From f9f26b9b04a5b665482f9458dcc02fe839f8055d Mon Sep 17 00:00:00 2001 From: Teo Voinea <58236992+tevoinea@users.noreply.github.com> Date: Thu, 5 Oct 2023 14:23:12 -0400 Subject: [PATCH] Fix default windows interceptor list (#3549) * Fix allowlist extend * Fix broken tests * Rename function to convey behavior * fmt * docs --- src/agent/coverage/src/allowlist.rs | 7 ++++--- src/agent/coverage/src/allowlist/tests.rs | 18 +++++++++--------- .../onefuzz-task/src/tasks/coverage/generic.rs | 4 +++- 3 files changed, 16 insertions(+), 13 deletions(-) diff --git a/src/agent/coverage/src/allowlist.rs b/src/agent/coverage/src/allowlist.rs index 2c67130375..11996f3b68 100644 --- a/src/agent/coverage/src/allowlist.rs +++ b/src/agent/coverage/src/allowlist.rs @@ -74,12 +74,13 @@ impl AllowList { self.allow.is_match(path) && !self.deny.is_match(path) } - /// Build a new `Allowlist` that adds the allow and deny rules of `other` to `self`. - pub fn extend(&self, other: &Self) -> Self { + /// Modifies the AllowList by adding the allow and deny rules of `other` to `self`. + pub fn extend_in_place(&mut self, other: &Self) { let allow = add_regexsets(&self.allow, &other.allow); let deny = add_regexsets(&self.deny, &other.deny); - AllowList::new(allow, deny) + self.allow = allow; + self.deny = deny; } } diff --git a/src/agent/coverage/src/allowlist/tests.rs b/src/agent/coverage/src/allowlist/tests.rs index 8d22d93962..236a4518fe 100644 --- a/src/agent/coverage/src/allowlist/tests.rs +++ b/src/agent/coverage/src/allowlist/tests.rs @@ -121,7 +121,7 @@ fn test_allow_glob_extension() -> Result<()> { fn test_allowlist_extend() -> Result<()> { let baseline_text = "! bad/* other/*"; - let baseline = AllowList::parse(baseline_text)?; + let mut baseline = AllowList::parse(baseline_text)?; assert!(!baseline.is_allowed("bad/a")); assert!(!baseline.is_allowed("bad/b")); @@ -144,20 +144,20 @@ bad/* assert!(!provided.is_allowed("other/a")); assert!(!provided.is_allowed("other/b")); - let extended = baseline.extend(&provided); + baseline.extend_in_place(&provided); // Deny rules from `baseline` should not be overridden by `provided`, but // allow rules should be. // // A provided allowlist can deny patterns that are baseline-allowed, but // cannot allow patterns that are baseline-denied. - assert!(!extended.is_allowed("bad/a")); - assert!(!extended.is_allowed("bad/b")); - assert!(extended.is_allowed("good/a")); - assert!(extended.is_allowed("good/b")); - assert!(extended.is_allowed("good/bad/c")); - assert!(!extended.is_allowed("other/a")); - assert!(!extended.is_allowed("other/b")); + assert!(!baseline.is_allowed("bad/a")); + assert!(!baseline.is_allowed("bad/b")); + assert!(baseline.is_allowed("good/a")); + assert!(baseline.is_allowed("good/b")); + assert!(baseline.is_allowed("good/bad/c")); + assert!(!baseline.is_allowed("other/a")); + assert!(!baseline.is_allowed("other/b")); Ok(()) } diff --git a/src/agent/onefuzz-task/src/tasks/coverage/generic.rs b/src/agent/onefuzz-task/src/tasks/coverage/generic.rs index 53a45e9948..704188293b 100644 --- a/src/agent/onefuzz-task/src/tasks/coverage/generic.rs +++ b/src/agent/onefuzz-task/src/tasks/coverage/generic.rs @@ -199,7 +199,9 @@ impl CoverageTask { // process startup functions. Setting software breakpoints in these functions breaks // interceptor init, and causes test case execution to diverge. let interceptor_denylist = AllowList::parse(WINDOWS_INTERCEPTOR_DENYLIST)?; - allowlist.source_files.extend(&interceptor_denylist); + allowlist + .source_files + .extend_in_place(&interceptor_denylist); } Ok(allowlist)