Date: Tue, 13 Sep 2022 09:13:08 +0100 Subject: [PATCH 2/5] DSBD-BUGFIX: clean up. --- package-lock.json | 4 ++-- package.json | 2 +- src/controllers/scenario/__tests__/index.test.ts | 2 +- src/types/models/scenario.ts | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index a105a2c..2775aa5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@digicatapult/morello-api", - "version": "0.6.6", + "version": "0.6.7", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "@digicatapult/morello-api", - "version": "0.6.6", + "version": "0.6.7", "license": "Apache-2.0", "dependencies": { "body-parser": "^1.20.0", diff --git a/package.json b/package.json index ca8d74e..2f36d1e 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@digicatapult/morello-api", - "version": "0.6.6", + "version": "0.6.7", "description": "An interface for executing binaries on it's self and morello host.", "main": "src/index.ts", "scripts": { diff --git a/src/controllers/scenario/__tests__/index.test.ts b/src/controllers/scenario/__tests__/index.test.ts index 32dae8c..eab15a7 100644 --- a/src/controllers/scenario/__tests__/index.test.ts +++ b/src/controllers/scenario/__tests__/index.test.ts @@ -90,7 +90,7 @@ EOF` expect(res).to.deep.equal({ status: 'error', output: 'stdout - some error output', - exception: { message: 'error' } + exception: { message: 'error' }, }) }) }) diff --git a/src/types/models/scenario.ts b/src/types/models/scenario.ts index 2c7dc15..0c26159 100644 --- a/src/types/models/scenario.ts +++ b/src/types/models/scenario.ts @@ -20,8 +20,8 @@ export type HostResponseSuccess = { export type HostResponseError = { status: 'error' - output: string - exception: ExecException | string + output: string + exception: ExecException } export type HostResponse = HostResponseSuccess | HostResponseError From a95dfe5a3ae0608483c3eb31587d2254fcb61121 Mon Sep 17 00:00:00 2001 From: n3op2 Date: Tue, 13 Sep 2022 10:54:50 +0100 Subject: [PATCH 3/5] DSBD-BUGFIX: update integration tests to assert for exception and check for cheri exception message for dsbd feats. --- integration/out-of-bounds-read.test.ts | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/integration/out-of-bounds-read.test.ts b/integration/out-of-bounds-read.test.ts index c5786e2..929a766 100644 --- a/integration/out-of-bounds-read.test.ts +++ b/integration/out-of-bounds-read.test.ts @@ -23,6 +23,18 @@ describe('Tests aarch64 version', () => { expect(response.body.status).to.contain('success') }) + test('Handles Exception - aarch64', async () => { + const response = await getOutOfBoundsReadAarch64(app, 'pass', 'abc', -28) + + expect(response.status).to.equal(200) + expect(response.body.output).to.contain('Storing Secret...\nEnd index must be after start index') + expect(response.body.exception).to.deep.contain({ + killed: false, + code: 1, + signal: null, + }) + }) + test('Bad Parameters - aarch64', async () => { const response = await getOutOfBoundsReadAarch64(app, 'badpass', NaN, 'ttttttt') @@ -50,6 +62,19 @@ describe('Tests Cheri version', () => { expect(response.status).to.equal(200) expect(response.body.status).to.contain('error') + expect(response.body.output).to.contain('In-address space security exception (core dumped)') + }) + + test('Handles Exception - cheri', async () => { + const response = await getOutOfBoundsReadCheri(app, 'pass', 'abc', -28) + + expect(response.status).to.equal(200) + expect(response.body.output).to.contain('Storing Secret...\nEnd index must be after start index') + expect(response.body.exception).to.deep.contain({ + killed: false, + code: 1, + signal: null, + }) }) test('Bad Parameters - cheri', async () => { From 62fd7823117caeb0d5eb55aa2f2a4ea83bb2206a Mon Sep 17 00:00:00 2001 From: n3op2 Date: Tue, 13 Sep 2022 10:59:48 +0100 Subject: [PATCH 4/5] DSBD-BUGFIX: assert for more! --- integration/out-of-bounds-read.test.ts | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/integration/out-of-bounds-read.test.ts b/integration/out-of-bounds-read.test.ts index 929a766..9f33852 100644 --- a/integration/out-of-bounds-read.test.ts +++ b/integration/out-of-bounds-read.test.ts @@ -62,6 +62,10 @@ describe('Tests Cheri version', () => { expect(response.status).to.equal(200) expect(response.body.status).to.contain('error') + expect(response.body).to.have.property('exception').that.deep.contain({ + killed: false, + code: 162, + }) expect(response.body.output).to.contain('In-address space security exception (core dumped)') }) From 7461f291ab58e2ee305c2b6b3b3c0e6f97821231 Mon Sep 17 00:00:00 2001 From: n3op2 Date: Tue, 13 Sep 2022 11:05:46 +0100 Subject: [PATCH 5/5] DSBD-BUGFIX: assertatioon updadte. --- integration/out-of-bounds-read.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/integration/out-of-bounds-read.test.ts b/integration/out-of-bounds-read.test.ts index 9f33852..0b7037c 100644 --- a/integration/out-of-bounds-read.test.ts +++ b/integration/out-of-bounds-read.test.ts @@ -66,7 +66,7 @@ describe('Tests Cheri version', () => { killed: false, code: 162, }) - expect(response.body.output).to.contain('In-address space security exception (core dumped)') + expect(response.body.output).to.contain('In-address space security exception') }) test('Handles Exception - cheri', async () => {